Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/cjaHzeTCnkmM3tcn1hzfuwdpTVY.roa
File: cjaHzeTCnkmM3tcn1hzfuwdpTVY.roa (raw, json)
Hash identifier: Er3B7xNzcPWOVH73roDq+pAP3KO6uJtAEjkR1rghC5Y=
Subject key identifier: 72:36:87:CD:E4:C2:9E:49:8C:DE:D7:27:D6:1C:DF:BB:07:69:4D:56
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FA9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cjaHzeTCnkmM3tcn1hzfuwdpTVY.roa
Signing time: Sat 13 Apr 2024 11:22:49 +0000
ROA not before: Sat 13 Apr 2024 11:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16297 (0x3fa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 11:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=723687CDE4C29E498CDED727D61CDFBB07694D56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1e:89:32:58:f3:45:d4:bb:ff:04:b2:0f:70:
99:5c:1b:55:bd:50:91:06:b4:24:5c:89:de:4c:ac:
0d:ac:0b:2a:d5:85:4f:23:02:26:7e:69:e3:88:ad:
6e:71:f3:73:e4:8c:07:75:07:1f:c1:e3:bf:09:60:
bd:4c:fc:52:e2:8b:e1:b9:fa:44:37:e3:b5:14:7e:
d2:7d:08:d7:72:34:f5:b4:fa:e0:83:51:07:ca:af:
7c:88:7b:b3:82:6a:0f:4b:71:23:d8:4e:c8:b5:ab:
78:0c:11:c1:5b:97:da:9f:7a:c9:eb:43:aa:c0:cd:
69:b2:6c:02:03:af:f8:26:30:c4:a3:45:ea:cc:2b:
47:86:5c:f9:d2:43:48:ed:02:80:8c:cd:b1:07:fc:
c4:a2:1b:d7:54:b7:7f:59:4a:41:01:76:0b:2c:6c:
4e:65:14:9d:f4:22:63:00:65:68:18:13:8b:fa:28:
db:ee:2b:59:5f:a3:0d:d1:29:df:8f:b5:b6:d7:ad:
6a:23:d7:da:2e:54:76:7c:18:f2:aa:26:a4:84:01:
79:2d:0b:32:7c:68:ba:6c:1c:34:b7:ac:fa:7f:23:
53:65:07:2d:b0:79:b5:43:c1:ab:52:39:95:4e:c6:
b7:82:3b:3f:45:df:ff:7f:97:95:90:79:92:24:51:
2d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:36:87:CD:E4:C2:9E:49:8C:DE:D7:27:D6:1C:DF:BB:07:69:4D:56
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cjaHzeTCnkmM3tcn1hzfuwdpTVY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2b:10:ef:1a:e8:0f:11:65:62:90:36:db:95:c2:6b:0f:e3:5d:
14:90:dc:2b:60:e8:16:0b:81:8e:c1:cf:0e:59:b8:c2:2d:94:
23:ce:39:98:a0:7c:b6:43:e9:fa:3d:85:63:d6:b8:15:6f:d1:
ea:49:d9:56:90:85:5c:9c:f5:2a:6d:8e:03:ee:a5:0b:9e:e6:
e0:93:11:52:df:47:9a:97:b1:28:85:2a:97:af:1c:4b:51:7d:
98:ce:54:ee:a9:c3:30:13:f1:67:bd:30:eb:ea:ae:f1:20:24:
0c:d6:67:34:df:3d:1d:ea:e8:7e:05:56:67:d0:94:02:93:94:
04:4d:16:c1:d0:6a:65:4a:40:8c:97:7c:0b:cc:f7:15:dc:14:
7b:3a:9c:6e:86:06:7d:b6:3f:0f:26:e8:81:f2:ee:df:eb:23:
ec:18:9d:98:f3:bd:e8:2b:1b:d8:2a:f5:c0:6b:d4:ef:46:9e:
c4:3f:3b:16:86:bb:97:03:6d:2a:88:a5:57:0e:07:51:b6:e1:
de:09:56:7e:9b:d0:4f:b1:4f:66:b8:9d:78:fc:f9:41:4c:1c:
a8:9c:8a:d3:9b:32:45:87:cd:6b:5f:12:73:ba:7d:9f:db:1c:
ff:35:75:93:d3:e0:07:21:35:53:0d:95:ab:3b:0a:52:07:ee:
7b:fc:d4:47
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICP6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
MTIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcyMzY4N0NERTRDMjlF
NDk4Q0RFRDcyN0Q2MUNERkJCMDc2OTRENTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmHokyWPNF1Lv/BLIPcJlcG1W9UJEGtCRcid5MrA2sCyrVhU8j
AiZ+aeOIrW5x83PkjAd1Bx/B478JYL1M/FLii+G5+kQ347UUftJ9CNdyNPW0+uCD
UQfKr3yIe7OCag9LcSPYTsi1q3gMEcFbl9qfesnrQ6rAzWmybAIDr/gmMMSjRerM
K0eGXPnSQ0jtAoCMzbEH/MSiG9dUt39ZSkEBdgssbE5lFJ30ImMAZWgYE4v6KNvu
K1lfow3RKd+PtbbXrWoj19ouVHZ8GPKqJqSEAXktCzJ8aLpsHDS3rPp/I1NlBy2w
ebVDwatSOZVOxreCOz9F3/9/l5WQeZIkUS0JAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUcjaHzeTCnkmM3tcn1hzfuwdpTVYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NqYUh6ZVRDbmttTTN0
Y24xaHpmdXdkcFRWWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACsQ7xroDxFlYpA2
25XCaw/jXRSQ3Ctg6BYLgY7Bzw5ZuMItlCPOOZigfLZD6fo9hWPWuBVv0epJ2VaQ
hVyc9SptjgPupQue5uCTEVLfR5qXsSiFKpevHEtRfZjOVO6pwzAT8We9MOvqrvEg
JAzWZzTfPR3q6H4FVmfQlAKTlARNFsHQamVKQIyXfAvM9xXcFHs6nG6GBn22Pw8m
6IHy7t/rI+wYnZjzvegrG9gq9cBr1O9GnsQ/OxaGu5cDbSqIpVcOB1G24d4JVn6b
0E+xT2a4nXj8+UFMHKicitObMkWHzWtfEnO6fZ/bHP81dZPT4AchNVMNlas7ClIH
7nv81Ec=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:36 2024 by rpki-client on console-fra.rpki-client.org