Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lDWecvuXjwrLnhRE0rAP5QZ1zkc.roa
File: lDWecvuXjwrLnhRE0rAP5QZ1zkc.roa (raw, json)
Hash identifier: gdeIaWms1POOo+k35Ye0KFghndsW+/0v2eDhK8a5tfs=
Subject key identifier: 94:35:9E:72:FB:97:8F:0A:CB:9E:14:44:D2:B0:0F:E5:06:75:CE:47
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 38D9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lDWecvuXjwrLnhRE0rAP5QZ1zkc.roa
Signing time: Thu 04 Apr 2024 09:22:20 +0000
ROA not before: Thu 04 Apr 2024 09:22:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14553 (0x38d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 09:22:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=94359E72FB978F0ACB9E1444D2B00FE50675CE47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0c:b3:21:93:aa:e7:55:11:b1:0f:b5:f0:a3:
08:6e:42:ce:70:f1:fe:5b:31:9d:46:e4:4c:d8:48:
4e:f0:16:cd:cc:bd:fa:c3:b1:ca:84:53:94:dd:fb:
06:d3:d1:0d:b6:e0:2f:77:be:30:1e:d5:75:0a:b1:
bb:4e:00:8a:8c:8d:02:2f:bd:0f:fc:3a:53:cd:13:
e4:de:13:d5:57:3b:32:b0:34:36:4b:60:ac:e8:60:
f0:5b:31:e8:c7:76:50:c2:f2:36:3f:fa:f3:ff:9b:
9c:39:5e:5d:ff:ba:3c:ad:40:37:aa:3d:98:59:6b:
14:ac:0b:b7:2d:07:83:7a:0d:4d:50:a1:a0:5e:20:
c0:35:c3:bf:c4:fa:ec:74:5f:ed:64:c1:90:4f:75:
ad:c0:bb:d6:eb:b9:4e:af:90:78:02:09:55:41:4f:
f9:ba:11:27:75:ab:20:92:3c:bb:a5:1f:70:3f:a7:
a9:cb:94:a6:8f:85:13:3a:ea:cb:47:21:3b:7a:e1:
f3:11:00:e1:91:db:00:da:0a:34:65:00:74:27:2e:
8b:f0:ef:f8:d9:e8:e9:05:88:72:34:37:6e:4f:05:
3a:73:c1:4f:d7:90:08:d6:da:39:8e:54:c7:e7:ce:
77:97:cc:fc:35:9e:bb:56:02:5f:db:84:ad:df:4d:
0e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:35:9E:72:FB:97:8F:0A:CB:9E:14:44:D2:B0:0F:E5:06:75:CE:47
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lDWecvuXjwrLnhRE0rAP5QZ1zkc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b2:09:0c:97:ed:d3:e8:07:ef:ae:cb:fc:c0:04:6d:4e:bd:80:
ca:9b:52:19:ba:a7:1b:50:11:c1:c1:53:90:54:51:db:ac:8f:
8c:26:01:c1:a0:1f:00:41:bb:f6:71:a0:33:30:c1:67:3b:55:
40:6c:bd:21:19:6e:fb:27:c5:50:58:ee:7f:a4:a9:d6:a6:1d:
3d:a4:58:cb:5c:5b:10:1d:e5:50:c2:0e:07:87:d8:1a:b5:9e:
89:18:e3:1a:50:a6:af:81:c7:f2:2a:92:3d:74:64:18:7f:a3:
5e:29:8a:94:80:0d:80:9a:39:6c:29:3a:8a:b0:7d:a3:7a:39:
31:4b:cf:67:66:3d:03:7b:97:7e:a0:65:98:4a:19:e1:f4:bb:
bc:dd:39:95:ac:dc:84:24:1a:5b:d7:e8:88:6e:48:9c:2f:6e:
ff:86:74:0a:00:80:51:a2:b5:61:57:f2:c5:01:63:88:e7:d4:
61:00:01:c3:a2:df:58:f6:e6:4b:c3:f6:7f:ad:3f:01:35:5c:
49:81:2b:f3:ab:1d:c0:fd:45:32:5f:59:96:76:c9:91:59:a3:
dc:8c:88:b7:ba:fc:bd:0a:7f:ae:75:f0:fb:f1:c4:c0:d5:ff:
aa:e7:a4:03:d1:90:4d:0b:55:7e:40:5c:e7:2c:b5:fc:be:5e:
9f:36:68:9a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICONkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQw
OTIyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk0MzU5RTcyRkI5NzhG
MEFDQjlFMTQ0NEQyQjAwRkU1MDY3NUNFNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7DLMhk6rnVRGxD7XwowhuQs5w8f5bMZ1G5EzYSE7wFs3MvfrD
scqEU5Td+wbT0Q224C93vjAe1XUKsbtOAIqMjQIvvQ/8OlPNE+TeE9VXOzKwNDZL
YKzoYPBbMejHdlDC8jY/+vP/m5w5Xl3/ujytQDeqPZhZaxSsC7ctB4N6DU1QoaBe
IMA1w7/E+ux0X+1kwZBPda3Au9bruU6vkHgCCVVBT/m6ESd1qyCSPLulH3A/p6nL
lKaPhRM66stHITt64fMRAOGR2wDaCjRlAHQnLovw7/jZ6OkFiHI0N25PBTpzwU/X
kAjW2jmOVMfnzneXzPw1nrtWAl/bhK3fTQ43AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUlDWecvuXjwrLnhRE0rAP5QZ1zkcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xEV2VjdnVYandyTG5o
UkUwckFQNVFaMXprYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALIJDJft0+gH767L
/MAEbU69gMqbUhm6pxtQEcHBU5BUUdusj4wmAcGgHwBBu/ZxoDMwwWc7VUBsvSEZ
bvsnxVBY7n+kqdamHT2kWMtcWxAd5VDCDgeH2Bq1nokY4xpQpq+Bx/Iqkj10ZBh/
o14pipSADYCaOWwpOoqwfaN6OTFLz2dmPQN7l36gZZhKGeH0u7zdOZWs3IQkGlvX
6IhuSJwvbv+GdAoAgFGitWFX8sUBY4jn1GEAAcOi31j25kvD9n+tPwE1XEmBK/Or
HcD9RTJfWZZ2yZFZo9yMiLe6/L0Kf6518PvxxMDV/6rnpAPRkE0LVX5AXOcstfy+
Xp82aJo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:44 2024 by rpki-client on console-fra.rpki-client.org