Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rERZfZNXnZCSazM2URp0LPMVXr4.roa
File: rERZfZNXnZCSazM2URp0LPMVXr4.roa (raw, json)
Hash identifier: Q9rICLjElU1PzxuuBif3HTHmxBpKjXw+U6DTpPJft2Q=
Subject key identifier: AC:44:59:7D:93:57:9D:90:92:6B:33:36:51:1A:74:2C:F3:15:5E:BE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35D9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rERZfZNXnZCSazM2URp0LPMVXr4.roa
Signing time: Sun 31 Mar 2024 09:22:09 +0000
ROA not before: Sun 31 Mar 2024 09:22:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13785 (0x35d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 09:22:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AC44597D93579D90926B3336511A742CF3155EBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fd:c9:de:a3:d2:1d:68:a0:1b:b7:c5:f5:6a:
18:7f:13:fb:fd:37:ed:99:9f:e5:23:8c:ba:9c:f2:
bc:00:30:c9:15:c3:38:d9:ba:b6:bd:34:3c:70:eb:
c3:d5:71:bb:f6:9c:f4:c1:cb:3e:e6:a8:73:85:96:
44:df:e7:2a:ea:6b:e9:b7:e8:ef:93:cd:d5:82:38:
ef:27:26:7e:f3:c8:ce:6d:80:a9:49:ac:28:fe:08:
e3:3a:60:64:e4:49:2c:1b:ec:c7:9d:ae:7b:81:57:
32:3b:16:01:ee:48:11:4c:36:1a:77:a3:16:8e:f0:
6b:4a:e2:23:d2:b7:bf:09:cc:ea:8b:ce:7d:91:c7:
2a:97:23:89:8c:ee:8b:bc:e4:b1:df:aa:f5:c5:0f:
90:26:bf:dd:2e:3d:5b:61:cc:10:b0:cd:c8:4a:df:
0f:77:13:a3:6e:8b:84:29:24:02:db:6a:67:d4:d0:
f0:e0:d2:03:0f:fb:ef:6b:cc:79:a2:3f:94:f8:a1:
4b:b6:26:32:5e:0c:13:c8:c7:40:bc:22:f4:26:56:
42:93:9b:d9:d0:2e:bf:a8:cf:dc:34:08:50:68:15:
9b:17:63:dd:df:d9:62:52:e7:fd:22:f4:a5:b3:7c:
28:cf:8f:1b:da:4b:c5:0e:92:cc:bf:d0:db:cb:89:
9e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:44:59:7D:93:57:9D:90:92:6B:33:36:51:1A:74:2C:F3:15:5E:BE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rERZfZNXnZCSazM2URp0LPMVXr4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2f:69:e7:7c:16:e6:94:20:52:b4:9d:d8:7e:9f:ef:a1:5f:ed:
9b:ab:1e:f1:19:fa:59:0f:68:e0:2a:96:e8:a3:55:22:92:fa:
b6:b5:07:cf:6a:cc:ec:43:e1:36:e5:c1:77:fa:f5:da:1e:ae:
cc:b4:d3:f9:f9:0d:2a:a9:f2:43:f7:7e:4c:c0:5e:bc:58:68:
70:e2:0f:c6:53:e9:72:d3:6f:f1:b3:a4:3f:00:f0:92:d7:d0:
5f:cf:38:a4:81:81:2f:a7:28:9e:2e:51:b5:31:1b:f3:30:f8:
26:07:55:d5:91:07:9e:47:53:29:bf:f5:f3:a5:ad:5f:f9:20:
fc:5b:42:1f:25:dc:ff:52:6a:46:7d:35:c6:78:2c:04:41:79:
5a:56:e2:34:15:03:c1:f8:f1:d0:bb:4f:83:b3:fc:3f:92:f7:
f9:d8:8a:97:68:ea:b8:ce:96:d1:12:6c:ee:26:66:b7:5d:24:
f4:85:f7:c6:8d:d0:21:7e:ee:4b:83:9a:cd:66:2c:dc:5f:c7:
c6:34:e1:9f:19:ef:18:d4:fc:70:66:74:fb:16:bd:64:8f:e9:
de:e0:7e:60:2c:b8:d7:07:49:37:2e:24:4a:39:46:06:52:9a:
15:85:c3:e8:21:4a:8d:09:e2:8f:aa:28:5e:d6:2a:9e:97:64:
0e:b6:fc:17
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNdkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
OTIyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFDNDQ1OTdEOTM1NzlE
OTA5MjZCMzMzNjUxMUE3NDJDRjMxNTVFQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCe/cneo9IdaKAbt8X1ahh/E/v9N+2Zn+UjjLqc8rwAMMkVwzjZ
ura9NDxw68PVcbv2nPTByz7mqHOFlkTf5yrqa+m36O+TzdWCOO8nJn7zyM5tgKlJ
rCj+COM6YGTkSSwb7MedrnuBVzI7FgHuSBFMNhp3oxaO8GtK4iPSt78JzOqLzn2R
xyqXI4mM7ou85LHfqvXFD5Amv90uPVthzBCwzchK3w93E6Nui4QpJALbamfU0PDg
0gMP++9rzHmiP5T4oUu2JjJeDBPIx0C8IvQmVkKTm9nQLr+oz9w0CFBoFZsXY93f
2WJS5/0i9KWzfCjPjxvaS8UOksy/0NvLiZ4LAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUrERZfZNXnZCSazM2URp0LPMVXr4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JFUlpmWk5YblpDU2F6
TTJVUnAwTFBNVlhyNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAC9p53wW5pQgUrSd
2H6f76Ff7ZurHvEZ+lkPaOAqluijVSKS+ra1B89qzOxD4TblwXf69doersy00/n5
DSqp8kP3fkzAXrxYaHDiD8ZT6XLTb/GzpD8A8JLX0F/POKSBgS+nKJ4uUbUxG/Mw
+CYHVdWRB55HUym/9fOlrV/5IPxbQh8l3P9SakZ9NcZ4LARBeVpW4jQVA8H48dC7
T4Oz/D+S9/nYipdo6rjOltESbO4mZrddJPSF98aN0CF+7kuDms1mLNxfx8Y04Z8Z
7xjU/HBmdPsWvWSP6d7gfmAsuNcHSTcuJEo5RgZSmhWFw+ghSo0J4o+qKF7WKp6X
ZA62/Bc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:13 2024 by rpki-client on console-ams.rpki-client.org