Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fHDsiBCSZ6IBVxqsKTfNfF_Dz4o.roa
File: fHDsiBCSZ6IBVxqsKTfNfF_Dz4o.roa (raw, json)
Hash identifier: AK4Zfdax61myjis1dfWd64MopPpHnJHz3oesPxH3DGA=
Subject key identifier: 7C:70:EC:88:10:92:67:A2:01:57:1A:AC:29:37:CD:7C:5F:C3:CF:8A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A29
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fHDsiBCSZ6IBVxqsKTfNfF_Dz4o.roa
Signing time: Sat 06 Apr 2024 03:22:25 +0000
ROA not before: Sat 06 Apr 2024 03:22:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14889 (0x3a29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 03:22:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7C70EC88109267A201571AAC2937CD7C5FC3CF8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:06:a1:d3:8a:3a:ee:18:6a:f6:ec:5d:0b:d6:
c7:85:0d:58:3b:f7:62:21:58:57:1d:67:a0:35:36:
0f:36:6d:8e:1e:35:f1:50:85:3d:2d:a5:0c:de:a3:
b3:dd:4f:52:1d:b3:d9:1d:00:3a:da:4a:de:fd:21:
86:5e:2c:97:0e:c2:9b:ab:e9:d6:90:a6:00:f1:7f:
f6:65:e2:63:45:68:f8:db:f3:9d:cb:b8:42:4b:a0:
c3:bc:09:e4:c9:c9:4f:df:4c:2b:25:43:c6:79:27:
f5:3e:3e:b9:9f:fe:53:4a:e7:b2:26:df:0b:eb:8d:
1b:cb:b6:64:75:88:8f:de:0a:f8:22:3c:ff:33:35:
c8:b7:23:0e:a1:c6:71:0a:6d:62:f2:8d:98:29:b7:
f9:d6:fe:03:cc:b7:67:65:ab:ef:17:9c:f0:1e:0d:
84:cd:ce:74:e9:fa:e7:c8:97:09:f6:ac:4d:78:a8:
cc:e5:a3:f9:9a:66:eb:2b:83:a4:93:52:7f:66:0e:
bf:70:80:2f:93:ee:de:08:29:18:71:35:b4:d9:41:
4f:6f:a0:e4:bc:df:c5:0f:f9:4d:37:78:a5:9f:d2:
48:8e:e8:0b:9b:15:a7:79:ee:5b:fc:57:74:d0:88:
27:17:dd:7d:1a:bb:70:0d:77:46:10:50:a4:aa:9a:
6f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:70:EC:88:10:92:67:A2:01:57:1A:AC:29:37:CD:7C:5F:C3:CF:8A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fHDsiBCSZ6IBVxqsKTfNfF_Dz4o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
27:6a:b0:18:1d:9b:59:e1:a3:99:fa:f0:86:80:84:af:aa:7a:
83:ae:3c:d9:02:81:77:12:87:83:89:c8:2a:21:cb:a5:0f:fa:
7b:10:94:77:33:80:e8:1e:6f:9d:9e:f5:38:22:86:b9:d5:19:
75:7d:82:27:e4:7b:d4:ff:cd:3a:c7:16:bd:d9:dd:fd:5b:84:
04:d7:3b:6e:2d:6a:58:ca:d1:56:b1:0f:a1:13:43:cd:96:85:
c9:c0:fb:85:b1:32:29:a8:d1:48:bf:7b:8c:e4:4a:bb:6f:4c:
3b:39:a9:df:ac:36:f6:ed:1b:4d:7a:bf:ef:53:1d:e0:c8:56:
d2:6a:67:1a:2e:c8:0c:38:53:36:c3:b9:a2:13:c6:17:f0:4c:
21:49:0a:aa:e0:02:38:e6:1b:be:fb:ad:50:46:f3:f8:71:60:
6a:39:0f:c7:ca:74:df:44:9c:88:31:37:8c:78:e8:19:a5:02:
5c:ac:ca:89:6b:33:b2:63:da:76:f4:63:b0:ee:7b:af:04:b0:
87:60:c3:af:f8:d8:0b:b6:78:81:14:47:85:ac:17:2d:28:a2:
78:52:0a:79:7d:06:34:69:25:2b:37:d0:a8:9d:33:85:4c:41:
46:0c:61:2a:64:91:5f:af:d8:2e:e1:53:e2:d3:97:a4:c9:76:
2e:bf:4f:c9
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOikwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYw
MzIyMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdDNzBFQzg4MTA5MjY3
QTIwMTU3MUFBQzI5MzdDRDdDNUZDM0NGOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDABqHTijruGGr27F0L1seFDVg792IhWFcdZ6A1Ng82bY4eNfFQ
hT0tpQzeo7PdT1Ids9kdADraSt79IYZeLJcOwpur6daQpgDxf/Zl4mNFaPjb853L
uEJLoMO8CeTJyU/fTCslQ8Z5J/U+Prmf/lNK57Im3wvrjRvLtmR1iI/eCvgiPP8z
Nci3Iw6hxnEKbWLyjZgpt/nW/gPMt2dlq+8XnPAeDYTNznTp+ufIlwn2rE14qMzl
o/maZusrg6STUn9mDr9wgC+T7t4IKRhxNbTZQU9voOS838UP+U03eKWf0kiO6Aub
Fad57lv8V3TQiCcX3X0au3ANd0YQUKSqmm+/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUfHDsiBCSZ6IBVxqsKTfNfF/Dz4owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ZIRHNpQkNTWjZJQlZ4
cXNLVGZOZkZfRHo0by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACdqsBgdm1nho5n6
8IaAhK+qeoOuPNkCgXcSh4OJyCohy6UP+nsQlHczgOgeb52e9TgihrnVGXV9gifk
e9T/zTrHFr3Z3f1bhATXO24taljK0VaxD6ETQ82WhcnA+4WxMimo0Ui/e4zkSrtv
TDs5qd+sNvbtG016v+9THeDIVtJqZxouyAw4UzbDuaITxhfwTCFJCqrgAjjmG777
rVBG8/hxYGo5D8fKdN9EnIgxN4x46BmlAlysyolrM7Jj2nb0Y7Due68EsIdgw6/4
2Au2eIEUR4WsFy0oonhSCnl9BjRpJSs30KidM4VMQUYMYSpkkV+v2C7hU+LTl6TJ
di6/T8k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:59 2024 by rpki-client on console-ams.rpki-client.org