Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fLlffzNX5VidNwzY0h5bMBxJp4Y.roa
File: fLlffzNX5VidNwzY0h5bMBxJp4Y.roa (raw, json)
Hash identifier: ZWnoUlfSG2mTnU/oq9z8c9HWNI6OYN37ak2p8cHgLMQ=
Subject key identifier: 7C:B9:5F:7F:33:57:E5:58:9D:37:0C:D8:D2:1E:5B:30:1C:49:A7:86
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3AC5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fLlffzNX5VidNwzY0h5bMBxJp4Y.roa
Signing time: Sat 06 Apr 2024 22:52:28 +0000
ROA not before: Sat 06 Apr 2024 22:52:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15045 (0x3ac5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 22:52:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7CB95F7F3357E5589D370CD8D21E5B301C49A786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9b:8e:eb:f8:41:dc:9c:09:78:f2:08:ee:ce:
ec:3d:69:1a:2e:1c:6e:69:f9:11:bf:70:ae:a4:b9:
70:03:5f:1f:53:51:8d:6f:78:32:8d:ed:17:1b:4a:
b7:fd:3e:c1:cf:74:1d:5f:25:7b:ec:2c:ca:4f:ed:
f3:f1:70:a9:64:98:f6:34:6f:01:6b:55:67:33:86:
4b:97:fb:44:d3:81:33:3c:28:1c:c3:31:5e:4c:95:
4f:47:b9:15:24:8e:05:87:ce:b0:42:11:66:81:4b:
46:1c:33:e0:80:25:e4:69:73:1f:7c:11:e9:3e:68:
5e:98:90:ef:d8:7a:4d:da:c0:bc:a4:05:b3:b1:74:
6a:91:50:87:fe:1e:49:1b:a6:98:52:3b:20:5f:43:
d1:33:2a:09:84:9d:f4:88:8f:a9:7e:dc:d3:eb:c1:
d2:98:b1:b1:a0:27:18:c9:50:c7:a2:da:3a:7a:39:
94:70:df:ca:66:a3:cd:fa:d0:4e:bd:8c:12:4e:8b:
8c:e0:6c:f6:d0:f8:a8:3b:50:da:29:74:84:e8:d5:
11:cb:e2:2b:81:14:e1:5b:12:4d:7e:a6:5c:f7:f5:
c9:e6:f4:bb:63:a2:e4:e4:2a:c1:cf:4a:ee:55:9c:
d7:7d:15:f5:93:28:59:36:b6:c0:fd:36:13:fb:a5:
7b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B9:5F:7F:33:57:E5:58:9D:37:0C:D8:D2:1E:5B:30:1C:49:A7:86
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fLlffzNX5VidNwzY0h5bMBxJp4Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
55:c7:a5:db:93:42:85:f5:54:a3:98:79:af:b5:ae:d8:a0:59:
c8:1e:88:1b:5d:00:21:bc:5e:4b:a3:06:83:6f:50:37:3e:69:
39:5b:20:4f:81:2a:d6:4d:6f:ee:ab:c9:30:29:38:5e:51:1b:
11:87:67:f2:d8:37:c9:6f:a6:03:ae:66:0b:76:dc:8b:77:d8:
bd:f4:0e:85:c8:46:29:03:10:7f:10:b2:84:6e:83:85:5c:dc:
54:00:96:0d:53:2d:45:7b:f4:d3:d9:33:13:29:2c:be:aa:6b:
05:1a:fd:5f:50:95:4a:43:a1:c0:c4:5d:50:45:37:53:c5:18:
31:66:9a:cb:b4:07:d4:80:61:f8:8c:6a:76:3d:fc:a5:7d:20:
ef:f6:bf:dc:47:27:93:ea:aa:af:57:71:56:e5:3c:41:91:04:
1a:a5:63:82:aa:5e:4b:7d:d1:c0:a6:fd:fe:18:8a:f4:ad:b5:
54:4c:55:1a:09:ad:fe:3f:aa:a6:92:bd:ef:c1:cf:39:6b:e7:
9f:03:03:29:d8:5f:44:cf:ae:1b:e6:d1:6b:0a:39:16:64:dd:
67:97:d1:0a:92:73:13:18:cc:8a:89:c6:c4:39:9c:d3:e6:96:
d7:74:dd:fb:ba:fe:3c:6e:2b:65:ed:a4:df:79:e9:30:4f:d7:
7e:86:ff:65
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOsUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYy
MjUyMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdDQjk1RjdGMzM1N0U1
NTg5RDM3MENEOEQyMUU1QjMwMUM0OUE3ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxm47r+EHcnAl48gjuzuw9aRouHG5p+RG/cK6kuXADXx9TUY1v
eDKN7RcbSrf9PsHPdB1fJXvsLMpP7fPxcKlkmPY0bwFrVWczhkuX+0TTgTM8KBzD
MV5MlU9HuRUkjgWHzrBCEWaBS0YcM+CAJeRpcx98Eek+aF6YkO/Yek3awLykBbOx
dGqRUIf+HkkbpphSOyBfQ9EzKgmEnfSIj6l+3NPrwdKYsbGgJxjJUMei2jp6OZRw
38pmo8360E69jBJOi4zgbPbQ+Kg7UNopdITo1RHL4iuBFOFbEk1+plz39cnm9Ltj
ouTkKsHPSu5VnNd9FfWTKFk2tsD9NhP7pXsRAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUfLlffzNX5VidNwzY0h5bMBxJp4YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ZMbGZmek5YNVZpZE53
elkwaDViTUJ4SnA0WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFXHpduTQoX1VKOY
ea+1rtigWcgeiBtdACG8XkujBoNvUDc+aTlbIE+BKtZNb+6ryTApOF5RGxGHZ/LY
N8lvpgOuZgt23It32L30DoXIRikDEH8QsoRug4Vc3FQAlg1TLUV79NPZMxMpLL6q
awUa/V9QlUpDocDEXVBFN1PFGDFmmsu0B9SAYfiManY9/KV9IO/2v9xHJ5Pqqq9X
cVblPEGRBBqlY4KqXkt90cCm/f4YivSttVRMVRoJrf4/qqaSve/Bzzlr558DAynY
X0TPrhvm0WsKORZk3WeX0QqScxMYzIqJxsQ5nNPmltd03fu6/jxuK2XtpN956TBP
136G/2U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:38 2024 by rpki-client on console-fra.rpki-client.org