Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fMxnT65iLAb6r_i2_wQBlQmBzGQ.roa
File: fMxnT65iLAb6r_i2_wQBlQmBzGQ.roa (raw, json)
Hash identifier: R6L+XeXojfJdtBRvJI8gKdB/4DjwWBzdyhTlj3zQBVw=
Subject key identifier: 7C:CC:67:4F:AE:62:2C:06:FA:AF:F8:B6:FF:04:01:95:09:81:CC:64
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37FD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fMxnT65iLAb6r_i2_wQBlQmBzGQ.roa
Signing time: Wed 03 Apr 2024 05:52:17 +0000
ROA not before: Wed 03 Apr 2024 05:52:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14333 (0x37fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 05:52:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7CCC674FAE622C06FAAFF8B6FF0401950981CC64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b4:58:d6:46:30:18:68:ec:8d:0d:18:a1:e0:
0f:7b:30:5c:04:ab:b6:2a:85:7e:8e:16:4a:f7:23:
ef:77:69:ea:9b:c3:63:bd:9e:ef:a8:6d:c3:0b:5a:
74:94:59:63:5d:dd:56:f9:cf:e9:42:7e:1e:31:49:
89:8d:30:c8:49:60:1b:e0:90:4f:09:73:ff:97:38:
60:00:63:5b:0b:99:70:45:3e:97:23:7f:ae:e5:53:
64:4d:51:04:23:c6:af:c7:cb:26:ff:50:20:e9:bd:
af:a7:6d:23:3b:2b:50:02:1d:e5:49:e3:da:3f:91:
a9:c7:53:1d:a7:20:72:d0:6c:fe:e7:f7:64:e3:eb:
b7:ce:82:f7:04:ff:1e:50:72:2f:85:2a:ad:bf:2a:
59:a0:e6:11:74:38:20:b0:07:b9:7c:1e:a7:97:fa:
66:f8:5a:b6:1f:4b:46:1b:b7:4d:4e:33:ae:38:55:
29:91:61:98:52:cd:69:b5:d4:50:49:69:0d:8c:11:
74:72:dd:29:fe:71:68:e4:c5:27:0b:05:89:0e:ba:
ee:71:3b:cc:5d:ce:29:06:69:af:15:60:fe:9c:00:
bb:fd:03:2c:a3:d1:d3:ae:ef:a4:e3:c2:31:ec:4d:
89:ee:f1:5e:62:27:2c:97:cf:dd:80:63:12:49:94:
cd:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:CC:67:4F:AE:62:2C:06:FA:AF:F8:B6:FF:04:01:95:09:81:CC:64
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fMxnT65iLAb6r_i2_wQBlQmBzGQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
07:3f:5d:0a:ce:dc:d4:ca:5b:33:b6:87:77:18:e0:fb:4a:b8:
ae:59:4f:17:0f:42:d0:ba:92:7c:1d:a4:61:e3:41:37:65:f8:
a7:69:64:d6:d6:bb:bb:91:47:2c:db:1b:d9:b5:aa:fa:92:7c:
41:a3:f3:a2:51:49:6f:cb:d9:cf:59:7f:4d:3c:20:6f:e1:ab:
37:79:42:c0:7e:6f:de:97:68:04:11:2e:15:d0:3f:d6:9c:01:
ba:81:17:20:8c:c1:07:d2:7e:8f:72:13:0a:ba:b1:85:27:a8:
98:22:67:c9:cd:4c:99:c2:16:d5:f5:35:33:9f:b0:5a:ef:44:
55:7d:f3:ed:95:cd:2f:19:56:ce:ad:7f:40:4a:6c:e2:6e:3f:
2f:82:b5:0e:45:5b:9a:c0:5d:46:76:b1:f1:d4:38:23:53:d0:
c5:66:ad:cc:7c:2d:d0:91:47:08:db:a9:a8:f7:79:ee:bb:a3:
1b:87:14:bf:1b:df:24:be:f1:73:85:2b:d8:c0:02:4f:93:48:
1d:cc:97:1c:49:d4:e0:a2:03:3d:27:03:7d:f1:9f:a3:50:25:
30:2e:c3:66:12:28:fb:aa:bf:38:9a:2d:49:a6:97:aa:52:b5:
67:1a:9e:35:ca:f7:b3:d5:9f:3c:e0:dc:88:94:95:ad:f2:28:
42:70:4a:a2
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICN/0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMw
NTUyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdDQ0M2NzRGQUU2MjJD
MDZGQUFGRjhCNkZGMDQwMTk1MDk4MUNDNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDStFjWRjAYaOyNDRih4A97MFwEq7YqhX6OFkr3I+93aeqbw2O9
nu+obcMLWnSUWWNd3Vb5z+lCfh4xSYmNMMhJYBvgkE8Jc/+XOGAAY1sLmXBFPpcj
f67lU2RNUQQjxq/Hyyb/UCDpva+nbSM7K1ACHeVJ49o/kanHUx2nIHLQbP7n92Tj
67fOgvcE/x5Qci+FKq2/Klmg5hF0OCCwB7l8HqeX+mb4WrYfS0Ybt01OM644VSmR
YZhSzWm11FBJaQ2MEXRy3Sn+cWjkxScLBYkOuu5xO8xdzikGaa8VYP6cALv9Ayyj
0dOu76TjwjHsTYnu8V5iJyyXz92AYxJJlM3rAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUfMxnT65iLAb6r/i2/wQBlQmBzGQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ZNeG5UNjVpTEFiNnJf
aTJfd1FCbFFtQnpHUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAc/XQrO3NTKWzO2
h3cY4PtKuK5ZTxcPQtC6knwdpGHjQTdl+KdpZNbWu7uRRyzbG9m1qvqSfEGj86JR
SW/L2c9Zf008IG/hqzd5QsB+b96XaAQRLhXQP9acAbqBFyCMwQfSfo9yEwq6sYUn
qJgiZ8nNTJnCFtX1NTOfsFrvRFV98+2VzS8ZVs6tf0BKbOJuPy+CtQ5FW5rAXUZ2
sfHUOCNT0MVmrcx8LdCRRwjbqaj3ee67oxuHFL8b3yS+8XOFK9jAAk+TSB3MlxxJ
1OCiAz0nA33xn6NQJTAuw2YSKPuqvziaLUmml6pStWcanjXK97PVnzzg3IiUla3y
KEJwSqI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:38 2024 by rpki-client on console-fra.rpki-client.org