Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/chL4Bms1-cgSyD_2HCJM-hZPWck.roa
File: chL4Bms1-cgSyD_2HCJM-hZPWck.roa (raw, json)
Hash identifier: OEcwxLfQg3Zv8clX6j5Zc8OzvNdyzda/2TZzchSn+NY=
Subject key identifier: 72:12:F8:06:6B:35:F9:C8:12:C8:3F:F6:1C:22:4C:FA:16:4F:59:C9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FB5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/chL4Bms1-cgSyD_2HCJM-hZPWck.roa
Signing time: Sat 04 May 2024 20:53:59 +0000
ROA not before: Sat 04 May 2024 20:53:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20405 (0x4fb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 20:53:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7212F8066B35F9C812C83FF61C224CFA164F59C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c1:59:96:0b:94:dc:68:f6:2f:47:93:ed:fb:
55:c6:92:f7:b2:ae:ab:91:7d:00:2a:43:b7:65:1f:
cc:70:d8:a6:47:96:f1:e2:a7:5d:23:9c:5e:b0:a5:
ed:9f:f2:db:6a:cb:d3:00:33:31:b5:4b:a5:ed:f1:
5e:58:09:60:96:4e:f8:3d:43:03:27:a5:dd:e6:23:
9e:70:92:91:d0:3e:69:dd:25:9c:d6:0d:1a:55:5f:
45:ad:63:f6:c4:ae:4d:1b:1c:8c:8e:4b:36:75:78:
d7:dd:c0:42:4b:a9:aa:47:82:27:9c:13:90:a1:8d:
6e:42:33:f1:c6:67:95:98:3a:67:4b:27:6a:fd:45:
5e:b1:f7:7b:7f:cc:0d:6c:ba:f5:ac:b5:f7:cd:60:
b4:92:37:4f:f8:94:0e:96:b8:13:77:d6:dd:04:3c:
c0:34:9a:ca:d0:fe:36:b8:f9:fe:a9:dd:17:fe:10:
cc:c5:5f:a5:52:e6:a7:fe:75:4b:6c:94:b4:74:7e:
99:27:b0:df:77:48:2f:49:bd:07:2b:22:75:e0:1d:
c9:d1:94:c4:36:6f:0a:3d:c5:cd:83:fd:62:65:9d:
57:72:41:58:a8:16:f6:44:f8:18:5a:f7:73:b2:b1:
8d:85:f2:6f:ca:c4:7e:c2:d0:47:e8:d8:e2:91:79:
ee:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:12:F8:06:6B:35:F9:C8:12:C8:3F:F6:1C:22:4C:FA:16:4F:59:C9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/chL4Bms1-cgSyD_2HCJM-hZPWck.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b3:11:78:41:ef:a5:9d:5e:1b:25:30:0d:80:7c:cf:41:c9:f7:
95:99:0f:92:3a:e8:d6:02:ae:53:25:90:7b:21:8a:7c:47:16:
f7:59:74:12:da:e4:75:3c:66:82:19:af:2d:ee:2a:8e:55:30:
31:2f:66:b9:0c:70:b3:21:8a:a4:3f:07:11:55:bf:49:57:86:
09:53:dc:bc:98:41:1a:46:25:e1:f9:99:3c:da:54:08:25:7e:
92:b7:41:d7:44:f3:f6:a0:ef:95:3d:4b:d4:ae:c4:b3:9a:2e:
21:11:22:1f:61:74:4f:65:41:b6:f2:8f:0a:a6:e7:48:bf:eb:
7f:45:c7:6c:8b:63:31:6f:65:ef:c8:76:1f:a1:0f:fd:db:1f:
09:e4:70:85:8a:1f:92:d5:d5:b5:a1:46:39:8a:11:d0:ed:f7:
50:55:83:20:0c:d6:59:3b:34:45:4c:8d:29:05:3a:5c:50:6f:
66:eb:1c:45:f4:ed:5b:b3:d9:d5:04:8f:3c:6c:3f:4f:e0:85:
1f:d5:9d:32:ad:df:5e:e5:3d:fd:21:2f:b8:77:80:07:61:06:
d9:20:e8:f5:a8:8c:05:10:26:72:60:77:fd:82:ea:9b:71:74:
a6:b8:dd:14:4b:f6:84:2b:18:f5:ac:df:ef:eb:c6:72:8c:d8:
5c:6c:59:14
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICT7UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQy
MDUzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcyMTJGODA2NkIzNUY5
QzgxMkM4M0ZGNjFDMjI0Q0ZBMTY0RjU5QzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDewVmWC5TcaPYvR5Pt+1XGkveyrquRfQAqQ7dlH8xw2KZHlvHi
p10jnF6wpe2f8ttqy9MAMzG1S6Xt8V5YCWCWTvg9QwMnpd3mI55wkpHQPmndJZzW
DRpVX0WtY/bErk0bHIyOSzZ1eNfdwEJLqapHgiecE5ChjW5CM/HGZ5WYOmdLJ2r9
RV6x93t/zA1suvWstffNYLSSN0/4lA6WuBN31t0EPMA0msrQ/ja4+f6p3Rf+EMzF
X6VS5qf+dUtslLR0fpknsN93SC9JvQcrInXgHcnRlMQ2bwo9xc2D/WJlnVdyQVio
FvZE+Bha93OysY2F8m/KxH7C0Efo2OKRee6tAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUchL4Bms1+cgSyD/2HCJM+hZPWckwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NoTDRCbXMxLWNnU3lE
XzJIQ0pNLWhaUFdjay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALMReEHvpZ1eGyUw
DYB8z0HJ95WZD5I66NYCrlMlkHshinxHFvdZdBLa5HU8ZoIZry3uKo5VMDEvZrkM
cLMhiqQ/BxFVv0lXhglT3LyYQRpGJeH5mTzaVAglfpK3QddE8/ag75U9S9SuxLOa
LiERIh9hdE9lQbbyjwqm50i/639Fx2yLYzFvZe/Idh+hD/3bHwnkcIWKH5LV1bWh
RjmKEdDt91BVgyAM1lk7NEVMjSkFOlxQb2brHEX07Vuz2dUEjzxsP0/ghR/VnTKt
317lPf0hL7h3gAdhBtkg6PWojAUQJnJgd/2C6ptxdKa43RRL9oQrGPWs3+/rxnKM
2FxsWRQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:36 2024 by rpki-client on console-fra.rpki-client.org