Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fdXF9YQYhvk7bTyRw4fmEhYZDlc.roa
File: fdXF9YQYhvk7bTyRw4fmEhYZDlc.roa (raw, json)
Hash identifier: 30QbSFLLsipV6G38g3NXS35js/RXwPDAGQ6y+WvSp5A=
Subject key identifier: 7D:D5:C5:F5:84:18:86:F9:3B:6D:3C:91:C3:87:E6:12:16:19:0E:57
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3CF9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fdXF9YQYhvk7bTyRw4fmEhYZDlc.roa
Signing time: Tue 09 Apr 2024 21:22:39 +0000
ROA not before: Tue 09 Apr 2024 21:22:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15609 (0x3cf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 21:22:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7DD5C5F5841886F93B6D3C91C387E61216190E57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c3:50:12:f1:e3:fb:b4:56:5b:fe:9e:f1:c9:
03:af:fa:0a:7e:83:b8:59:c0:59:b7:de:30:8f:4c:
ee:9f:fe:94:35:a6:48:4a:cc:61:94:59:48:12:d5:
78:df:d5:a9:e8:84:50:6d:ec:34:3a:98:90:2d:cf:
1f:3b:c3:17:03:34:35:d8:c4:14:2b:94:f1:b4:f4:
a6:cc:ec:27:cc:eb:22:be:14:7a:08:f9:70:57:6f:
6c:b8:96:5a:0b:67:31:a9:41:ae:bc:41:52:91:9c:
f1:be:8a:24:8f:9c:aa:cc:72:42:a4:0b:49:7f:1c:
97:eb:00:47:54:eb:34:4a:aa:de:14:29:ac:37:a6:
5a:0b:0d:88:6c:05:2a:b8:b4:40:18:b7:c2:17:60:
04:87:85:56:b5:e6:f5:f2:34:cf:9e:54:01:a1:07:
cf:26:9c:6d:f3:12:f0:3c:dd:5d:9c:98:74:e9:bd:
08:70:93:5e:83:14:4f:33:0d:a6:93:9a:4d:ed:eb:
b5:bd:8a:74:c8:d7:23:9a:7f:e5:33:3d:25:10:ff:
e5:9e:8f:19:98:8d:c8:27:3e:6b:99:c4:02:b9:40:
fb:9d:dd:01:b3:6d:58:62:4a:6a:51:69:94:3c:4f:
9f:e0:32:38:b6:7e:5f:7e:66:56:be:d0:6d:ef:cb:
8a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D5:C5:F5:84:18:86:F9:3B:6D:3C:91:C3:87:E6:12:16:19:0E:57
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fdXF9YQYhvk7bTyRw4fmEhYZDlc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
25:81:83:be:42:71:c7:94:9e:9b:65:f3:ff:5b:34:c9:34:18:
08:15:15:1f:ed:58:be:23:4d:fe:4b:de:8f:f6:9d:dc:0d:9f:
78:50:57:52:ff:b6:df:aa:52:01:86:b0:47:91:c4:41:69:99:
a6:1a:82:18:85:66:15:4c:d5:74:ad:e3:45:df:e1:90:32:8c:
63:1d:1f:15:58:57:ee:5f:eb:8a:6e:cc:47:1e:4f:4a:f8:fc:
6f:41:09:12:24:21:f1:bb:ae:99:a4:1c:29:1f:c7:e7:43:4e:
1e:0a:60:a5:6f:c0:81:b9:0b:84:82:c1:76:e6:4f:21:b1:7f:
4e:bc:cc:5c:c4:71:92:3f:bc:60:91:9a:90:4f:86:69:2d:d5:
91:a7:b7:b2:5e:02:3a:73:2a:a6:b6:b1:f5:29:bd:ab:73:be:
4b:75:3c:54:35:11:2b:4f:bb:78:52:bd:11:03:7a:b8:70:e0:
d0:37:0e:c8:8b:a4:0e:c2:6f:ea:3f:db:53:66:8f:d8:10:64:
f8:3c:24:0b:9d:dd:32:9f:29:46:31:ea:d1:cd:4b:30:d7:15:
ff:89:05:e2:7d:6b:e4:08:55:7f:ce:11:75:3e:a4:63:58:db:
bc:cf:37:18:6c:2a:f5:8e:4f:b1:d8:33:a3:8e:c2:c9:56:71:
b1:88:b6:87
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDky
MTIyMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdERDVDNUY1ODQxODg2
RjkzQjZEM0M5MUMzODdFNjEyMTYxOTBFNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWw1AS8eP7tFZb/p7xyQOv+gp+g7hZwFm33jCPTO6f/pQ1pkhK
zGGUWUgS1Xjf1anohFBt7DQ6mJAtzx87wxcDNDXYxBQrlPG09KbM7CfM6yK+FHoI
+XBXb2y4lloLZzGpQa68QVKRnPG+iiSPnKrMckKkC0l/HJfrAEdU6zRKqt4UKaw3
ploLDYhsBSq4tEAYt8IXYASHhVa15vXyNM+eVAGhB88mnG3zEvA83V2cmHTpvQhw
k16DFE8zDaaTmk3t67W9inTI1yOaf+UzPSUQ/+WejxmYjcgnPmuZxAK5QPud3QGz
bVhiSmpRaZQ8T5/gMji2fl9+Zla+0G3vy4oBAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUfdXF9YQYhvk7bTyRw4fmEhYZDlcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ZkWEY5WVFZaHZrN2JU
eVJ3NGZtRWhZWkRsYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACWBg75CcceUnptl
8/9bNMk0GAgVFR/tWL4jTf5L3o/2ndwNn3hQV1L/tt+qUgGGsEeRxEFpmaYaghiF
ZhVM1XSt40Xf4ZAyjGMdHxVYV+5f64puzEceT0r4/G9BCRIkIfG7rpmkHCkfx+dD
Th4KYKVvwIG5C4SCwXbmTyGxf068zFzEcZI/vGCRmpBPhmkt1ZGnt7JeAjpzKqa2
sfUpvatzvkt1PFQ1EStPu3hSvREDerhw4NA3DsiLpA7Cb+o/21Nmj9gQZPg8JAud
3TKfKUYx6tHNSzDXFf+JBeJ9a+QIVX/OEXU+pGNY27zPNxhsKvWOT7HYM6OOwslW
cbGItoc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:38 2024 by rpki-client on console-fra.rpki-client.org