Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hBRRoP88j99iuP0pkctjyND0L0U.roa
File: hBRRoP88j99iuP0pkctjyND0L0U.roa (raw, json)
Hash identifier: vh+nmG5H1WmOuwYEIurB+TwLDOWjPCdDKPbDKtF/80U=
Subject key identifier: 84:14:51:A0:FF:3C:8F:DF:62:B8:FD:29:91:CB:63:C8:D0:F4:2F:45
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3859
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hBRRoP88j99iuP0pkctjyND0L0U.roa
Signing time: Wed 03 Apr 2024 17:22:18 +0000
ROA not before: Wed 03 Apr 2024 17:22:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14425 (0x3859)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 17:22:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=841451A0FF3C8FDF62B8FD2991CB63C8D0F42F45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:de:d3:4d:15:f0:23:c3:e6:ea:9f:2d:2e:30:
18:78:70:50:b4:b4:90:9f:e0:7d:8d:0c:c0:06:02:
de:d7:d9:51:c4:f2:51:12:9f:06:ef:d3:7c:75:de:
72:a2:59:8a:c6:59:53:a3:29:ea:93:77:50:0b:85:
ec:0e:18:74:6a:ea:51:7c:a9:f9:79:0d:c3:3c:49:
75:13:82:99:e8:36:35:d1:5a:de:46:0e:c7:a4:b7:
af:15:f7:e4:32:0c:38:4d:37:76:42:4d:d4:96:29:
f5:de:4b:69:49:14:32:ef:d7:26:c6:01:a8:e6:9e:
cc:3c:01:f1:8a:a1:1f:d6:85:4c:04:c7:85:e4:12:
81:da:9b:34:c7:65:5d:00:6f:34:29:f0:38:52:6f:
9e:55:c5:33:30:a6:47:81:d8:06:02:23:95:ba:ff:
4b:fc:b5:9f:05:fe:93:54:ed:1c:02:2c:f0:49:a7:
e5:72:bc:24:39:89:cc:35:15:3b:84:30:c8:54:d8:
53:a3:09:9d:cb:02:c3:03:60:3b:8f:29:03:44:ba:
54:6a:a5:a4:ba:64:b2:ae:8e:98:9d:3f:f1:a0:10:
1c:3a:03:86:2c:b1:09:8c:d4:9f:1f:db:df:83:55:
6c:c1:f0:21:75:a6:40:c4:28:e5:b6:c9:de:1c:fc:
d0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:14:51:A0:FF:3C:8F:DF:62:B8:FD:29:91:CB:63:C8:D0:F4:2F:45
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hBRRoP88j99iuP0pkctjyND0L0U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:f5:43:58:c7:48:e8:07:23:27:9f:8e:89:d9:ff:82:23:fd:
17:29:57:7b:1e:50:5e:aa:0f:5d:3d:94:cd:d0:a1:d8:60:2f:
e1:ae:65:8f:79:be:53:4f:37:90:83:9f:b3:92:d6:04:e4:31:
76:a6:d8:a1:db:42:df:ee:13:0d:9e:96:d7:71:bc:41:6b:3f:
ac:00:d6:f0:0e:5d:e4:4e:a4:b4:24:26:0e:96:41:15:a8:74:
65:83:d4:f5:c2:82:e2:fd:08:e0:77:ac:a2:87:fe:9b:3a:72:
f9:a5:a4:30:60:65:ba:52:91:32:fa:3d:75:35:18:81:0b:05:
c8:ba:9c:40:c1:e8:0d:12:e6:09:fb:e3:9b:4d:81:88:df:eb:
d9:b3:d1:1b:c4:07:c7:1c:12:6c:6e:1e:2b:cb:57:a3:e2:af:
af:f6:a2:6d:6c:3f:45:24:d8:b2:6e:64:cf:26:5c:c8:2f:fc:
16:f3:c6:b3:e7:77:95:fb:8a:c6:98:a6:59:74:06:a9:ee:74:
ce:2b:94:4e:be:7d:c2:39:70:68:53:b1:7c:0f:58:1d:80:b4:
c9:b9:54:27:d4:70:9a:2b:fa:7a:2e:c0:c3:e0:5c:cd:6d:e8:
9f:92:14:9e:62:41:be:8c:4b:bb:85:fe:68:73:a8:b5:12:49:
f0:34:1f:ff
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOFkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMx
NzIyMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg0MTQ1MUEwRkYzQzhG
REY2MkI4RkQyOTkxQ0I2M0M4RDBGNDJGNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp3tNNFfAjw+bqny0uMBh4cFC0tJCf4H2NDMAGAt7X2VHE8lES
nwbv03x13nKiWYrGWVOjKeqTd1ALhewOGHRq6lF8qfl5DcM8SXUTgpnoNjXRWt5G
Dsekt68V9+QyDDhNN3ZCTdSWKfXeS2lJFDLv1ybGAajmnsw8AfGKoR/WhUwEx4Xk
EoHamzTHZV0AbzQp8DhSb55VxTMwpkeB2AYCI5W6/0v8tZ8F/pNU7RwCLPBJp+Vy
vCQ5icw1FTuEMMhU2FOjCZ3LAsMDYDuPKQNEulRqpaS6ZLKujpidP/GgEBw6A4Ys
sQmM1J8f29+DVWzB8CF1pkDEKOW2yd4c/NDlAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUhBRRoP88j99iuP0pkctjyND0L0UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hCUlJvUDg4ajk5aXVQ
MHBrY3RqeU5EMEwwVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAG31Q1jHSOgHIyef
jonZ/4Ij/RcpV3seUF6qD109lM3QodhgL+GuZY95vlNPN5CDn7OS1gTkMXam2KHb
Qt/uEw2eltdxvEFrP6wA1vAOXeROpLQkJg6WQRWodGWD1PXCguL9COB3rKKH/ps6
cvmlpDBgZbpSkTL6PXU1GIELBci6nEDB6A0S5gn745tNgYjf69mz0RvEB8ccEmxu
HivLV6Pir6/2om1sP0Uk2LJuZM8mXMgv/BbzxrPnd5X7isaYpll0BqnudM4rlE6+
fcI5cGhTsXwPWB2AtMm5VCfUcJor+nouwMPgXM1t6J+SFJ5iQb6MS7uF/mhzqLUS
SfA0H/8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:40 2024 by rpki-client on console-fra.rpki-client.org