Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ngEzlRrhHHo7170OiJD_qqKKi0U.roa
File: ngEzlRrhHHo7170OiJD_qqKKi0U.roa (raw, json)
Hash identifier: x4WbsV2zr32/e+umUKw2XuW3VfSBeD777r7s3htb4o4=
Subject key identifier: 9E:01:33:95:1A:E1:1C:7A:3B:D7:BD:0E:88:90:FF:AA:A2:8A:8B:45
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33E5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ngEzlRrhHHo7170OiJD_qqKKi0U.roa
Signing time: Thu 28 Mar 2024 18:52:02 +0000
ROA not before: Thu 28 Mar 2024 18:52:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13285 (0x33e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 18:52:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9E0133951AE11C7A3BD7BD0E8890FFAAA28A8B45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5d:ce:34:3d:96:4c:7f:6d:b3:d0:71:78:07:
c3:14:ee:ea:3a:62:18:47:19:de:64:c9:87:9a:12:
f8:bf:70:a5:af:f5:9a:83:28:01:6a:17:ea:30:67:
ab:6a:57:d4:d1:56:7a:ae:ae:5f:b9:77:66:ed:77:
0e:41:be:1c:83:c8:06:18:f9:a7:96:b0:61:31:bf:
af:6b:3e:c8:67:f3:b0:e5:e2:a5:41:24:d6:1e:48:
c8:07:b9:fc:5f:85:04:b3:be:4e:84:56:39:b7:de:
3f:de:38:69:30:dc:46:f8:e9:df:6d:f8:00:db:59:
71:22:f1:0c:1b:46:f9:c0:fc:7d:76:91:ba:2c:11:
3d:91:6b:e3:73:a8:db:e3:a3:c5:08:31:4c:f3:12:
67:cd:ee:e6:55:8d:80:2c:b0:87:0d:a3:68:f3:38:
44:75:ad:b9:b0:9f:db:09:d3:b1:ef:03:e7:4c:9e:
97:ab:9a:01:35:6a:72:03:93:77:5d:9d:d0:85:ff:
2d:43:02:51:1d:67:2e:b9:49:9b:81:ae:12:a4:29:
06:ca:a7:8a:e9:54:16:f3:3a:2a:3b:42:52:16:93:
68:93:33:87:52:31:5f:10:66:20:d2:d9:e4:85:16:
99:31:bb:90:b3:6e:17:aa:d5:f5:db:7f:8f:f5:f7:
9d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:01:33:95:1A:E1:1C:7A:3B:D7:BD:0E:88:90:FF:AA:A2:8A:8B:45
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ngEzlRrhHHo7170OiJD_qqKKi0U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
03:fd:86:81:51:2a:c7:d0:af:64:22:55:3b:7e:de:c1:0a:15:
70:64:8b:4b:5b:ba:40:cc:e3:9b:d8:1a:26:2a:45:96:4b:93:
f6:0d:bb:8f:ae:63:d0:54:9c:30:ea:d7:ca:33:6b:95:3f:26:
79:da:a4:d9:cf:9e:88:32:28:44:94:64:54:46:3a:0d:82:f6:
c1:77:7c:07:b2:eb:c6:e7:fc:75:f1:e4:ea:35:28:fb:23:1f:
bf:7e:35:e8:76:9b:03:56:f7:ef:8d:99:e9:19:15:cb:89:28:
d0:03:86:d0:26:3f:46:f9:ae:dc:fa:55:f5:d8:68:fa:e8:75:
5d:af:f3:b8:db:4b:0d:5e:8c:4b:cc:3e:5e:0f:0d:07:73:24:
5d:99:41:b5:0b:d8:ce:8b:3b:bc:7b:ff:8a:cd:07:73:57:bf:
2b:09:05:9e:eb:c0:67:6d:8b:0d:6b:cf:cf:78:d3:e7:ef:99:
8a:bd:24:aa:e4:45:7f:33:cc:41:5c:58:c5:f1:a6:75:3a:74:
b8:01:d3:5b:05:01:3a:e6:ee:0d:0d:4b:ef:f8:d0:c2:89:49:
d4:43:1d:19:99:98:1c:af:f8:5c:cb:b6:66:16:e6:c9:b8:ec:
9b:40:63:af:ab:0c:36:ae:fc:dc:81:4c:79:53:c5:39:f8:25:
db:a0:19:97
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICM+UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgx
ODUyMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlFMDEzMzk1MUFFMTFD
N0EzQkQ3QkQwRTg4OTBGRkFBQTI4QThCNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKXc40PZZMf22z0HF4B8MU7uo6YhhHGd5kyYeaEvi/cKWv9ZqD
KAFqF+owZ6tqV9TRVnqurl+5d2btdw5BvhyDyAYY+aeWsGExv69rPshn87Dl4qVB
JNYeSMgHufxfhQSzvk6EVjm33j/eOGkw3Eb46d9t+ADbWXEi8QwbRvnA/H12kbos
ET2Ra+NzqNvjo8UIMUzzEmfN7uZVjYAssIcNo2jzOER1rbmwn9sJ07HvA+dMnper
mgE1anIDk3ddndCF/y1DAlEdZy65SZuBrhKkKQbKp4rpVBbzOio7QlIWk2iTM4dS
MV8QZiDS2eSFFpkxu5Czbheq1fXbf4/1953hAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUngEzlRrhHHo7170OiJD/qqKKi0UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25nRXpsUnJoSEhvNzE3
ME9pSkRfcXFLS2kwVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAP9hoFRKsfQr2Qi
VTt+3sEKFXBki0tbukDM45vYGiYqRZZLk/YNu4+uY9BUnDDq18oza5U/JnnapNnP
nogyKESUZFRGOg2C9sF3fAey68bn/HXx5Oo1KPsjH79+Neh2mwNW9++NmekZFcuJ
KNADhtAmP0b5rtz6VfXYaProdV2v87jbSw1ejEvMPl4PDQdzJF2ZQbUL2M6LO7x7
/4rNB3NXvysJBZ7rwGdtiw1rz8940+fvmYq9JKrkRX8zzEFcWMXxpnU6dLgB01sF
ATrm7g0NS+/40MKJSdRDHRmZmByv+FzLtmYW5sm47JtAY6+rDDau/NyBTHlTxTn4
JdugGZc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:46 2024 by rpki-client on console-fra.rpki-client.org