Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bdLCnRN7Km-9ZOewUPYtD5tkgUc.roa
File: bdLCnRN7Km-9ZOewUPYtD5tkgUc.roa (raw, json)
Hash identifier: 4+lAV5noSt07BYaDxCI/gZPGPx4ATgMFPGrrBiMpJ/U=
Subject key identifier: 6D:D2:C2:9D:13:7B:2A:6F:BD:64:E7:B0:50:F6:2D:0F:9B:64:81:47
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3615
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bdLCnRN7Km-9ZOewUPYtD5tkgUc.roa
Signing time: Sun 31 Mar 2024 16:52:35 +0000
ROA not before: Sun 31 Mar 2024 16:52:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13845 (0x3615)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 16:52:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6DD2C29D137B2A6FBD64E7B050F62D0F9B648147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:e9:95:a8:ba:bc:fa:fc:d0:62:5f:9f:c1:71:
37:71:cb:29:79:e3:3a:cb:08:c9:64:61:4e:42:5f:
01:a0:24:d5:96:f3:b7:2f:36:aa:53:cf:17:b4:5a:
e3:05:72:83:2b:ca:b9:a2:d0:e1:90:f1:3e:7e:74:
3f:ce:44:e7:86:c4:56:17:6e:d2:dc:6d:d8:47:35:
1e:40:89:3d:cc:2b:59:f0:31:2f:1a:8e:9c:ac:40:
4e:ed:19:09:7c:45:49:04:13:42:ba:bb:f8:3b:38:
5e:c2:ec:7b:1a:7c:39:e8:4d:ec:92:fe:52:30:0b:
66:83:be:da:81:15:be:0a:b0:9d:12:b5:be:57:24:
e0:15:ce:6a:1e:79:c1:db:14:ed:63:ec:f6:b3:d7:
ee:5b:e1:19:d2:03:73:65:5e:2c:63:42:b8:9e:ad:
d4:d2:db:38:67:43:e5:47:80:1f:a3:75:55:61:5f:
3a:19:36:6a:54:0b:c2:8a:6a:00:1e:ed:b5:d1:07:
08:91:aa:d0:8f:99:19:ea:0b:f4:3e:cb:56:7a:31:
b6:8f:1e:96:ec:ea:8b:70:19:6f:4c:ed:53:27:d4:
8b:66:e5:65:b8:6a:59:e9:80:c5:aa:72:0a:46:de:
40:98:8b:a6:66:ec:f7:63:10:09:de:89:32:ce:92:
23:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D2:C2:9D:13:7B:2A:6F:BD:64:E7:B0:50:F6:2D:0F:9B:64:81:47
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bdLCnRN7Km-9ZOewUPYtD5tkgUc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
78:0c:ca:22:dd:53:78:aa:cb:c6:8d:f6:2f:03:9a:d3:df:8f:
cb:93:e0:f3:75:2c:c0:1f:ab:26:cb:17:a5:3e:b4:bb:e4:30:
ec:73:bb:8f:a4:44:25:76:5d:3d:f9:1c:e6:68:01:0b:d3:e8:
61:13:4e:29:72:ca:17:c5:95:18:c8:44:07:75:4e:4b:3e:fd:
df:6a:f0:9d:49:bc:7b:bb:ef:f5:ac:9b:e7:61:0b:ea:c8:c7:
06:49:88:d2:90:25:2c:68:bc:d1:09:91:16:fa:94:b0:0a:23:
f7:81:7c:e3:39:d0:a3:23:97:b1:9a:15:86:62:cf:c6:8e:3e:
10:f0:0b:1f:26:2b:7c:7d:11:d1:ee:35:eb:ca:f3:b3:3b:09:
c4:84:4a:2b:bc:b4:f1:3c:8b:74:82:95:44:8c:4c:ca:7b:c6:
e3:45:be:61:dd:5e:4d:b9:6a:67:57:9c:44:16:fb:58:1c:fe:
5c:51:5f:e4:0a:e1:a5:86:70:0b:fe:8b:7e:8a:82:5b:21:07:
61:3e:78:79:7c:5b:6c:a2:ba:6d:04:a6:f4:03:b5:e9:ae:18:
a8:4c:77:80:61:f0:74:88:2d:4d:c6:a3:58:36:7b:46:c1:df:
4d:64:83:a5:7b:be:93:a6:83:fe:a3:95:06:26:32:24:4e:f4:
96:6d:4d:48
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNhUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
NjUyMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZERDJDMjlEMTM3QjJB
NkZCRDY0RTdCMDUwRjYyRDBGOUI2NDgxNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDv6ZWourz6/NBiX5/BcTdxyyl54zrLCMlkYU5CXwGgJNWW87cv
NqpTzxe0WuMFcoMryrmi0OGQ8T5+dD/OROeGxFYXbtLcbdhHNR5AiT3MK1nwMS8a
jpysQE7tGQl8RUkEE0K6u/g7OF7C7HsafDnoTeyS/lIwC2aDvtqBFb4KsJ0Stb5X
JOAVzmoeecHbFO1j7Paz1+5b4RnSA3NlXixjQrierdTS2zhnQ+VHgB+jdVVhXzoZ
NmpUC8KKagAe7bXRBwiRqtCPmRnqC/Q+y1Z6MbaPHpbs6otwGW9M7VMn1Itm5WW4
alnpgMWqcgpG3kCYi6Zm7PdjEAneiTLOkiNDAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUbdLCnRN7Km+9ZOewUPYtD5tkgUcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JkTENuUk43S20tOVpP
ZXdVUFl0RDV0a2dVYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHgMyiLdU3iqy8aN
9i8DmtPfj8uT4PN1LMAfqybLF6U+tLvkMOxzu4+kRCV2XT35HOZoAQvT6GETTily
yhfFlRjIRAd1Tks+/d9q8J1JvHu77/Wsm+dhC+rIxwZJiNKQJSxovNEJkRb6lLAK
I/eBfOM50KMjl7GaFYZiz8aOPhDwCx8mK3x9EdHuNevK87M7CcSESiu8tPE8i3SC
lUSMTMp7xuNFvmHdXk25amdXnEQW+1gc/lxRX+QK4aWGcAv+i36KglshB2E+eHl8
W2yium0EpvQDtemuGKhMd4Bh8HSILU3Go1g2e0bB301kg6V7vpOmg/6jlQYmMiRO
9JZtTUg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:35 2024 by rpki-client on console-fra.rpki-client.org