Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0uBc80VwPEZKjK9IeIpU0Z-Ptn0.roa
File: 0uBc80VwPEZKjK9IeIpU0Z-Ptn0.roa (raw, json)
Hash identifier: shmSGQLLYt+Cz6zDbOnef0XmKKVtaZlYrA72Q9rD6qI=
Subject key identifier: D2:E0:5C:F3:45:70:3C:46:4A:8C:AF:48:78:8A:54:D1:9F:8F:B6:7D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 450D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0uBc80VwPEZKjK9IeIpU0Z-Ptn0.roa
Signing time: Sat 20 Apr 2024 15:53:04 +0000
ROA not before: Sat 20 Apr 2024 15:53:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17677 (0x450d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 15:53:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D2E05CF345703C464A8CAF48788A54D19F8FB67D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4c:89:0f:79:d0:db:7a:c4:32:6b:62:2a:b1:
2e:61:56:7c:4f:84:ad:a7:1c:7f:dc:3f:68:a4:db:
13:81:6a:62:d0:97:88:44:77:72:55:f4:5e:4a:f7:
e0:f1:b8:dc:0b:cc:7f:7f:7f:6a:8a:26:17:5e:3b:
f8:2e:31:86:a3:a2:f4:46:71:0d:ba:65:0e:d8:29:
da:32:05:34:5a:70:6f:73:87:26:e8:75:f9:d9:2b:
e5:af:f0:df:cf:99:0f:ba:a3:fd:9f:9a:53:35:c3:
a8:26:cc:2b:51:69:23:4a:c3:22:20:90:cd:8f:62:
75:f6:2d:e3:30:11:30:37:c9:c7:18:9c:a0:ab:23:
8f:bd:42:89:f3:2e:e1:ad:bd:63:eb:3f:4d:d0:ce:
94:b6:41:2c:d0:3a:df:73:14:59:bf:f3:fb:54:bb:
53:57:17:d5:87:24:47:06:cd:5f:50:9f:53:8c:c4:
54:9f:19:f5:6b:15:dc:f7:fe:ed:e7:a8:a2:e9:2c:
30:80:5f:bf:f5:d5:f0:78:54:e1:bd:68:f0:f8:f3:
78:ff:37:4c:8a:ed:0b:31:d4:f1:24:71:ab:b6:24:
fb:e6:27:b6:64:f0:c0:51:85:16:c3:a5:77:7a:23:
ef:42:7f:f8:3c:6f:c7:b2:2a:19:3a:d9:ab:98:99:
c1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:E0:5C:F3:45:70:3C:46:4A:8C:AF:48:78:8A:54:D1:9F:8F:B6:7D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0uBc80VwPEZKjK9IeIpU0Z-Ptn0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
67:e8:22:c9:61:2f:da:7b:52:6a:c0:33:88:5f:f8:55:28:0f:
6e:96:56:eb:87:81:b9:61:67:32:65:bc:0b:2c:8b:21:d2:d8:
17:42:7a:09:a0:6f:03:fd:ca:6c:07:88:e2:70:41:59:ec:0d:
69:cd:3c:51:e0:aa:f4:a8:73:fd:1e:69:4c:f7:b6:49:68:f7:
dd:18:88:4f:00:d1:e3:84:89:39:70:ad:7a:4c:fc:2c:a0:4f:
ea:b1:07:f7:09:0d:10:a7:48:17:73:6f:b3:6b:8d:78:67:5f:
35:1f:08:e6:2c:9c:b1:5b:2d:ee:74:1e:14:98:41:52:1a:40:
41:08:f4:db:a1:52:af:24:8e:fb:02:0f:f7:c2:ee:a8:45:05:
7d:a3:d8:c1:36:4d:e1:ed:1b:80:29:b8:0a:25:7b:cb:9b:ca:
41:9b:fe:84:af:2c:e9:88:88:4c:9f:83:5d:f6:5a:45:c6:c2:
3b:25:16:c7:ba:dd:85:6e:83:0b:ec:46:0c:b4:6f:4d:dd:95:
04:6f:65:ed:14:e1:2f:05:49:e5:5d:48:eb:62:aa:82:20:32:
38:a6:d9:5d:56:b5:03:bd:3a:b6:fe:e7:eb:61:ee:39:25:d7:
b2:d2:77:a8:24:d3:67:d5:c2:5b:5c:38:4a:56:be:ae:4a:aa:
fb:1f:ad:13
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRQ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
NTUzMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQyRTA1Q0YzNDU3MDND
NDY0QThDQUY0ODc4OEE1NEQxOUY4RkI2N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5TIkPedDbesQya2IqsS5hVnxPhK2nHH/cP2ik2xOBamLQl4hE
d3JV9F5K9+DxuNwLzH9/f2qKJhdeO/guMYajovRGcQ26ZQ7YKdoyBTRacG9zhybo
dfnZK+Wv8N/PmQ+6o/2fmlM1w6gmzCtRaSNKwyIgkM2PYnX2LeMwETA3yccYnKCr
I4+9QonzLuGtvWPrP03QzpS2QSzQOt9zFFm/8/tUu1NXF9WHJEcGzV9Qn1OMxFSf
GfVrFdz3/u3nqKLpLDCAX7/11fB4VOG9aPD483j/N0yK7Qsx1PEkcau2JPvmJ7Zk
8MBRhRbDpXd6I+9Cf/g8b8eyKhk62auYmcEFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU0uBc80VwPEZKjK9IeIpU0Z+Ptn0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzB1QmM4MFZ3UEVaS2pL
OUllSXBVMFotUHRuMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGfoIslhL9p7UmrA
M4hf+FUoD26WVuuHgblhZzJlvAssiyHS2BdCegmgbwP9ymwHiOJwQVnsDWnNPFHg
qvSoc/0eaUz3tklo990YiE8A0eOEiTlwrXpM/CygT+qxB/cJDRCnSBdzb7NrjXhn
XzUfCOYsnLFbLe50HhSYQVIaQEEI9NuhUq8kjvsCD/fC7qhFBX2j2ME2TeHtG4Ap
uAole8ubykGb/oSvLOmIiEyfg132WkXGwjslFse63YVugwvsRgy0b03dlQRvZe0U
4S8FSeVdSOtiqoIgMjim2V1WtQO9Orb+5+th7jkl17LSd6gk02fVwltcOEpWvq5K
qvsfrRM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:02 2024 by rpki-client on console-fra.rpki-client.org