Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qzQUMjL-QIG6gSV4KE586rronN8.roa
File: qzQUMjL-QIG6gSV4KE586rronN8.roa (raw, json)
Hash identifier: CXZFfJdYpdBDRgqhn8A6s//0rhIE6ZcDhXDYOw04bU0=
Subject key identifier: AB:34:14:32:32:FE:40:81:BA:81:25:78:28:4E:7C:EA:BA:E8:9C:DF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41A5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qzQUMjL-QIG6gSV4KE586rronN8.roa
Signing time: Tue 16 Apr 2024 02:52:54 +0000
ROA not before: Tue 16 Apr 2024 02:52:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16805 (0x41a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 02:52:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AB34143232FE4081BA812578284E7CEABAE89CDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4d:bd:a4:aa:12:6a:a5:c6:f5:a0:82:67:74:
2e:3f:23:87:7e:26:10:34:ad:24:70:68:ef:62:e3:
d0:df:1b:34:25:b9:67:d9:f9:89:3b:b8:43:3b:71:
32:3f:4b:02:6a:a8:69:ed:b4:a7:6a:56:5c:97:8e:
0e:2a:4b:e8:b0:1a:6b:dd:43:29:ae:f8:46:38:41:
66:92:b4:bb:00:b3:a5:20:f5:2f:20:08:f7:58:17:
61:12:34:51:1e:06:6c:96:6f:1b:25:37:4f:6b:91:
6e:cc:39:28:62:be:0a:87:7f:a8:3d:3c:ba:72:79:
18:0c:71:fa:64:32:5b:35:ee:2e:0a:b5:94:64:3b:
44:97:66:2e:bb:83:2b:fe:88:eb:09:bf:c0:07:76:
22:cb:f4:18:ad:04:76:a5:a5:37:7c:77:9c:5f:cf:
5d:bc:26:bd:03:bf:ef:23:a1:5e:cb:85:ef:9e:f7:
fb:12:22:98:7e:1e:bd:63:4d:da:1d:64:96:80:cf:
62:cd:78:96:7b:ab:91:53:50:45:0e:95:73:a0:ad:
fb:1a:35:88:1d:53:60:7e:f9:ef:ec:ff:97:08:34:
03:1d:d1:a1:44:fb:5a:61:34:f1:eb:64:3f:cf:d2:
cf:08:e1:36:a5:db:c3:24:f5:57:67:5f:77:1f:dd:
6b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:34:14:32:32:FE:40:81:BA:81:25:78:28:4E:7C:EA:BA:E8:9C:DF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qzQUMjL-QIG6gSV4KE586rronN8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3a:50:ca:e7:8d:c9:45:d5:52:5d:2d:90:b7:c8:07:a2:f2:e1:
72:c3:66:ba:8d:85:38:42:64:d2:b0:fd:77:44:b3:17:00:a6:
b3:30:d1:6f:65:d4:28:9e:8a:34:7a:02:44:80:4a:24:75:34:
76:09:a2:49:8f:42:69:3f:cf:6c:c6:be:f7:98:cb:e8:41:92:
44:bf:15:8b:08:4f:60:f4:0d:fe:b0:16:b1:88:b5:61:fb:e0:
7c:e5:f0:fe:45:0f:12:f4:18:20:bc:55:bb:54:82:e0:b2:09:
1e:80:9e:23:bb:3c:1a:75:79:0f:a6:bd:98:ff:ed:f6:c2:41:
cb:5e:92:e9:82:a3:8f:e1:3c:56:08:83:d3:5a:3b:d4:63:cc:
16:13:69:ee:ea:ac:14:47:15:12:7d:a8:ee:4f:2a:48:26:2e:
50:ab:49:35:91:fb:44:b1:d4:c3:ac:e0:47:10:ce:37:d0:ed:
78:c0:97:d7:9c:f1:64:64:a6:73:fc:39:fe:fc:21:87:df:5d:
1b:7c:c5:d6:dd:d3:a4:01:41:4e:ea:62:02:3f:ec:e6:13:c6:
98:09:22:c0:ce:ce:94:a4:01:5b:85:ea:73:cd:13:bb:8f:c7:
11:66:93:54:32:46:7a:23:25:2f:15:30:8d:d7:46:cd:78:7a:
a4:83:51:aa
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQaUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
MjUyNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFCMzQxNDMyMzJGRTQw
ODFCQTgxMjU3ODI4NEU3Q0VBQkFFODlDREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgTb2kqhJqpcb1oIJndC4/I4d+JhA0rSRwaO9i49DfGzQluWfZ
+Yk7uEM7cTI/SwJqqGnttKdqVlyXjg4qS+iwGmvdQymu+EY4QWaStLsAs6Ug9S8g
CPdYF2ESNFEeBmyWbxslN09rkW7MOShivgqHf6g9PLpyeRgMcfpkMls17i4KtZRk
O0SXZi67gyv+iOsJv8AHdiLL9BitBHalpTd8d5xfz128Jr0Dv+8joV7Lhe+e9/sS
Iph+Hr1jTdodZJaAz2LNeJZ7q5FTUEUOlXOgrfsaNYgdU2B++e/s/5cINAMd0aFE
+1phNPHrZD/P0s8I4Tal28Mk9VdnX3cf3WuPAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUqzQUMjL+QIG6gSV4KE586rronN8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3F6UVVNakwtUUlHNmdT
VjRLRTU4NnJyb25OOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADpQyueNyUXVUl0t
kLfIB6Ly4XLDZrqNhThCZNKw/XdEsxcAprMw0W9l1CieijR6AkSASiR1NHYJokmP
Qmk/z2zGvveYy+hBkkS/FYsIT2D0Df6wFrGItWH74Hzl8P5FDxL0GCC8VbtUguCy
CR6AniO7PBp1eQ+mvZj/7fbCQctekumCo4/hPFYIg9NaO9RjzBYTae7qrBRHFRJ9
qO5PKkgmLlCrSTWR+0Sx1MOs4EcQzjfQ7XjAl9ec8WRkpnP8Of78IYffXRt8xdbd
06QBQU7qYgI/7OYTxpgJIsDOzpSkAVuF6nPNE7uPxxFmk1QyRnojJS8VMI3XRs14
eqSDUao=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:49 2024 by rpki-client on console-fra.rpki-client.org