Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qgQNSUpZep42XRdNevoUKcZXHnk.roa
File: qgQNSUpZep42XRdNevoUKcZXHnk.roa (raw, json)
Hash identifier: /I0shH9Awy25alXVmXWpkxGqgEOWcZuX+2vRqPnBQBk=
Subject key identifier: AA:04:0D:49:4A:59:7A:9E:36:5D:17:4D:7A:FA:14:29:C6:57:1E:79
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F29
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qgQNSUpZep42XRdNevoUKcZXHnk.roa
Signing time: Fri 12 Apr 2024 19:22:49 +0000
ROA not before: Fri 12 Apr 2024 19:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16169 (0x3f29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 19:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AA040D494A597A9E365D174D7AFA1429C6571E79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:22:d1:61:40:b8:17:ad:02:1f:f2:3f:4c:54:
19:46:74:44:76:3c:14:3b:30:d6:b8:72:ac:e1:0a:
06:25:28:ca:63:62:31:b1:76:c3:07:b8:a3:27:b4:
ee:a2:69:4c:d6:5f:db:9e:a6:02:00:38:1d:22:51:
f7:f8:e3:02:40:6d:1e:9b:77:4a:99:d1:b6:33:9d:
c4:c9:6c:93:0d:1c:9d:6b:86:c4:1b:b8:3f:1a:bd:
8e:6a:4f:d7:9e:8a:bd:33:fd:d1:b6:73:ff:aa:b6:
d1:61:85:b1:76:ac:32:4f:53:b5:65:41:d4:0d:12:
bd:41:07:ad:97:49:82:13:f8:0c:58:80:b1:56:d6:
30:6a:fa:82:78:91:9b:cb:27:00:85:f4:3b:a0:6e:
56:7d:9e:30:8a:68:8b:29:5e:02:83:e1:81:36:72:
95:0f:77:6f:6d:9f:6d:62:5b:1d:e1:9c:61:af:48:
43:5f:f7:9d:8b:fc:8f:67:19:08:82:75:49:c5:08:
61:d6:ad:e3:6f:60:19:6d:ec:ce:48:87:58:fa:23:
49:bd:36:c6:c1:e9:4c:3d:d0:d7:8b:50:23:91:f3:
de:01:c2:6a:7b:f1:1c:ed:5f:19:de:a0:bf:a7:15:
58:e4:7b:c4:a5:06:6a:45:9e:48:ec:24:d0:d4:cd:
b5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:04:0D:49:4A:59:7A:9E:36:5D:17:4D:7A:FA:14:29:C6:57:1E:79
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qgQNSUpZep42XRdNevoUKcZXHnk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
16:2d:94:06:8e:13:ff:15:20:5d:48:5e:4f:fa:51:c8:40:23:
c0:10:29:48:90:7a:12:da:fe:6a:1e:dd:47:14:ec:00:1f:fc:
a9:88:31:9e:0f:6a:94:39:2e:3e:aa:81:9c:57:81:ae:65:4c:
e5:48:85:bc:29:37:79:2a:a5:91:2c:3a:1a:be:53:6a:74:4d:
51:b5:5d:fd:77:a2:58:73:55:88:c3:54:89:27:a4:7c:e6:59:
5e:14:a9:76:e9:34:23:18:07:15:b2:3d:2a:d8:93:c3:01:5f:
e2:66:0b:50:a7:67:1b:b4:02:31:a6:9e:a4:1f:f3:f8:fb:73:
66:de:9b:2f:e7:c8:77:72:04:98:4b:3d:3b:06:2e:63:e1:56:
ad:12:be:67:5f:75:d7:63:80:b5:0d:96:92:41:7c:74:a0:f2:
8e:7a:be:e6:8a:8b:ef:0d:46:1a:88:99:ac:ca:27:15:99:3f:
be:57:bc:c9:44:4c:a4:9c:f3:7f:09:33:47:0a:36:32:1c:9c:
80:5c:0d:34:35:8f:25:4c:09:09:af:59:ee:17:ac:e6:e3:6a:
ee:8b:d2:4c:e8:06:74:e8:15:b2:93:6e:0c:ea:03:25:e8:65:
de:db:1a:44:dc:9c:d3:40:65:92:0b:f1:ca:e0:07:4c:e5:61:
5a:c6:c6:b6
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPykwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIx
OTIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFBMDQwRDQ5NEE1OTdB
OUUzNjVEMTc0RDdBRkExNDI5QzY1NzFFNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrItFhQLgXrQIf8j9MVBlGdER2PBQ7MNa4cqzhCgYlKMpjYjGx
dsMHuKMntO6iaUzWX9uepgIAOB0iUff44wJAbR6bd0qZ0bYzncTJbJMNHJ1rhsQb
uD8avY5qT9eeir0z/dG2c/+qttFhhbF2rDJPU7VlQdQNEr1BB62XSYIT+AxYgLFW
1jBq+oJ4kZvLJwCF9DugblZ9njCKaIspXgKD4YE2cpUPd29tn21iWx3hnGGvSENf
952L/I9nGQiCdUnFCGHWreNvYBlt7M5Ih1j6I0m9NsbB6Uw90NeLUCOR894Bwmp7
8RztXxneoL+nFVjke8SlBmpFnkjsJNDUzbXvAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUqgQNSUpZep42XRdNevoUKcZXHnkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3FnUU5TVXBaZXA0MlhS
ZE5ldm9VS2NaWEhuay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABYtlAaOE/8VIF1I
Xk/6UchAI8AQKUiQehLa/moe3UcU7AAf/KmIMZ4PapQ5Lj6qgZxXga5lTOVIhbwp
N3kqpZEsOhq+U2p0TVG1Xf13olhzVYjDVIknpHzmWV4UqXbpNCMYBxWyPSrYk8MB
X+JmC1CnZxu0AjGmnqQf8/j7c2bemy/nyHdyBJhLPTsGLmPhVq0SvmdfdddjgLUN
lpJBfHSg8o56vuaKi+8NRhqImazKJxWZP75XvMlETKSc838JM0cKNjIcnIBcDTQ1
jyVMCQmvWe4XrObjau6L0kzoBnToFbKTbgzqAyXoZd7bGkTcnNNAZZIL8crgB0zl
YVrGxrY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:48 2024 by rpki-client on console-fra.rpki-client.org