Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0H-R3NRFbs0VQ_9tz6TifPYF3po.roa
File: 0H-R3NRFbs0VQ_9tz6TifPYF3po.roa (raw, json)
Hash identifier: 5hkbetlHJz6xtMl0nAsdMzxS+EgLZOSr4oUWVf92t9w=
Subject key identifier: D0:7F:91:DC:D4:45:6E:CD:15:43:FF:6D:CF:A4:E2:7C:F6:05:DE:9A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36A5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0H-R3NRFbs0VQ_9tz6TifPYF3po.roa
Signing time: Mon 01 Apr 2024 10:52:17 +0000
ROA not before: Mon 01 Apr 2024 10:52:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13989 (0x36a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 10:52:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D07F91DCD4456ECD1543FF6DCFA4E27CF605DE9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:77:39:48:ed:6e:7d:83:8d:f9:68:a8:38:bf:
77:71:0b:a0:47:ab:6b:6d:96:c8:03:30:df:cc:87:
37:5c:b8:86:a6:ea:9c:88:88:e3:f3:54:1d:4f:db:
3c:57:da:5d:3c:fe:5a:42:71:39:62:ba:3f:c2:ba:
ef:5d:e0:7a:d3:00:b9:5b:32:ff:7f:eb:3a:ff:63:
1d:5a:c2:12:dd:73:92:a3:75:77:25:5d:93:ad:b8:
a5:c7:00:48:fa:ab:65:94:43:94:74:79:89:19:4b:
b0:ce:54:4e:ce:81:7f:c1:d3:ce:1f:72:31:84:a7:
97:13:17:b1:a0:1b:99:ec:19:a6:00:19:f4:35:65:
59:90:b7:c9:4f:56:34:ce:f9:90:cd:62:5e:8a:42:
d8:fd:2b:50:e4:61:f8:93:6a:02:68:68:7a:e5:ce:
d8:79:61:ce:cd:d3:c1:05:89:bf:fd:eb:9e:8f:57:
4f:b5:2b:40:31:f7:0b:d2:18:4e:0b:3e:1c:2a:70:
7c:5b:f8:c7:c9:fc:b5:58:3e:b6:e6:dd:6e:3b:f7:
91:4d:df:37:53:d2:90:bc:17:8e:0f:19:40:eb:bd:
25:bb:aa:c1:ee:96:4b:1c:1f:3a:e5:14:a2:ba:86:
b9:b1:10:6b:cf:4a:12:ab:e6:db:4f:5f:e4:0d:84:
e3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7F:91:DC:D4:45:6E:CD:15:43:FF:6D:CF:A4:E2:7C:F6:05:DE:9A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0H-R3NRFbs0VQ_9tz6TifPYF3po.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
99:db:5f:de:b8:2b:02:07:94:14:34:36:d8:72:90:90:49:0f:
50:d1:e8:58:3d:1f:59:85:eb:0f:05:33:1f:ce:0e:e0:07:9d:
8b:a4:aa:48:53:35:cf:96:2b:95:da:7c:5f:7b:0b:ef:0c:06:
43:d2:d8:04:a1:2b:ab:be:99:ed:59:2b:e0:af:4d:78:5e:11:
88:8a:42:72:c6:43:52:29:41:5e:a0:c7:c0:d6:99:e1:81:6b:
80:e6:b6:36:4a:0e:2d:76:7f:3a:ef:53:cf:68:01:a3:61:f4:
89:4a:96:c2:a3:c0:de:3c:e3:ad:6e:fa:0b:e7:02:58:56:06:
d0:71:ff:f4:e9:05:04:a6:3f:f3:40:89:cf:6e:e4:58:7c:e8:
e8:08:8b:2b:92:89:6a:8f:a1:64:90:25:87:7b:58:7a:31:39:
a1:50:cb:36:71:0b:22:93:2d:07:d6:f6:55:bc:8f:c3:1c:16:
22:49:38:fc:86:42:72:a1:bd:2f:a1:64:5c:a8:b2:2e:df:74:
d6:f9:80:1c:69:00:cb:42:fe:7b:54:bc:0e:e5:76:c8:df:71:
31:a5:67:c1:01:cb:6d:e0:86:9f:8e:29:c7:87:1a:5b:b4:fa:
d7:3a:57:77:23:f7:98:67:cf:71:d4:a4:c2:8a:e5:06:8d:13:
14:f2:38:f1
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNqUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEx
MDUyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQwN0Y5MURDRDQ0NTZF
Q0QxNTQzRkY2RENGQTRFMjdDRjYwNURFOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMdzlI7W59g435aKg4v3dxC6BHq2ttlsgDMN/MhzdcuIam6pyI
iOPzVB1P2zxX2l08/lpCcTliuj/Cuu9d4HrTALlbMv9/6zr/Yx1awhLdc5KjdXcl
XZOtuKXHAEj6q2WUQ5R0eYkZS7DOVE7OgX/B084fcjGEp5cTF7GgG5nsGaYAGfQ1
ZVmQt8lPVjTO+ZDNYl6KQtj9K1DkYfiTagJoaHrlzth5Yc7N08EFib/9656PV0+1
K0Ax9wvSGE4LPhwqcHxb+MfJ/LVYPrbm3W4795FN3zdT0pC8F44PGUDrvSW7qsHu
lkscHzrlFKK6hrmxEGvPShKr5ttPX+QNhONzAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU0H+R3NRFbs0VQ/9tz6TifPYF3powHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBILVIzTlJGYnMwVlFf
OXR6NlRpZlBZRjNwby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJnbX964KwIHlBQ0
NthykJBJD1DR6Fg9H1mF6w8FMx/ODuAHnYukqkhTNc+WK5XafF97C+8MBkPS2ASh
K6u+me1ZK+CvTXheEYiKQnLGQ1IpQV6gx8DWmeGBa4DmtjZKDi12fzrvU89oAaNh
9IlKlsKjwN48461u+gvnAlhWBtBx//TpBQSmP/NAic9u5Fh86OgIiyuSiWqPoWSQ
JYd7WHoxOaFQyzZxCyKTLQfW9lW8j8McFiJJOPyGQnKhvS+hZFyosi7fdNb5gBxp
AMtC/ntUvA7ldsjfcTGlZ8EBy23ghp+OKceHGlu0+tc6V3cj95hnz3HUpMKK5QaN
ExTyOPE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:08 2024 by rpki-client on console-ams.rpki-client.org