Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/poqFkccPJi3xMb4C2Fp1SrPrH2s.roa
File: poqFkccPJi3xMb4C2Fp1SrPrH2s.roa (raw, json)
Hash identifier: 4Q2BDY77BU9MQJx2FUN74HtQpD4RSdW6Eg531/yXObE=
Subject key identifier: A6:8A:85:91:C7:0F:26:2D:F1:31:BE:02:D8:5A:75:4A:B3:EB:1F:6B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3505
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/poqFkccPJi3xMb4C2Fp1SrPrH2s.roa
Signing time: Sat 30 Mar 2024 06:52:36 +0000
ROA not before: Sat 30 Mar 2024 06:52:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13573 (0x3505)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 06:52:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A68A8591C70F262DF131BE02D85A754AB3EB1F6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:71:a8:1d:8f:30:90:b0:99:93:4a:f0:72:f7:
b0:ea:dc:47:e8:66:b0:6c:81:ef:de:23:7a:36:d3:
91:72:a4:8f:df:c3:ed:e3:b6:4f:c6:31:20:69:02:
9b:f1:ab:fe:5c:f4:87:24:7e:df:35:55:50:27:55:
48:d7:d1:b5:9e:7b:4c:cb:1d:1a:87:cb:3d:45:2d:
17:79:2e:85:c3:e8:e5:ca:0a:25:24:81:32:4e:15:
2d:45:8f:17:31:59:c3:2a:dd:56:e8:c4:15:e8:d3:
ae:ab:c7:82:1c:2a:b9:94:0b:62:e6:b4:20:61:d5:
66:20:5e:e6:b5:06:db:b1:f1:15:d1:94:8c:19:e1:
30:9d:74:b5:89:66:0e:0f:67:2a:e9:8a:01:fe:fb:
72:c2:fe:c3:f4:80:ca:92:69:bd:61:11:1a:5f:26:
7f:de:bd:fd:c3:08:59:7e:68:d2:72:7d:a5:e9:5a:
06:dc:71:22:08:93:d4:ae:f5:c9:45:b9:de:4c:13:
56:1f:a3:a7:79:6a:41:f4:2b:c9:1a:16:f6:1e:26:
f7:8e:b1:74:ac:58:54:e9:56:f3:73:b4:e8:1b:e8:
4d:71:4f:70:1a:e9:32:bf:b1:35:5d:fa:80:7b:b4:
54:84:44:c4:f6:f3:5b:79:c2:b7:66:b1:08:23:25:
02:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8A:85:91:C7:0F:26:2D:F1:31:BE:02:D8:5A:75:4A:B3:EB:1F:6B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/poqFkccPJi3xMb4C2Fp1SrPrH2s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a8:60:cc:01:16:a4:2c:02:ca:6e:34:49:a4:b1:bb:6f:ca:dc:
0f:ab:5f:3b:de:6b:2a:40:5d:f8:a6:ac:81:93:59:86:41:cc:
f0:e1:5a:25:cf:ce:30:5c:ad:e1:42:02:ec:e6:8b:35:8d:92:
c8:f6:04:10:62:9c:4e:97:7b:45:17:2f:a1:f3:65:81:21:e6:
22:2b:a1:2b:ab:ba:e9:a7:c5:a2:10:20:43:21:94:8e:09:ba:
10:f0:7f:e4:03:6f:78:ee:cf:c0:af:c0:16:0f:28:da:d2:29:
3d:3e:79:34:e0:8b:af:66:aa:03:e0:bd:29:86:72:4f:36:c6:
bb:10:ea:54:a7:52:70:49:46:3f:99:91:cf:12:dd:93:c6:eb:
8b:a9:fd:58:bb:1b:80:41:eb:ec:aa:ad:fe:d4:63:e7:69:ae:
77:bb:59:d6:76:d0:30:d2:f7:5e:75:ff:4c:7a:e2:78:b7:ce:
98:69:9f:50:2b:de:34:8a:a4:33:81:14:21:72:8d:5f:af:16:
67:95:20:fe:47:59:e3:b1:c6:55:f8:a2:e5:58:05:22:cd:28:
ad:cf:83:1f:80:5f:ea:36:d9:10:ef:7d:fb:11:f3:f4:3b:c7:
17:ca:49:d8:9f:8b:6c:08:6a:2e:2c:dd:f5:c2:66:f2:e5:b9:
4e:ed:38:31
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
NjUyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE2OEE4NTkxQzcwRjI2
MkRGMTMxQkUwMkQ4NUE3NTRBQjNFQjFGNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKcagdjzCQsJmTSvBy97Dq3EfoZrBsge/eI3o205FypI/fw+3j
tk/GMSBpApvxq/5c9Ickft81VVAnVUjX0bWee0zLHRqHyz1FLRd5LoXD6OXKCiUk
gTJOFS1FjxcxWcMq3VboxBXo066rx4IcKrmUC2LmtCBh1WYgXua1Btux8RXRlIwZ
4TCddLWJZg4PZyrpigH++3LC/sP0gMqSab1hERpfJn/evf3DCFl+aNJyfaXpWgbc
cSIIk9Su9clFud5ME1Yfo6d5akH0K8kaFvYeJveOsXSsWFTpVvNztOgb6E1xT3Aa
6TK/sTVd+oB7tFSERMT281t5wrdmsQgjJQKbAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUpoqFkccPJi3xMb4C2Fp1SrPrH2swHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BvcUZrY2NQSmkzeE1i
NEMyRnAxU3JQckgycy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKhgzAEWpCwCym40
SaSxu2/K3A+rXzveaypAXfimrIGTWYZBzPDhWiXPzjBcreFCAuzmizWNksj2BBBi
nE6Xe0UXL6HzZYEh5iIroSuruumnxaIQIEMhlI4JuhDwf+QDb3juz8CvwBYPKNrS
KT0+eTTgi69mqgPgvSmGck82xrsQ6lSnUnBJRj+Zkc8S3ZPG64up/Vi7G4BB6+yq
rf7UY+dprne7WdZ20DDS9151/0x64ni3zphpn1Ar3jSKpDOBFCFyjV+vFmeVIP5H
WeOxxlX4ouVYBSLNKK3Pgx+AX+o22RDvffsR8/Q7xxfKSdifi2wIai4s3fXCZvLl
uU7tODE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:48 2024 by rpki-client on console-fra.rpki-client.org