Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/oBJCispK5GEVnePAVJ9qt0Lo6JQ.roa
File: oBJCispK5GEVnePAVJ9qt0Lo6JQ.roa (raw, json)
Hash identifier: 6jZgkA5iWAoBI89m9xeIkc0Oy2IteNQYhjo5scYF1V4=
Subject key identifier: A0:12:42:8A:CA:4A:E4:61:15:9D:E3:C0:54:9F:6A:B7:42:E8:E8:94
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47CD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oBJCispK5GEVnePAVJ9qt0Lo6JQ.roa
Signing time: Wed 24 Apr 2024 07:53:11 +0000
ROA not before: Wed 24 Apr 2024 07:53:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18381 (0x47cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 07:53:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A012428ACA4AE461159DE3C0549F6AB742E8E894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:db:42:9b:aa:85:f9:f7:c6:3a:97:ae:b9:77:
2a:53:fc:a0:93:1c:65:2e:9a:f2:2b:9f:3b:73:8f:
bf:c5:c4:9d:62:d1:3f:af:65:ed:cc:db:a0:a4:3a:
b1:5a:3d:07:07:34:f5:24:d5:29:a4:9e:78:64:30:
cb:3e:d1:34:be:d9:99:67:42:9f:80:62:b7:1a:1c:
5c:63:76:da:4a:32:d1:f8:14:6f:bf:b4:a8:75:51:
2a:f6:9c:b2:69:4a:6c:bc:ed:cc:4e:ec:43:9a:a7:
0f:7d:52:93:d1:96:60:cc:85:b3:54:af:a6:02:0d:
c0:5d:68:9c:68:c6:a0:c8:fa:58:26:b3:25:84:40:
6d:77:33:1e:6e:f2:b4:6d:6f:d0:ec:99:bc:c5:80:
3c:6f:f9:4b:f0:ea:03:2b:69:c3:fb:ab:49:82:33:
17:0a:87:a2:84:c7:68:03:6e:a2:36:46:27:35:fb:
68:3a:4b:1d:cc:15:76:8c:39:02:46:1f:fc:7c:2d:
c9:0d:1c:c3:7a:9c:d8:a3:61:7e:79:97:c2:c5:db:
45:c0:48:db:27:e2:0c:47:19:a3:ee:b5:ab:5e:59:
24:7b:41:a0:e6:79:08:9b:72:6e:15:04:44:8b:4b:
1c:ff:93:8a:16:41:48:57:20:8a:c3:c2:2f:73:19:
e1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:12:42:8A:CA:4A:E4:61:15:9D:E3:C0:54:9F:6A:B7:42:E8:E8:94
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oBJCispK5GEVnePAVJ9qt0Lo6JQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
45:16:9d:73:fc:bf:ab:08:c0:4a:e0:cc:d0:37:21:df:a7:e6:
3d:ea:52:51:8a:78:ed:42:aa:25:e4:d6:13:29:4f:52:ba:3e:
0d:75:fe:c5:bb:7b:f0:35:32:19:f5:b8:e1:bd:a8:75:34:f1:
85:c8:e8:f3:3b:06:d3:3b:79:6a:ab:4d:0c:19:81:01:6b:97:
4f:6b:4d:28:c6:a5:eb:13:50:32:fb:e8:c1:59:17:2c:67:db:
82:60:a6:20:f9:86:ca:82:53:18:55:9e:14:32:11:ab:16:53:
89:30:ea:86:c3:4e:82:3b:42:7b:65:62:e8:19:f0:01:0b:21:
4d:d4:61:d7:cf:b2:83:89:59:00:77:c5:81:b0:71:f0:12:d2:
21:4a:f4:d1:b8:a4:71:58:2d:b3:df:03:d0:77:24:37:6f:28:
3c:53:2c:4b:5e:32:65:6c:d9:dd:11:a8:36:58:23:93:d1:6e:
f8:a0:f3:fc:cc:e0:cf:81:7f:9b:4d:35:09:5a:c8:e9:ff:4f:
c6:14:e8:b6:6e:07:d7:f1:a8:f4:b8:13:19:da:4e:31:9b:06:
c8:57:62:83:3d:26:ee:5e:1c:bd:16:4a:b3:35:31:22:46:82:
d1:0c:86:02:c7:85:12:d6:72:1e:ad:ac:b8:f1:02:40:26:e1:
4b:a8:b8:f3
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICR80wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
NzUzMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEwMTI0MjhBQ0E0QUU0
NjExNTlERTNDMDU0OUY2QUI3NDJFOEU4OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC020KbqoX598Y6l665dypT/KCTHGUumvIrnztzj7/FxJ1i0T+v
Ze3M26CkOrFaPQcHNPUk1SmknnhkMMs+0TS+2ZlnQp+AYrcaHFxjdtpKMtH4FG+/
tKh1USr2nLJpSmy87cxO7EOapw99UpPRlmDMhbNUr6YCDcBdaJxoxqDI+lgmsyWE
QG13Mx5u8rRtb9DsmbzFgDxv+Uvw6gMracP7q0mCMxcKh6KEx2gDbqI2Ric1+2g6
Sx3MFXaMOQJGH/x8LckNHMN6nNijYX55l8LF20XASNsn4gxHGaPutateWSR7QaDm
eQibcm4VBESLSxz/k4oWQUhXIIrDwi9zGeGNAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUoBJCispK5GEVnePAVJ9qt0Lo6JQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29CSkNpc3BLNUdFVm5l
UEFWSjlxdDBMbzZKUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEUWnXP8v6sIwErg
zNA3Id+n5j3qUlGKeO1CqiXk1hMpT1K6Pg11/sW7e/A1Mhn1uOG9qHU08YXI6PM7
BtM7eWqrTQwZgQFrl09rTSjGpesTUDL76MFZFyxn24JgpiD5hsqCUxhVnhQyEasW
U4kw6obDToI7QntlYugZ8AELIU3UYdfPsoOJWQB3xYGwcfAS0iFK9NG4pHFYLbPf
A9B3JDdvKDxTLEteMmVs2d0RqDZYI5PRbvig8/zM4M+Bf5tNNQlayOn/T8YU6LZu
B9fxqPS4ExnaTjGbBshXYoM9Ju5eHL0WSrM1MSJGgtEMhgLHhRLWch6trLjxAkAm
4UuouPM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:46 2024 by rpki-client on console-fra.rpki-client.org