Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0JWeFOhhswqw_onLzWeBasZHKLU.roa
File: 0JWeFOhhswqw_onLzWeBasZHKLU.roa (raw, json)
Hash identifier: H5DaCCUAnLBdu4tUX+cVlHelFeOW0hMULahZ6lZWsbg=
Subject key identifier: D0:95:9E:14:E8:61:B3:0A:B0:FE:89:CB:CD:67:81:6A:C6:47:28:B5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3AFD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0JWeFOhhswqw_onLzWeBasZHKLU.roa
Signing time: Sun 07 Apr 2024 05:52:29 +0000
ROA not before: Sun 07 Apr 2024 05:52:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15101 (0x3afd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 05:52:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D0959E14E861B30AB0FE89CBCD67816AC64728B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:af:9b:7c:61:c3:5d:7a:e6:4c:5e:5f:d8:16:
24:11:5b:56:ce:c1:7e:68:ca:8e:07:83:3f:90:bc:
ed:19:bb:35:9c:8f:50:f6:9b:51:f9:25:ad:77:a6:
93:37:d7:0e:3a:eb:af:63:f7:a9:ee:36:d0:9c:cf:
23:3d:38:de:1d:93:7e:5c:73:65:e8:ff:62:14:cb:
d2:77:b5:f8:b6:be:d2:b5:b5:57:d0:27:64:c4:af:
28:ca:92:f4:5d:51:c2:a5:63:00:3d:a0:b0:a9:3a:
f9:b2:bb:45:8a:64:90:a6:ed:dd:0f:76:a7:2c:e9:
41:c5:aa:4d:5c:58:03:87:26:ad:5c:40:1f:d6:28:
5d:b0:99:e2:65:90:0b:7f:41:1d:6e:a0:d0:e6:45:
60:76:9e:21:b6:a4:f2:87:c3:84:8d:cd:0d:af:36:
b2:d3:75:3d:e4:73:e1:55:84:5e:cd:97:7c:bb:67:
98:de:3a:f4:dd:07:cb:31:17:1e:32:0f:d7:85:07:
36:cf:5a:b7:8f:b8:8b:60:06:80:cf:cc:0b:7c:7e:
2e:71:90:f4:2a:f0:a2:b3:82:56:f3:9e:0a:8d:58:
36:53:97:54:2f:68:5c:3f:49:39:e1:e4:46:d8:0e:
64:57:c9:7b:c2:4b:11:97:e4:6a:f1:e1:e3:c7:3e:
48:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:95:9E:14:E8:61:B3:0A:B0:FE:89:CB:CD:67:81:6A:C6:47:28:B5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0JWeFOhhswqw_onLzWeBasZHKLU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:63:b6:d0:a3:8a:2e:bf:40:f7:bb:87:a5:a0:eb:87:63:50:
a7:37:c1:d5:ee:ad:79:0f:1a:46:54:0d:4a:09:dc:e9:b2:28:
1d:85:cd:17:36:1c:0a:1f:62:e1:60:c8:1e:86:d1:93:42:e6:
0d:f3:4a:bd:ff:93:23:7e:f6:e4:05:de:a4:fc:46:3a:e9:ef:
3e:25:f6:aa:86:55:37:cd:ee:a0:a6:58:1a:d0:48:dc:c5:f0:
03:41:e9:25:33:28:9c:c0:b4:68:3d:1e:b7:c6:fd:5d:31:9f:
21:24:b0:03:9e:9d:10:93:38:d0:35:7e:73:7d:d4:97:dc:e6:
55:48:6c:31:de:24:ad:c2:7b:7e:8e:df:6a:dc:05:56:25:85:
c6:e5:6a:42:6a:72:68:35:05:d5:02:81:1b:36:df:e6:89:48:
a0:dc:cc:4f:fd:75:af:99:87:34:02:a1:a5:30:a2:b5:90:48:
14:93:8a:f6:8d:50:83:5c:c9:5f:82:a5:d4:19:8a:fb:1b:14:
70:ca:3a:2c:ea:a5:53:8e:3e:e7:0b:29:22:c5:e5:17:6e:57:
46:23:88:7c:62:df:aa:3d:06:95:42:8e:7a:f1:86:57:1c:39:
a0:9d:9e:f7:e5:b9:ce:79:9b:8a:eb:b1:9e:53:a4:5c:4b:46:
59:57:46:70
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOv0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcw
NTUyMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQwOTU5RTE0RTg2MUIz
MEFCMEZFODlDQkNENjc4MTZBQzY0NzI4QjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBr5t8YcNdeuZMXl/YFiQRW1bOwX5oyo4Hgz+QvO0ZuzWcj1D2
m1H5Ja13ppM31w46669j96nuNtCczyM9ON4dk35cc2Xo/2IUy9J3tfi2vtK1tVfQ
J2TEryjKkvRdUcKlYwA9oLCpOvmyu0WKZJCm7d0Pdqcs6UHFqk1cWAOHJq1cQB/W
KF2wmeJlkAt/QR1uoNDmRWB2niG2pPKHw4SNzQ2vNrLTdT3kc+FVhF7Nl3y7Z5je
OvTdB8sxFx4yD9eFBzbPWrePuItgBoDPzAt8fi5xkPQq8KKzglbzngqNWDZTl1Qv
aFw/STnh5EbYDmRXyXvCSxGX5Grx4ePHPkgzAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU0JWeFOhhswqw/onLzWeBasZHKLUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBKV2VGT2hoc3dxd19v
bkx6V2VCYXNaSEtMVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAG1jttCjii6/QPe7
h6Wg64djUKc3wdXurXkPGkZUDUoJ3OmyKB2FzRc2HAofYuFgyB6G0ZNC5g3zSr3/
kyN+9uQF3qT8Rjrp7z4l9qqGVTfN7qCmWBrQSNzF8ANB6SUzKJzAtGg9HrfG/V0x
nyEksAOenRCTONA1fnN91Jfc5lVIbDHeJK3Ce36O32rcBVYlhcblakJqcmg1BdUC
gRs23+aJSKDczE/9da+ZhzQCoaUworWQSBSTivaNUINcyV+CpdQZivsbFHDKOizq
pVOOPucLKSLF5RduV0YjiHxi36o9BpVCjnrxhlccOaCdnvfluc55m4rrsZ5TpFxL
RllXRnA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:01 2024 by rpki-client on console-fra.rpki-client.org