Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/crabndgmIP1qFuZq0D9HZ0SUe_I.roa
File: crabndgmIP1qFuZq0D9HZ0SUe_I.roa (raw, json)
Hash identifier: BN6RvMbypVzkp70ty7q7uR/vG0IyEqMSPRNG6WWolts=
Subject key identifier: 72:B6:9B:9D:D8:26:20:FD:6A:16:E6:6A:D0:3F:47:67:44:94:7B:F2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5071
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/crabndgmIP1qFuZq0D9HZ0SUe_I.roa
Signing time: Sun 05 May 2024 20:23:49 +0000
ROA not before: Sun 05 May 2024 20:23:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20593 (0x5071)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 20:23:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=72B69B9DD82620FD6A16E66AD03F476744947BF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ed:c0:f7:a3:7d:e3:f9:c3:40:a6:70:d4:85:
e7:3b:a1:68:b2:e4:9f:33:48:26:92:e9:bc:65:78:
c9:9a:40:92:fc:aa:bd:6b:a7:98:7d:16:46:92:b6:
22:1a:5c:94:5a:bc:97:e2:4a:bb:aa:4c:1a:cf:de:
59:75:8f:63:ac:0b:19:2c:15:8f:a1:16:54:30:b5:
80:95:ae:cf:ad:44:a7:fd:6b:cc:b3:8c:bb:9d:d2:
89:5d:c3:a7:82:7b:87:bd:6e:7b:ba:4b:76:05:e4:
e4:5a:65:60:6d:da:8f:f0:9d:7f:f2:f1:5b:45:56:
14:08:66:58:db:53:2c:01:d8:a3:e3:a0:c3:73:20:
f1:bd:e1:fc:a7:50:9c:f9:16:06:e1:c7:6c:be:bc:
ff:b1:33:7b:6a:c7:f0:e2:6c:6c:27:dc:2a:d9:19:
0a:42:74:5f:3e:73:0b:d0:0d:10:81:b3:3e:a7:91:
1d:a3:fe:5d:f3:39:e9:67:1f:0e:87:ce:88:4b:e0:
51:9c:cf:e2:06:6d:4d:cd:19:92:77:e9:fc:27:56:
18:7f:22:75:fd:58:4f:9d:22:2e:c5:40:5d:54:27:
71:e3:a2:eb:b7:8c:24:6d:1b:fc:c0:02:19:b9:17:
73:41:d4:4d:69:71:ff:4a:f0:4d:cf:0a:c5:a5:96:
ea:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B6:9B:9D:D8:26:20:FD:6A:16:E6:6A:D0:3F:47:67:44:94:7B:F2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/crabndgmIP1qFuZq0D9HZ0SUe_I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
86:f0:c5:00:f6:52:f2:37:57:3f:1f:2d:3f:d7:fe:76:d8:26:
8d:10:de:74:07:24:36:07:18:bd:9b:70:6e:e3:5c:4f:b6:4e:
12:f0:08:fa:71:30:3b:04:cf:76:ca:31:8d:b6:31:88:1d:67:
87:b3:3d:c0:c1:3f:58:50:10:4c:2f:06:02:73:c1:0b:21:9c:
66:74:1a:44:bd:da:89:5a:0b:c0:d0:81:ad:f2:1e:76:db:da:
44:91:67:2b:12:80:7d:e5:03:d6:53:9f:7b:b3:ec:74:df:dd:
24:07:58:8e:e9:e6:b2:e9:ea:1a:f9:22:94:1e:26:00:d9:6e:
76:2f:ce:03:0a:df:58:06:cc:3b:f2:93:1f:18:18:fc:f0:25:
3e:bb:fb:fa:50:27:20:c8:7c:54:64:7e:d6:56:6a:00:fd:aa:
bc:0c:c4:c4:37:fa:9f:44:75:68:ea:bb:58:0a:eb:c6:7b:61:
58:cc:9c:b8:26:24:85:43:bf:d2:12:09:5e:ad:d9:c8:36:e3:
96:8a:7c:60:63:db:dd:d6:25:de:7e:9d:80:2c:66:a9:eb:52:
4a:72:d2:1f:23:46:a3:9a:e4:d8:55:ac:7f:e0:83:94:10:f8:
b1:3d:91:b5:17:91:a7:be:f1:b7:40:e9:4d:e6:89:48:f4:ac:
87:7a:de:58
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUHEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUy
MDIzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcyQjY5QjlERDgyNjIw
RkQ2QTE2RTY2QUQwM0Y0NzY3NDQ5NDdCRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCg7cD3o33j+cNApnDUhec7oWiy5J8zSCaS6bxleMmaQJL8qr1r
p5h9FkaStiIaXJRavJfiSruqTBrP3ll1j2OsCxksFY+hFlQwtYCVrs+tRKf9a8yz
jLud0oldw6eCe4e9bnu6S3YF5ORaZWBt2o/wnX/y8VtFVhQIZljbUywB2KPjoMNz
IPG94fynUJz5Fgbhx2y+vP+xM3tqx/DibGwn3CrZGQpCdF8+cwvQDRCBsz6nkR2j
/l3zOelnHw6HzohL4FGcz+IGbU3NGZJ36fwnVhh/InX9WE+dIi7FQF1UJ3Hjouu3
jCRtG/zAAhm5F3NB1E1pcf9K8E3PCsWllupdAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUcrabndgmIP1qFuZq0D9HZ0SUe/IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NyYWJuZGdtSVAxcUZ1
WnEwRDlIWjBTVWVfSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIbwxQD2UvI3Vz8f
LT/X/nbYJo0Q3nQHJDYHGL2bcG7jXE+2ThLwCPpxMDsEz3bKMY22MYgdZ4ezPcDB
P1hQEEwvBgJzwQshnGZ0GkS92olaC8DQga3yHnbb2kSRZysSgH3lA9ZTn3uz7HTf
3SQHWI7p5rLp6hr5IpQeJgDZbnYvzgMK31gGzDvykx8YGPzwJT67+/pQJyDIfFRk
ftZWagD9qrwMxMQ3+p9EdWjqu1gK68Z7YVjMnLgmJIVDv9ISCV6t2cg245aKfGBj
293WJd5+nYAsZqnrUkpy0h8jRqOa5NhVrH/gg5QQ+LE9kbUXkae+8bdA6U3miUj0
rId63lg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:36 2024 by rpki-client on console-fra.rpki-client.org