Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tLfM6bfBSQXk-jhC2ns_EiexXuA.roa
File: tLfM6bfBSQXk-jhC2ns_EiexXuA.roa (raw, json)
Hash identifier: 8oR7/+TM8O2rhPAHNbNfYX0tn6EF/y1M7stgE1jTLkk=
Subject key identifier: B4:B7:CC:E9:B7:C1:49:05:E4:FA:38:42:DA:7B:3F:12:27:B1:5E:E0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47B1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tLfM6bfBSQXk-jhC2ns_EiexXuA.roa
Signing time: Wed 24 Apr 2024 04:23:21 +0000
ROA not before: Wed 24 Apr 2024 04:23:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18353 (0x47b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 04:23:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B4B7CCE9B7C14905E4FA3842DA7B3F1227B15EE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:61:6c:ab:c7:3f:62:7c:32:cc:37:13:38:76:
80:a8:eb:10:22:bb:22:cf:47:45:19:f2:9d:0d:cb:
89:95:38:15:ae:31:e6:18:b8:36:6f:71:71:f7:3f:
1d:a6:09:c4:c4:ae:45:d3:18:e4:e7:0c:9a:b2:27:
8f:7e:da:17:8d:d6:82:b6:81:34:31:6e:fe:d4:df:
92:8f:3e:22:19:96:63:e7:26:6e:bc:5a:23:39:37:
3d:b2:fc:d0:cf:3a:79:6a:f2:5c:ca:72:a7:d0:fe:
4f:30:fa:4f:13:9e:02:b9:3b:60:c0:2a:a1:b7:7f:
81:c0:a0:73:a9:76:1f:1a:cf:ec:5b:4e:d4:5d:54:
dc:8b:c5:72:ce:65:dc:5e:7d:3d:7a:b4:c2:15:32:
79:08:ef:e3:57:e1:ec:b4:23:db:e8:40:e5:62:97:
03:51:d2:a5:67:b8:4c:50:eb:9e:e6:92:af:8d:b1:
1b:86:23:f8:dc:5b:e0:d0:ce:c9:75:3c:45:9d:a4:
25:5e:99:4a:1e:f0:aa:63:b2:76:8f:4e:52:b0:bd:
61:fc:fb:cf:ff:d8:48:23:87:fb:68:d9:12:8c:2a:
c6:bf:90:49:7c:ba:56:44:71:35:89:0b:cf:43:72:
93:eb:75:41:1d:65:15:b8:ee:6f:7b:35:d4:6f:ba:
0b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B7:CC:E9:B7:C1:49:05:E4:FA:38:42:DA:7B:3F:12:27:B1:5E:E0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tLfM6bfBSQXk-jhC2ns_EiexXuA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b2:4f:a1:e6:1c:75:b3:4d:dd:e5:7e:d3:2a:57:b5:c6:e3:27:
5f:a3:91:37:a6:72:77:d9:e1:3c:5d:d6:90:2d:33:88:9d:10:
50:ae:49:d1:98:54:9c:dc:16:fd:dd:5b:98:ef:71:4b:12:7c:
ee:55:92:df:86:8b:55:aa:db:ff:a0:20:41:74:fa:0a:c2:ce:
c2:bd:5f:a8:67:8a:61:8d:db:12:dd:e1:04:e5:a4:b7:26:10:
e2:37:56:eb:a5:27:cb:5b:87:ae:07:e7:bf:bb:05:f2:dc:d4:
31:7d:77:fa:85:96:33:6e:ad:bf:d5:e4:4c:ca:a2:71:c9:52:
6e:a8:f5:4a:bc:05:c7:48:77:f0:d6:9c:11:5c:aa:87:59:c8:
b3:f1:9b:ca:28:66:df:c1:16:8d:e1:94:c7:33:64:46:6a:ec:
d9:82:cb:8b:0a:ad:5c:2b:3f:03:89:69:75:42:a3:fa:6d:03:
79:97:f5:59:0d:d9:ad:cf:85:ed:4d:ff:9f:4a:45:ae:9f:e4:
39:2b:aa:c1:6f:f1:01:00:99:61:41:5d:67:54:87:54:73:e0:
4b:c4:07:34:84:94:02:76:79:d7:ca:c2:4c:17:72:42:96:b7:
a5:1c:3a:02:6b:26:ab:a1:48:e2:78:60:d3:29:13:fd:ed:9b:
60:8a:78:19
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICR7EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
NDIzMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI0QjdDQ0U5QjdDMTQ5
MDVFNEZBMzg0MkRBN0IzRjEyMjdCMTVFRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoYWyrxz9ifDLMNxM4doCo6xAiuyLPR0UZ8p0Ny4mVOBWuMeYY
uDZvcXH3Px2mCcTErkXTGOTnDJqyJ49+2heN1oK2gTQxbv7U35KPPiIZlmPnJm68
WiM5Nz2y/NDPOnlq8lzKcqfQ/k8w+k8TngK5O2DAKqG3f4HAoHOpdh8az+xbTtRd
VNyLxXLOZdxefT16tMIVMnkI7+NX4ey0I9voQOVilwNR0qVnuExQ657mkq+NsRuG
I/jcW+DQzsl1PEWdpCVemUoe8KpjsnaPTlKwvWH8+8//2Egjh/to2RKMKsa/kEl8
ulZEcTWJC89DcpPrdUEdZRW47m97NdRvugvNAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUtLfM6bfBSQXk+jhC2ns/EiexXuAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RMZk02YmZCU1FYay1q
aEMybnNfRWlleFh1QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALJPoeYcdbNN3eV+
0ypXtcbjJ1+jkTemcnfZ4Txd1pAtM4idEFCuSdGYVJzcFv3dW5jvcUsSfO5Vkt+G
i1Wq2/+gIEF0+grCzsK9X6hnimGN2xLd4QTlpLcmEOI3VuulJ8tbh64H57+7BfLc
1DF9d/qFljNurb/V5EzKonHJUm6o9Uq8BcdId/DWnBFcqodZyLPxm8ooZt/BFo3h
lMczZEZq7NmCy4sKrVwrPwOJaXVCo/ptA3mX9VkN2a3Phe1N/59KRa6f5DkrqsFv
8QEAmWFBXWdUh1Rz4EvEBzSElAJ2edfKwkwXckKWt6UcOgJrJquhSOJ4YNMpE/3t
m2CKeBk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:51 2024 by rpki-client on console-fra.rpki-client.org