Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hiuBJP2_CJhsupZK6DJUu_GWuRg.roa
File: hiuBJP2_CJhsupZK6DJUu_GWuRg.roa (raw, json)
Hash identifier: TpeOTUrzjvCpx/r9bfZLU4hDlkytlKSKp/931qX32SU=
Subject key identifier: 86:2B:81:24:FD:BF:08:98:6C:BA:96:4A:E8:32:54:BB:F1:96:B9:18
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3429
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hiuBJP2_CJhsupZK6DJUu_GWuRg.roa
Signing time: Fri 29 Mar 2024 03:22:03 +0000
ROA not before: Fri 29 Mar 2024 03:22:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13353 (0x3429)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 03:22:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=862B8124FDBF08986CBA964AE83254BBF196B918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:11:22:70:87:17:ff:8f:8b:a7:5e:2b:2e:ca:
97:27:4f:67:bf:2c:b5:18:ea:57:52:b5:1a:03:58:
b3:5f:48:fc:db:99:cb:8a:53:88:1e:f5:52:82:76:
5a:73:9f:9d:06:d6:30:ce:4f:df:a4:14:05:f4:9b:
66:4b:1d:88:8a:b0:13:58:4d:af:ed:65:68:ab:fc:
8a:7f:59:c0:38:5c:43:cf:88:b2:6c:9e:05:2d:13:
a3:28:30:a5:eb:b2:c0:a4:12:61:6b:ef:4b:c8:59:
84:31:58:c4:5e:2d:4b:5d:41:11:a4:73:db:bf:64:
8c:81:df:a1:7a:b0:94:85:80:41:c0:ae:32:4b:19:
f3:5b:5a:98:ee:00:e4:cc:00:b5:6f:c9:85:f7:52:
b0:1f:b1:8c:b0:b0:78:9a:b9:be:73:97:4b:a5:02:
1d:46:c3:ad:10:1d:7b:2e:50:ba:42:51:88:2d:50:
fa:a7:75:8a:f3:dd:16:9a:5c:eb:94:20:9b:51:cb:
02:1e:e9:57:56:0c:33:fa:54:7d:44:0b:a9:e0:94:
ca:0a:6f:80:9b:e3:42:c8:db:b1:13:1b:ed:52:de:
42:a7:42:7f:df:ef:e0:1f:cc:85:7b:79:b9:46:67:
8f:51:df:8b:1e:52:dc:31:cd:11:06:82:2d:06:dd:
58:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:2B:81:24:FD:BF:08:98:6C:BA:96:4A:E8:32:54:BB:F1:96:B9:18
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hiuBJP2_CJhsupZK6DJUu_GWuRg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6b:6d:4a:62:e8:46:58:f9:bf:ef:e4:43:be:22:c1:98:9c:16:
59:d6:9a:af:33:e2:ba:94:6d:f4:18:2f:c6:be:87:2b:d7:43:
a7:6b:e3:8f:3d:12:33:41:19:8c:01:f9:e6:0c:18:55:31:88:
1e:eb:22:a1:b9:d7:4e:1f:79:b6:73:44:6e:35:88:63:09:2c:
4a:0c:39:1b:a3:35:0d:6a:eb:d0:23:26:7f:ab:6f:41:4f:0e:
7f:bc:05:cd:e7:33:f3:35:99:b1:cc:ea:f8:50:23:02:6c:d5:
9a:78:89:7d:f4:72:2f:ea:7f:4a:3c:08:d4:6d:91:60:c4:95:
3f:6a:34:a3:63:0a:37:8b:93:13:56:af:e3:26:05:10:42:1d:
75:ab:71:59:52:e8:15:d3:fa:fe:17:75:ea:fc:17:c6:61:ea:
12:b2:aa:24:1c:fc:42:bb:f6:12:31:96:69:f9:a3:96:89:97:
94:4b:79:ca:fd:23:72:9c:ab:3b:f4:26:26:5f:65:f6:00:25:
c5:af:d0:c8:6c:f5:90:cb:7b:d8:2e:53:84:27:ba:c9:1f:3e:
17:27:7e:b6:90:48:50:a9:b7:d7:84:ac:17:54:e6:75:82:f6:
a6:f3:82:3d:4e:05:e4:0b:36:7e:8c:29:62:14:4e:5b:a1:37:
23:d9:eb:b7
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNCkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
MzIyMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg2MkI4MTI0RkRCRjA4
OTg2Q0JBOTY0QUU4MzI1NEJCRjE5NkI5MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClESJwhxf/j4unXisuypcnT2e/LLUY6ldStRoDWLNfSPzbmcuK
U4ge9VKCdlpzn50G1jDOT9+kFAX0m2ZLHYiKsBNYTa/tZWir/Ip/WcA4XEPPiLJs
ngUtE6MoMKXrssCkEmFr70vIWYQxWMReLUtdQRGkc9u/ZIyB36F6sJSFgEHArjJL
GfNbWpjuAOTMALVvyYX3UrAfsYywsHiaub5zl0ulAh1Gw60QHXsuULpCUYgtUPqn
dYrz3RaaXOuUIJtRywIe6VdWDDP6VH1EC6nglMoKb4Cb40LI27ETG+1S3kKnQn/f
7+AfzIV7eblGZ49R34seUtwxzREGgi0G3Vg1AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUhiuBJP2/CJhsupZK6DJUu/GWuRgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hpdUJKUDJfQ0poc3Vw
Wks2REpVdV9HV3VSZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGttSmLoRlj5v+/k
Q74iwZicFlnWmq8z4rqUbfQYL8a+hyvXQ6dr4489EjNBGYwB+eYMGFUxiB7rIqG5
104febZzRG41iGMJLEoMORujNQ1q69AjJn+rb0FPDn+8Bc3nM/M1mbHM6vhQIwJs
1Zp4iX30ci/qf0o8CNRtkWDElT9qNKNjCjeLkxNWr+MmBRBCHXWrcVlS6BXT+v4X
der8F8Zh6hKyqiQc/EK79hIxlmn5o5aJl5RLecr9I3Kcqzv0JiZfZfYAJcWv0Mhs
9ZDLe9guU4QnuskfPhcnfraQSFCpt9eErBdU5nWC9qbzgj1OBeQLNn6MKWIUTluh
NyPZ67c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:40 2024 by rpki-client on console-fra.rpki-client.org