Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wYit3EdkOtC38thtwWUVkKBy0x4.roa
File: wYit3EdkOtC38thtwWUVkKBy0x4.roa (raw, json)
Hash identifier: 1iVkrkbt/oriYyYaWSRrljdgOW49vzDvbcswtU1Mndk=
Subject key identifier: C1:88:AD:DC:47:64:3A:D0:B7:F2:D8:6D:C1:65:15:90:A0:72:D3:1E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A0D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wYit3EdkOtC38thtwWUVkKBy0x4.roa
Signing time: Fri 05 Apr 2024 23:52:52 +0000
ROA not before: Fri 05 Apr 2024 23:52:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14861 (0x3a0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 23:52:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C188ADDC47643AD0B7F2D86DC1651590A072D31E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:60:d5:31:a6:66:9c:cd:7c:da:31:67:2e:50:
3b:17:1a:eb:92:37:59:4a:a2:02:33:0e:ef:5d:ca:
e7:4b:fd:2e:9d:ba:73:d7:f2:28:12:08:e0:e8:ba:
5b:77:9a:22:2e:c7:79:f8:1c:c3:c2:2a:be:7f:0f:
bb:cf:31:a3:21:e1:4e:51:a6:9e:60:a6:cb:3f:5a:
dc:61:31:02:42:68:25:c9:2e:6b:71:a3:68:0e:d5:
b8:ad:86:f3:04:43:8e:fe:04:2e:67:17:8d:b3:4b:
88:c6:b8:9c:fa:69:d1:bb:06:1d:d5:dd:69:3c:b9:
18:07:cb:ea:d7:1a:d4:9a:d5:98:97:fb:1a:7f:10:
33:d2:5d:41:92:18:51:30:08:3b:94:c4:e3:f8:fd:
3f:35:fe:db:e3:c1:de:57:b5:83:07:ec:b7:3b:6c:
29:89:3a:df:84:1d:9c:d7:47:79:a8:4d:ca:64:f3:
e8:e7:cd:e5:3a:61:07:de:c0:e4:8b:2a:7f:9c:61:
e0:00:f7:c2:22:3c:47:8c:e7:4d:ca:1b:de:f3:55:
fb:70:ce:d5:cd:ce:27:e6:e5:17:84:fa:7e:83:32:
11:88:3f:45:4b:d0:4e:65:f4:64:25:ca:b6:eb:17:
84:af:3c:86:92:cb:96:6a:37:21:68:75:79:75:a4:
a9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:88:AD:DC:47:64:3A:D0:B7:F2:D8:6D:C1:65:15:90:A0:72:D3:1E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wYit3EdkOtC38thtwWUVkKBy0x4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5b:53:71:96:5f:cd:d5:b2:9f:06:da:18:80:59:fc:98:8c:68:
b5:ec:17:7d:82:c9:55:9f:fa:23:82:6e:75:a0:f7:39:30:78:
89:98:d9:4b:e1:b6:df:6f:84:6a:b4:c1:da:87:05:ce:51:c1:
64:97:ff:ce:43:75:aa:b6:30:45:3e:0c:5b:eb:ee:e9:93:24:
1f:34:b9:e2:e3:8b:1a:28:ef:f6:0f:68:4d:e8:36:84:0e:72:
5e:60:fb:99:8d:88:fe:55:c3:94:f8:63:17:c7:04:b0:b5:e9:
d2:3a:a0:47:f6:5e:a5:a0:58:c3:10:c6:2e:f0:61:30:40:83:
39:cd:a4:e0:d3:62:38:91:00:21:45:96:49:2a:45:2c:f2:9b:
96:37:91:30:e9:94:41:5c:3d:41:41:dd:94:98:78:27:84:b5:
d1:7c:2e:b8:ee:5a:75:6e:44:35:31:c2:5f:40:9f:f2:4f:2c:
07:9e:bd:1b:20:2a:5d:7e:f9:47:8d:60:3b:5a:92:28:5a:11:
ef:36:28:e1:d2:05:39:81:62:d5:a5:d7:98:ed:c2:a4:45:41:
ae:dd:d6:d4:92:21:9c:bb:68:19:ea:8b:3c:97:33:39:3b:bc:
93:92:b1:3d:c2:26:19:32:56:ba:1d:03:ab:cf:a5:c3:49:57:
b5:17:25:9c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOg0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUy
MzUyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMxODhBRERDNDc2NDNB
RDBCN0YyRDg2REMxNjUxNTkwQTA3MkQzMUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6YNUxpmaczXzaMWcuUDsXGuuSN1lKogIzDu9dyudL/S6dunPX
8igSCODoult3miIux3n4HMPCKr5/D7vPMaMh4U5Rpp5gpss/WtxhMQJCaCXJLmtx
o2gO1bithvMEQ47+BC5nF42zS4jGuJz6adG7Bh3V3Wk8uRgHy+rXGtSa1ZiX+xp/
EDPSXUGSGFEwCDuUxOP4/T81/tvjwd5XtYMH7Lc7bCmJOt+EHZzXR3moTcpk8+jn
zeU6YQfewOSLKn+cYeAA98IiPEeM503KG97zVftwztXNzifm5ReE+n6DMhGIP0VL
0E5l9GQlyrbrF4SvPIaSy5ZqNyFodXl1pKllAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUwYit3EdkOtC38thtwWUVkKBy0x4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3dZaXQzRWRrT3RDMzh0
aHR3V1VWa0tCeTB4NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFtTcZZfzdWynwba
GIBZ/JiMaLXsF32CyVWf+iOCbnWg9zkweImY2Uvhtt9vhGq0wdqHBc5RwWSX/85D
daq2MEU+DFvr7umTJB80ueLjixoo7/YPaE3oNoQOcl5g+5mNiP5Vw5T4YxfHBLC1
6dI6oEf2XqWgWMMQxi7wYTBAgznNpODTYjiRACFFlkkqRSzym5Y3kTDplEFcPUFB
3ZSYeCeEtdF8LrjuWnVuRDUxwl9An/JPLAeevRsgKl1++UeNYDtakihaEe82KOHS
BTmBYtWl15jtwqRFQa7d1tSSIZy7aBnqizyXMzk7vJOSsT3CJhkyVrodA6vPpcNJ
V7UXJZw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:54 2024 by rpki-client on console-fra.rpki-client.org