Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/iDOryoXbvqmr1QrKywwY0COcvk4.roa
File: iDOryoXbvqmr1QrKywwY0COcvk4.roa (raw, json)
Hash identifier: HXnqt0fPvwUG4G7A424ENz+SAQJDuyWl8EQ5Xg7t7hY=
Subject key identifier: 88:33:AB:CA:85:DB:BE:A9:AB:D5:0A:CA:CB:0C:18:D0:23:9C:BE:4E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4491
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iDOryoXbvqmr1QrKywwY0COcvk4.roa
Signing time: Sat 20 Apr 2024 00:23:02 +0000
ROA not before: Sat 20 Apr 2024 00:23:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17553 (0x4491)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 00:23:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8833ABCA85DBBEA9ABD50ACACB0C18D0239CBE4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:82:29:29:e4:41:f2:f0:c9:36:f5:89:1f:79:
19:8f:b4:c1:4c:5e:10:e3:d4:91:51:ca:21:94:5d:
0b:15:e4:22:e5:67:f0:37:35:ce:63:db:22:8f:2a:
6a:f1:a0:f0:84:66:a1:6b:fc:6f:7b:0e:5a:31:b2:
00:d8:76:c2:a1:38:28:bb:51:5e:40:61:6b:c4:71:
fc:cc:a1:83:ec:05:d8:93:08:3c:16:14:73:21:f7:
3d:e2:cb:a2:a1:0e:6d:fb:5f:e2:db:e2:1e:79:f7:
56:e1:05:bb:dc:fc:2a:fd:a6:45:29:33:c5:13:cf:
eb:da:1e:07:16:c9:f5:31:9b:b7:66:f5:a0:eb:d0:
0f:67:77:6c:02:70:d6:a0:7f:86:9b:07:a6:e3:60:
b5:5c:3b:e8:91:d4:87:d5:2b:fd:74:ee:5d:71:c8:
c5:08:17:54:15:51:21:d4:ec:21:88:c2:ee:08:3b:
b6:e9:e0:9a:23:8a:58:54:1a:5c:52:d5:91:e9:5e:
50:a5:e6:01:57:70:29:05:c4:5b:c5:b1:b1:f4:54:
ae:d2:70:c7:60:42:77:48:b8:e7:e2:88:3c:cc:ab:
da:39:7f:d0:97:e1:21:0d:65:2f:3d:61:58:a4:03:
77:8b:49:5b:71:4f:fb:5a:b3:6a:e6:0c:3a:6f:82:
dd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:33:AB:CA:85:DB:BE:A9:AB:D5:0A:CA:CB:0C:18:D0:23:9C:BE:4E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iDOryoXbvqmr1QrKywwY0COcvk4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2d:81:e4:42:b8:ba:55:b3:11:4e:7c:32:5a:41:44:be:a0:30:
e3:1c:24:4c:9e:ad:ef:e4:cc:e3:78:23:63:15:0e:70:c6:c4:
06:f2:29:86:68:86:e1:bf:33:3e:97:37:aa:da:5f:3c:ed:8a:
48:61:45:1f:f8:32:23:95:69:9e:c2:c7:0d:fe:0d:4c:1e:a6:
5a:de:ec:69:bb:e3:56:99:d6:f0:e8:28:3f:d0:ce:87:b2:28:
47:d9:5f:f7:e4:ea:46:23:af:52:11:43:a2:ea:ee:b1:9f:30:
b6:f9:29:db:08:e7:f2:9b:9a:fd:7d:64:a6:b9:b2:be:dc:4b:
16:a8:b6:86:6a:4b:72:51:fe:32:9b:37:39:96:2f:c2:7a:24:
f0:6d:02:40:55:04:01:25:57:27:2d:48:99:16:63:d0:45:f5:
a5:6e:4d:a7:b0:f6:7c:1a:7b:38:c6:40:18:f4:b9:5f:ef:dd:
1d:bd:48:3e:43:dc:91:8c:fb:c5:3a:71:9a:ba:9e:f9:78:c3:
d9:5c:a1:8d:79:f7:ca:32:08:3c:62:a9:9f:05:6e:ac:06:4a:
2e:be:10:9f:43:d8:c2:0d:63:cb:f9:9d:35:a0:12:17:3b:cf:
ee:d6:84:fd:58:9f:cf:a6:1c:b4:f5:4c:4c:91:30:8e:f7:3e:
5e:d9:3f:2f
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRJEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
MDIzMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg4MzNBQkNBODVEQkJF
QTlBQkQ1MEFDQUNCMEMxOEQwMjM5Q0JFNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEgikp5EHy8Mk29YkfeRmPtMFMXhDj1JFRyiGUXQsV5CLlZ/A3
Nc5j2yKPKmrxoPCEZqFr/G97DloxsgDYdsKhOCi7UV5AYWvEcfzMoYPsBdiTCDwW
FHMh9z3iy6KhDm37X+Lb4h5591bhBbvc/Cr9pkUpM8UTz+vaHgcWyfUxm7dm9aDr
0A9nd2wCcNagf4abB6bjYLVcO+iR1IfVK/107l1xyMUIF1QVUSHU7CGIwu4IO7bp
4JojilhUGlxS1ZHpXlCl5gFXcCkFxFvFsbH0VK7ScMdgQndIuOfiiDzMq9o5f9CX
4SENZS89YVikA3eLSVtxT/tas2rmDDpvgt3DAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUiDOryoXbvqmr1QrKywwY0COcvk4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lET3J5b1hidnFtcjFR
ckt5d3dZMENPY3ZrNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAC2B5EK4ulWzEU58
MlpBRL6gMOMcJEyere/kzON4I2MVDnDGxAbyKYZohuG/Mz6XN6raXzztikhhRR/4
MiOVaZ7Cxw3+DUweplre7Gm741aZ1vDoKD/QzoeyKEfZX/fk6kYjr1IRQ6Lq7rGf
MLb5KdsI5/Kbmv19ZKa5sr7cSxaotoZqS3JR/jKbNzmWL8J6JPBtAkBVBAElVyct
SJkWY9BF9aVuTaew9nwaezjGQBj0uV/v3R29SD5D3JGM+8U6cZq6nvl4w9lcoY15
98oyCDxiqZ8FbqwGSi6+EJ9D2MINY8v5nTWgEhc7z+7WhP1Yn8+mHLT1TEyRMI73
Pl7ZPy8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:03 2024 by rpki-client on console-ams.rpki-client.org