Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wh3qgKrNuiT--Ag341y1uSkAZtI.roa
File: wh3qgKrNuiT--Ag341y1uSkAZtI.roa (raw, json)
Hash identifier: whVyld80toroHZJvYsqnwBF007TIhbyoGrW35EW30z0=
Subject key identifier: C2:1D:EA:80:AA:CD:BA:24:FE:F8:08:37:E3:5C:B5:B9:29:00:66:D2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3EB1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wh3qgKrNuiT--Ag341y1uSkAZtI.roa
Signing time: Fri 12 Apr 2024 04:22:51 +0000
ROA not before: Fri 12 Apr 2024 04:22:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16049 (0x3eb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 04:22:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C21DEA80AACDBA24FEF80837E35CB5B9290066D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4b:c7:7e:f8:9a:5b:60:c4:6e:c4:08:59:43:
48:f0:37:0b:af:19:7b:72:0f:32:4a:6c:04:6c:78:
1e:1f:62:1b:1c:52:a1:38:ff:cb:a8:25:40:13:2f:
50:65:2e:c7:4b:03:e2:46:8c:14:07:5d:80:3a:ce:
82:b0:8c:87:20:bc:78:07:24:a8:d7:05:47:b5:70:
f8:03:26:fe:1e:3d:0b:37:a1:7f:11:24:d4:8d:0f:
6d:a2:44:28:d9:cb:28:24:cb:ab:1c:31:75:c1:f7:
36:9a:9a:7f:a0:a3:e0:6e:2f:1c:24:fb:ee:ef:10:
2d:af:d5:b5:d0:d9:60:f9:05:d9:9c:df:d6:6f:8b:
e8:57:8f:59:62:20:7a:1e:84:af:85:bb:5a:3e:32:
e0:17:55:2f:b3:51:35:16:82:e8:57:79:6e:73:5c:
f7:3d:45:a5:b2:55:87:44:11:1f:f6:f1:dd:93:49:
0b:3d:8a:85:56:eb:80:90:ef:97:2a:74:33:a1:94:
2f:37:6b:0e:85:e2:f3:d3:99:0b:ab:d8:a5:4b:13:
ce:0a:c8:ec:81:04:b3:45:43:3d:12:08:9a:96:3a:
0e:b4:7d:31:f6:f7:5f:c5:c4:7d:80:c2:e2:2d:78:
25:88:85:6e:47:b1:51:24:42:36:d0:4f:0a:00:1a:
5a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:1D:EA:80:AA:CD:BA:24:FE:F8:08:37:E3:5C:B5:B9:29:00:66:D2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wh3qgKrNuiT--Ag341y1uSkAZtI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2d:d9:ed:e0:86:bf:46:ac:66:79:08:57:e0:cb:b2:ed:4c:2b:
a3:7a:b0:58:2b:03:cd:f6:59:72:e6:71:58:a3:9d:bc:dd:b9:
a9:c2:b7:70:54:6b:f4:7d:f6:e0:e6:78:b2:2b:9a:05:a4:9e:
b6:bb:03:18:ed:32:98:63:d4:33:f0:33:2d:41:86:c2:fa:9c:
48:82:58:31:1f:84:b4:ef:66:09:6c:2a:b1:b3:2d:2b:83:42:
29:06:29:e3:42:e4:a3:e8:88:00:3f:6e:65:29:e0:ac:75:a9:
49:af:00:04:5b:24:3c:1c:6e:af:57:d6:cf:ba:c9:af:78:0a:
17:fd:70:53:2c:75:ac:e4:32:ab:04:88:ba:7e:93:5c:40:03:
5f:1b:5e:7d:93:07:bc:bf:3f:51:91:6e:9d:bf:88:e1:3e:c6:
56:03:de:a7:43:1e:d2:88:fb:dc:98:f7:34:49:1c:43:86:76:
92:82:4c:4f:69:2f:00:59:8d:6c:51:a9:37:3f:83:13:7f:b7:
1d:28:2a:3f:00:5c:9f:14:c0:88:3b:f4:f8:f5:76:90:69:b6:
06:74:0a:92:58:4e:b4:da:79:c1:2b:3b:bf:f6:81:ba:f5:d8:
5e:71:95:3f:13:e5:ec:72:d4:6d:2d:7c:1d:9c:f5:47:ff:8f:
d8:e7:83:cc
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPrEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIw
NDIyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMyMURFQTgwQUFDREJB
MjRGRUY4MDgzN0UzNUNCNUI5MjkwMDY2RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6S8d++JpbYMRuxAhZQ0jwNwuvGXtyDzJKbARseB4fYhscUqE4
/8uoJUATL1BlLsdLA+JGjBQHXYA6zoKwjIcgvHgHJKjXBUe1cPgDJv4ePQs3oX8R
JNSND22iRCjZyygky6scMXXB9zaamn+go+BuLxwk++7vEC2v1bXQ2WD5Bdmc39Zv
i+hXj1liIHoehK+Fu1o+MuAXVS+zUTUWguhXeW5zXPc9RaWyVYdEER/28d2TSQs9
ioVW64CQ75cqdDOhlC83aw6F4vPTmQur2KVLE84KyOyBBLNFQz0SCJqWOg60fTH2
91/FxH2AwuIteCWIhW5HsVEkQjbQTwoAGlppAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUwh3qgKrNuiT++Ag341y1uSkAZtIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3doM3FnS3JOdWlULS1B
ZzM0MXkxdVNrQVp0SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAC3Z7eCGv0asZnkI
V+DLsu1MK6N6sFgrA832WXLmcVijnbzduanCt3BUa/R99uDmeLIrmgWknra7Axjt
Mphj1DPwMy1BhsL6nEiCWDEfhLTvZglsKrGzLSuDQikGKeNC5KPoiAA/bmUp4Kx1
qUmvAARbJDwcbq9X1s+6ya94Chf9cFMsdazkMqsEiLp+k1xAA18bXn2TB7y/P1GR
bp2/iOE+xlYD3qdDHtKI+9yY9zRJHEOGdpKCTE9pLwBZjWxRqTc/gxN/tx0oKj8A
XJ8UwIg79Pj1dpBptgZ0CpJYTrTaecErO7/2gbr12F5xlT8T5exy1G0tfB2c9Uf/
j9jng8w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:54 2024 by rpki-client on console-fra.rpki-client.org