Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wCxMFjWis45N2B9pHkmci5xdE0k.roa
File: wCxMFjWis45N2B9pHkmci5xdE0k.roa (raw, json)
Hash identifier: GQvxmEpZFSUEadMayc2U03i1tbIsT8DWAtStiUJotfY=
Subject key identifier: C0:2C:4C:16:35:A2:B3:8E:4D:D8:1F:69:1E:49:9C:8B:9C:5D:13:49
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F65
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wCxMFjWis45N2B9pHkmci5xdE0k.roa
Signing time: Sat 13 Apr 2024 02:52:52 +0000
ROA not before: Sat 13 Apr 2024 02:52:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16229 (0x3f65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 02:52:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C02C4C1635A2B38E4DD81F691E499C8B9C5D1349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ba:dd:0a:c3:28:8e:6a:07:fb:91:f2:c1:f8:
93:e3:36:79:4b:53:95:d5:21:06:6b:37:d2:59:ec:
85:49:78:d5:be:a1:a1:6c:aa:55:fd:4d:ae:f7:f7:
d2:97:11:ad:d5:23:54:cb:b3:66:15:4c:d4:d8:d3:
a5:b4:91:35:51:a9:66:24:a3:8a:e9:d4:4b:ca:15:
84:06:c6:94:09:7a:35:c5:66:bc:19:e6:ec:7c:57:
bb:73:fa:d1:ae:4a:e7:f8:42:a4:ba:b9:f0:38:59:
47:ca:6f:7e:10:f1:54:5c:34:24:61:e7:6b:3b:bb:
3b:f4:66:b8:e0:cc:71:f7:c6:9d:9d:e8:72:ae:3a:
9f:c5:83:7d:2e:da:3f:cc:c5:4d:46:90:c6:bc:50:
e5:2d:f1:81:c4:b9:91:26:a5:f6:f6:7a:51:f4:a3:
12:c0:65:b8:91:7f:a6:62:fb:5a:fe:b5:37:de:51:
00:fa:93:8b:ce:b5:b5:e3:4b:e7:ed:97:55:c8:29:
8c:b3:db:ed:60:e6:45:57:4d:eb:ca:c1:4f:45:46:
74:50:7d:f9:d4:c6:27:4e:e2:09:c1:22:43:30:59:
87:f0:a5:ce:bf:7f:b3:54:71:d0:e4:d5:f5:e4:85:
67:05:85:98:93:c5:b8:de:9e:29:58:df:35:af:42:
0e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:2C:4C:16:35:A2:B3:8E:4D:D8:1F:69:1E:49:9C:8B:9C:5D:13:49
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wCxMFjWis45N2B9pHkmci5xdE0k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
86:08:bb:7b:6b:f1:3f:54:06:d3:46:2f:37:95:78:d1:8e:bc:
c1:77:d7:3a:01:7b:9d:8c:71:f4:04:27:7d:0a:c5:1f:36:51:
6e:35:a0:ba:d5:ab:39:02:56:a8:15:9f:cd:c0:bb:1e:47:e4:
e0:9f:29:7d:fb:53:14:84:ad:ec:9c:7a:71:c0:e4:69:0c:51:
14:87:e6:85:62:3a:5d:84:61:7f:60:61:62:ff:2f:63:95:85:
65:81:7f:5d:a2:e4:89:a0:5b:10:7b:6e:4c:45:45:df:81:07:
77:5c:33:8b:ae:5c:2c:85:ab:29:56:0c:ef:45:4c:7f:81:7c:
93:e9:41:1b:e3:d7:be:11:8c:4c:5a:c3:f2:21:25:17:7a:8f:
d5:64:fa:6a:a0:a1:2d:ba:af:3b:bf:5e:df:9a:c2:3a:02:56:
4f:46:a5:8a:e2:db:90:66:ef:fb:2d:32:05:42:7e:2c:9e:3e:
98:5a:95:16:87:98:9d:d3:93:c3:d6:8a:30:52:bd:32:18:95:
2a:f0:f2:68:37:43:94:c6:47:55:6e:42:68:c7:8f:ed:8b:43:
7f:57:78:9c:3e:d9:57:bf:76:9f:4e:61:23:39:e1:a3:75:ca:
6b:e2:65:ee:a0:76:89:fb:4c:a7:bd:10:fc:2e:56:07:9d:49:
fe:67:78:5f
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICP2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMw
MjUyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMwMkM0QzE2MzVBMkIz
OEU0REQ4MUY2OTFFNDk5QzhCOUM1RDEzNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSut0KwyiOagf7kfLB+JPjNnlLU5XVIQZrN9JZ7IVJeNW+oaFs
qlX9Ta7399KXEa3VI1TLs2YVTNTY06W0kTVRqWYko4rp1EvKFYQGxpQJejXFZrwZ
5ux8V7tz+tGuSuf4QqS6ufA4WUfKb34Q8VRcNCRh52s7uzv0ZrjgzHH3xp2d6HKu
Op/Fg30u2j/MxU1GkMa8UOUt8YHEuZEmpfb2elH0oxLAZbiRf6Zi+1r+tTfeUQD6
k4vOtbXjS+ftl1XIKYyz2+1g5kVXTevKwU9FRnRQffnUxidO4gnBIkMwWYfwpc6/
f7NUcdDk1fXkhWcFhZiTxbjenilY3zWvQg4TAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUwCxMFjWis45N2B9pHkmci5xdE0kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3dDeE1GaldpczQ1TjJC
OXBIa21jaTV4ZEUway5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIYIu3tr8T9UBtNG
LzeVeNGOvMF31zoBe52McfQEJ30KxR82UW41oLrVqzkCVqgVn83Aux5H5OCfKX37
UxSEreycenHA5GkMURSH5oViOl2EYX9gYWL/L2OVhWWBf12i5ImgWxB7bkxFRd+B
B3dcM4uuXCyFqylWDO9FTH+BfJPpQRvj174RjExaw/IhJRd6j9Vk+mqgoS26rzu/
Xt+awjoCVk9GpYri25Bm7/stMgVCfiyePphalRaHmJ3Tk8PWijBSvTIYlSrw8mg3
Q5TGR1VuQmjHj+2LQ39XeJw+2Ve/dp9OYSM54aN1ymviZe6gdon7TKe9EPwuVged
Sf5neF8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:54 2024 by rpki-client on console-fra.rpki-client.org