Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bbHDm-7mjfq8dcksCSMAw2U6dIE.roa
File: bbHDm-7mjfq8dcksCSMAw2U6dIE.roa (raw, json)
Hash identifier: hAr4DqLD6Ah0GFC6cw70wo/d6gvTrdz1FtSCa68JECo=
Subject key identifier: 6D:B1:C3:9B:EE:E6:8D:FA:BC:75:C9:2C:09:23:00:C3:65:3A:74:81
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36A9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bbHDm-7mjfq8dcksCSMAw2U6dIE.roa
Signing time: Mon 01 Apr 2024 11:22:12 +0000
ROA not before: Mon 01 Apr 2024 11:22:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13993 (0x36a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 11:22:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6DB1C39BEEE68DFABC75C92C092300C3653A7481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4e:60:11:a5:a0:d3:d6:53:c1:51:e8:a4:2d:
bc:5b:bf:63:eb:6d:d1:40:ec:aa:18:07:7b:da:f5:
12:0f:f3:06:a8:7a:c9:45:5f:ee:2f:3e:bc:82:26:
ed:dc:73:ef:f7:37:46:06:c6:0d:ec:64:b3:1c:17:
6a:e2:ca:15:4e:5a:1f:bf:c8:d1:87:af:0c:74:63:
1b:cc:bb:c3:39:e6:a9:d4:d0:84:ff:7a:11:72:f6:
cf:a7:c6:55:2f:ce:09:e6:ba:79:c8:f6:ce:28:f5:
56:6c:6b:2f:be:99:e4:29:1f:7c:aa:b8:bd:3c:47:
f6:b8:59:97:74:27:74:46:b7:a2:ce:b4:f8:f6:9d:
55:9c:7e:06:1f:3f:4c:1a:f7:b9:4d:e8:03:f7:52:
27:9f:6b:61:52:7c:b3:42:46:c1:80:31:5e:a9:32:
f1:12:1d:e0:8b:56:84:f9:7a:09:41:57:42:37:6f:
07:cc:d6:bf:fe:02:a6:c3:3d:5e:0a:25:fe:4c:41:
c9:9a:7a:33:47:fc:01:15:50:63:97:5f:72:8e:d8:
65:03:cf:db:3d:3e:2e:f7:db:78:db:ba:a3:08:24:
2a:3f:41:ad:6b:92:17:a4:39:04:64:89:c9:2d:54:
dd:5f:0c:e9:a2:25:6d:49:1d:93:9d:09:b4:f0:a5:
85:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B1:C3:9B:EE:E6:8D:FA:BC:75:C9:2C:09:23:00:C3:65:3A:74:81
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bbHDm-7mjfq8dcksCSMAw2U6dIE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7e:07:b1:a9:0d:bf:b9:24:4a:cc:c3:37:7a:5b:75:3a:3a:f8:
ff:98:17:1c:33:84:8e:61:9f:cb:ed:53:47:c2:2b:3a:5c:f8:
4e:f5:5f:b2:ea:3d:8f:85:36:62:77:de:62:07:de:c0:13:c1:
db:99:b3:00:6e:e1:f2:22:ba:46:f6:ef:dd:6e:20:de:63:55:
81:02:68:d8:fd:b4:07:05:45:8c:bd:b6:41:dd:f4:e6:32:87:
6a:da:b5:33:d1:55:6c:e7:7a:28:01:fe:e7:97:77:19:7b:a6:
6c:2d:d6:26:f6:11:55:f7:56:85:5d:76:46:50:f2:65:44:7f:
91:fc:a7:84:f5:27:9c:34:ee:2d:b1:1d:90:77:3e:95:ba:1b:
19:6e:cc:cc:f7:64:d2:fa:61:8b:40:c9:5d:99:74:82:df:92:
71:00:5d:d5:0e:5b:74:c6:59:96:fb:c4:1d:37:97:d4:ea:1d:
d6:c4:59:87:77:db:e1:b2:6f:e5:05:75:2f:e1:e0:a1:94:f3:
01:6d:68:b9:e7:a2:1f:58:56:d5:e0:b3:06:2c:89:37:e5:95:
6d:56:47:40:dc:40:7e:6e:ac:fd:c6:2b:d7:06:43:d5:41:71:
71:54:be:9b:fc:ae:64:41:95:fc:29:e6:ea:23:79:a6:43:53:
03:c2:92:93
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNqkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEx
MTIyMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZEQjFDMzlCRUVFNjhE
RkFCQzc1QzkyQzA5MjMwMEMzNjUzQTc0ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvTmARpaDT1lPBUeikLbxbv2PrbdFA7KoYB3va9RIP8waoeslF
X+4vPryCJu3cc+/3N0YGxg3sZLMcF2riyhVOWh+/yNGHrwx0YxvMu8M55qnU0IT/
ehFy9s+nxlUvzgnmunnI9s4o9VZsay++meQpH3yquL08R/a4WZd0J3RGt6LOtPj2
nVWcfgYfP0wa97lN6AP3Uiefa2FSfLNCRsGAMV6pMvESHeCLVoT5eglBV0I3bwfM
1r/+AqbDPV4KJf5MQcmaejNH/AEVUGOXX3KO2GUDz9s9Pi7323jbuqMIJCo/Qa1r
khekOQRkicktVN1fDOmiJW1JHZOdCbTwpYWRAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUbbHDm+7mjfq8dcksCSMAw2U6dIEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JiSERtLTdtamZxOGRj
a3NDU01BdzJVNmRJRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAH4HsakNv7kkSszD
N3pbdTo6+P+YFxwzhI5hn8vtU0fCKzpc+E71X7LqPY+FNmJ33mIH3sATwduZswBu
4fIiukb2791uIN5jVYECaNj9tAcFRYy9tkHd9OYyh2ratTPRVWzneigB/ueXdxl7
pmwt1ib2EVX3VoVddkZQ8mVEf5H8p4T1J5w07i2xHZB3PpW6GxluzMz3ZNL6YYtA
yV2ZdILfknEAXdUOW3TGWZb7xB03l9TqHdbEWYd32+Gyb+UFdS/h4KGU8wFtaLnn
oh9YVtXgswYsiTfllW1WR0DcQH5urP3GK9cGQ9VBcXFUvpv8rmRBlfwp5uojeaZD
UwPCkpM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:35 2024 by rpki-client on console-fra.rpki-client.org