Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/n_bI_77e1YxKmiTc_1zyXh8Q190.roa
File: n_bI_77e1YxKmiTc_1zyXh8Q190.roa (raw, json)
Hash identifier: RQLPCL7lOjfGStU9Zz3To88YjNrt8WMjYmd+ZKQHfvU=
Subject key identifier: 9F:F6:C8:FF:BE:DE:D5:8C:4A:9A:24:DC:FF:5C:F2:5E:1F:10:D7:DD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3889
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/n_bI_77e1YxKmiTc_1zyXh8Q190.roa
Signing time: Wed 03 Apr 2024 23:22:19 +0000
ROA not before: Wed 03 Apr 2024 23:22:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14473 (0x3889)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 23:22:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9FF6C8FFBEDED58C4A9A24DCFF5CF25E1F10D7DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:96:1e:17:7f:37:0a:29:11:a0:38:ec:f0:c5:
88:da:cc:92:f0:86:3e:50:fe:33:d6:9b:b5:f8:e8:
11:16:3f:14:3c:67:45:23:1d:e2:ad:2b:35:48:1a:
02:eb:64:7b:02:c1:fd:a3:34:b0:09:be:5b:a8:f3:
3e:a5:ea:9c:4f:83:b1:7a:09:b3:7e:56:b1:c0:54:
52:72:da:a0:0a:73:a6:fd:4a:84:41:66:d3:1d:d5:
f4:a8:33:9e:f7:fe:2f:f4:6c:86:81:b9:f8:0e:fd:
d0:b5:8f:2d:58:32:3f:22:e0:11:df:b2:e3:35:64:
7d:50:00:2e:46:e4:87:3e:6f:13:dc:2a:2a:df:f5:
cd:46:1e:90:7c:a9:3a:c0:a3:99:de:65:c8:1e:3d:
c4:70:de:e3:32:bc:18:27:65:4d:95:80:7a:58:da:
b1:06:ef:10:3c:bd:47:d4:fd:fd:e0:a0:a1:ba:0a:
12:e1:87:46:91:03:d0:a8:29:00:ea:72:62:cf:19:
2f:c3:5f:43:73:19:25:f6:97:3c:62:a5:17:9e:07:
4f:39:71:47:5e:46:3b:1e:b7:42:88:c2:b7:f6:31:
ab:37:1d:78:4e:a8:c2:f0:a4:d9:70:0f:6a:72:6f:
c6:f1:1a:a9:6a:6a:28:0f:26:eb:54:5e:ca:78:5a:
29:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F6:C8:FF:BE:DE:D5:8C:4A:9A:24:DC:FF:5C:F2:5E:1F:10:D7:DD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/n_bI_77e1YxKmiTc_1zyXh8Q190.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
74:41:00:44:d0:05:4e:fb:d2:85:a6:6c:b4:2b:4b:98:68:3b:
f0:52:6e:02:b0:df:23:db:9c:59:84:53:4e:5e:83:7b:66:90:
15:06:74:2d:7c:81:51:d8:5c:18:3c:f2:bd:1f:43:58:e6:92:
97:b7:01:5d:74:35:e4:0e:e2:48:54:bc:60:6f:3b:44:18:98:
a6:2d:6a:5f:b5:b3:22:71:00:11:28:27:3d:b9:c2:bc:f8:dc:
be:44:21:f6:06:5b:e7:1a:52:7d:81:e0:62:e6:ae:5d:45:36:
fa:97:27:32:10:44:aa:61:bf:5f:49:54:74:3f:e4:04:48:7c:
5c:6f:b1:e6:6a:5c:c0:ba:23:45:85:88:41:a9:ee:79:e5:a7:
d0:64:6b:c4:b2:84:a4:8d:e0:db:4e:01:e3:4d:62:e5:11:b2:
d3:49:dd:bc:fb:74:0e:51:84:fb:40:8d:84:29:1d:4b:03:67:
01:a4:92:e4:b2:04:f7:00:57:44:7b:f2:d5:29:5e:12:44:56:
01:8d:d4:6a:fb:28:69:8f:89:ee:c3:26:6a:11:e9:9c:f3:d9:
bf:df:51:0d:99:9d:74:e3:c0:fe:e4:13:22:09:cc:f4:55:1b:
01:d2:26:35:72:3a:42:96:83:09:86:e6:86:ea:42:12:42:42:
64:00:ad:61
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOIkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMy
MzIyMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlGRjZDOEZGQkVERUQ1
OEM0QTlBMjREQ0ZGNUNGMjVFMUYxMEQ3REQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHlh4XfzcKKRGgOOzwxYjazJLwhj5Q/jPWm7X46BEWPxQ8Z0Uj
HeKtKzVIGgLrZHsCwf2jNLAJvluo8z6l6pxPg7F6CbN+VrHAVFJy2qAKc6b9SoRB
ZtMd1fSoM573/i/0bIaBufgO/dC1jy1YMj8i4BHfsuM1ZH1QAC5G5Ic+bxPcKirf
9c1GHpB8qTrAo5neZcgePcRw3uMyvBgnZU2VgHpY2rEG7xA8vUfU/f3goKG6ChLh
h0aRA9CoKQDqcmLPGS/DX0NzGSX2lzxipReeB085cUdeRjset0KIwrf2Mas3HXhO
qMLwpNlwD2pyb8bxGqlqaigPJutUXsp4Wil1AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUn/bI/77e1YxKmiTc/1zyXh8Q190wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25fYklfNzdlMVl4S21p
VGNfMXp5WGg4UTE5MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHRBAETQBU770oWm
bLQrS5hoO/BSbgKw3yPbnFmEU05eg3tmkBUGdC18gVHYXBg88r0fQ1jmkpe3AV10
NeQO4khUvGBvO0QYmKYtal+1syJxABEoJz25wrz43L5EIfYGW+caUn2B4GLmrl1F
NvqXJzIQRKphv19JVHQ/5ARIfFxvseZqXMC6I0WFiEGp7nnlp9Bka8SyhKSN4NtO
AeNNYuURstNJ3bz7dA5RhPtAjYQpHUsDZwGkkuSyBPcAV0R78tUpXhJEVgGN1Gr7
KGmPie7DJmoR6Zzz2b/fUQ2ZnXTjwP7kEyIJzPRVGwHSJjVyOkKWgwmG5obqQhJC
QmQArWE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:09 2024 by rpki-client on console-ams.rpki-client.org