Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/yMPVnp36CAEsRzLakknWDY_AqXY.roa
File: yMPVnp36CAEsRzLakknWDY_AqXY.roa (raw, json)
Hash identifier: eJUxDxbOuuj7LK7MYxi80ZHJFhtE0k7/InReRyTdHG0=
Subject key identifier: C8:C3:D5:9E:9D:FA:08:01:2C:47:32:DA:92:49:D6:0D:8F:C0:A9:76
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3369
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yMPVnp36CAEsRzLakknWDY_AqXY.roa
Signing time: Thu 28 Mar 2024 03:22:01 +0000
ROA not before: Thu 28 Mar 2024 03:22:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13161 (0x3369)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 03:22:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C8C3D59E9DFA08012C4732DA9249D60D8FC0A976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4f:cc:7d:85:97:71:8d:17:82:0e:6c:63:65:
9e:ab:e2:15:89:e7:10:15:c2:75:ee:e7:dd:cd:ae:
91:6a:0f:13:dd:30:95:5c:35:bf:db:ae:c0:ec:be:
0e:e7:bf:da:b2:dd:8a:8f:be:1d:0a:c5:6d:7f:0e:
e4:33:f3:fa:7b:11:6a:53:52:ff:63:d1:ab:ef:b6:
e0:d2:c9:a3:83:a3:13:d1:04:13:30:9d:8b:54:80:
1c:b5:d0:93:24:f0:1c:1d:4e:6c:c8:4f:3c:24:c7:
7a:56:69:34:a3:6c:67:92:76:42:64:50:93:ff:e3:
3b:c8:13:f4:ab:37:d0:03:96:87:8b:5c:1d:18:71:
e8:55:08:f8:6f:fc:f3:5e:80:a5:52:56:a7:14:70:
8a:20:0e:41:94:c6:bc:e2:cd:67:ce:2c:e7:43:91:
0c:33:37:f2:cc:c8:a1:25:86:10:9e:02:d5:72:9d:
ed:8d:af:12:86:d9:52:7a:0e:03:22:f9:14:16:24:
17:25:66:8a:82:81:f5:b9:24:6c:71:f4:29:8f:22:
0a:f5:9f:ad:91:18:43:a8:b5:6f:60:f6:75:f7:ba:
76:66:46:ce:13:f2:fa:61:48:ed:ed:24:fd:3e:2c:
dd:63:e9:5a:d7:79:98:b5:8c:ea:3b:44:a8:fc:f5:
f1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C3:D5:9E:9D:FA:08:01:2C:47:32:DA:92:49:D6:0D:8F:C0:A9:76
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yMPVnp36CAEsRzLakknWDY_AqXY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b0:58:e3:ef:7a:b8:9a:bd:1b:2d:96:46:86:c2:32:04:81:fd:
9a:3b:fe:be:72:34:9e:ec:d7:35:b0:6e:eb:4e:d2:fd:bd:e4:
cf:34:39:6a:f4:6f:26:d4:36:23:76:f6:85:72:df:d3:62:13:
da:96:8e:95:d7:08:0c:9e:8f:ab:55:55:5f:8f:18:c1:49:0d:
16:8c:c4:ba:af:aa:95:06:fe:a7:03:03:b8:a6:3e:72:5a:b9:
d1:0f:ee:dd:c5:b0:57:b7:67:7c:51:a5:44:1a:29:33:ae:a9:
74:70:13:9e:b3:f7:cd:2f:53:68:df:78:d6:99:dd:f7:92:8d:
04:88:0f:a9:d3:9c:6b:5c:ee:6e:1d:5e:1d:ca:10:37:36:1e:
92:55:fa:16:e2:db:97:ce:bd:54:cf:3b:b9:f5:d6:05:d6:21:
d7:a7:8d:92:79:0b:b8:a1:b1:98:f9:6f:37:75:2c:6e:3a:6f:
d9:05:00:50:c5:4a:05:04:60:e7:c6:8d:36:95:d1:06:76:61:
d6:c4:b9:3b:25:41:56:f4:30:16:ad:d6:34:08:22:74:92:e8:
7b:c7:0a:3a:d9:0a:9d:6f:ae:66:ca:e8:df:84:c5:92:d5:27:
8e:32:ad:88:84:aa:fd:39:c3:0d:fc:37:bd:5a:04:0e:99:d9:
67:0a:ae:54
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICM2kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgw
MzIyMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM4QzNENTlFOURGQTA4
MDEyQzQ3MzJEQTkyNDlENjBEOEZDMEE5NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2T8x9hZdxjReCDmxjZZ6r4hWJ5xAVwnXu593NrpFqDxPdMJVc
Nb/brsDsvg7nv9qy3YqPvh0KxW1/DuQz8/p7EWpTUv9j0avvtuDSyaODoxPRBBMw
nYtUgBy10JMk8BwdTmzITzwkx3pWaTSjbGeSdkJkUJP/4zvIE/SrN9ADloeLXB0Y
cehVCPhv/PNegKVSVqcUcIogDkGUxrzizWfOLOdDkQwzN/LMyKElhhCeAtVyne2N
rxKG2VJ6DgMi+RQWJBclZoqCgfW5JGxx9CmPIgr1n62RGEOotW9g9nX3unZmRs4T
8vphSO3tJP0+LN1j6VrXeZi1jOo7RKj89fFtAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUyMPVnp36CAEsRzLakknWDY/AqXYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3lNUFZucDM2Q0FFc1J6
TGFra25XRFlfQXFYWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALBY4+96uJq9Gy2W
RobCMgSB/Zo7/r5yNJ7s1zWwbutO0v295M80OWr0bybUNiN29oVy39NiE9qWjpXX
CAyej6tVVV+PGMFJDRaMxLqvqpUG/qcDA7imPnJaudEP7t3FsFe3Z3xRpUQaKTOu
qXRwE56z980vU2jfeNaZ3feSjQSID6nTnGtc7m4dXh3KEDc2HpJV+hbi25fOvVTP
O7n11gXWIdenjZJ5C7ihsZj5bzd1LG46b9kFAFDFSgUEYOfGjTaV0QZ2YdbEuTsl
QVb0MBat1jQIInSS6HvHCjrZCp1vrmbK6N+ExZLVJ44yrYiEqv05ww38N71aBA6Z
2WcKrlQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:56 2024 by rpki-client on console-fra.rpki-client.org