Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6USnkbinAUBUzSLTHfB2bXsP908.roa
File: 6USnkbinAUBUzSLTHfB2bXsP908.roa (raw, json)
Hash identifier: atii/K9loAnFyBjbxca3uMg+OwYczUCLljESawwuUnQ=
Subject key identifier: E9:44:A7:91:B8:A7:01:40:54:CD:22:D3:1D:F0:76:6D:7B:0F:F7:4F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3BA5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6USnkbinAUBUzSLTHfB2bXsP908.roa
Signing time: Mon 08 Apr 2024 02:52:33 +0000
ROA not before: Mon 08 Apr 2024 02:52:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15269 (0x3ba5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 02:52:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E944A791B8A7014054CD22D31DF0766D7B0FF74F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:fa:89:98:4a:45:28:40:6e:32:13:e2:d6:5d:
c5:24:d8:77:cc:72:bf:d6:d3:d0:71:be:cb:bd:5c:
d2:da:38:b6:56:b2:82:5a:c7:2d:cb:cb:27:dc:93:
32:93:0c:22:a0:99:e9:73:2c:b9:e9:7a:b8:71:fb:
3c:95:c6:d9:4f:20:80:5f:b3:37:67:29:8c:cc:d6:
9e:aa:da:12:4b:91:cd:f3:a7:36:03:90:d9:06:7f:
68:60:69:82:5f:45:13:23:17:e7:80:2a:f3:a2:5b:
6f:32:d2:99:f8:cd:17:0e:0c:96:65:9a:6b:58:35:
eb:dc:ff:73:68:69:07:9f:da:14:40:1a:c0:28:a2:
ba:8c:79:f3:66:48:3b:fb:1f:b3:83:b9:50:3b:a5:
1b:7a:23:c1:bd:14:4e:43:9d:8a:ce:9f:08:0d:b4:
a2:74:3e:5b:0f:63:39:8e:4e:87:a8:c7:44:b6:f7:
dd:d0:00:c0:d5:b5:c9:fa:e6:14:d0:a8:e4:6f:cf:
fb:19:39:80:97:07:d9:8f:41:5e:d5:1f:ce:65:50:
a5:fe:e5:99:d7:8e:dd:f5:ea:c6:92:02:67:08:9b:
7d:af:26:e1:a0:b0:71:51:c5:48:fa:0a:07:a8:dc:
d4:e0:a9:d2:a9:15:4f:1a:72:73:95:e9:87:94:4b:
69:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:44:A7:91:B8:A7:01:40:54:CD:22:D3:1D:F0:76:6D:7B:0F:F7:4F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6USnkbinAUBUzSLTHfB2bXsP908.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7a:5b:66:3d:25:c7:15:0a:4b:c3:83:2f:8a:0b:47:06:c8:8a:
8c:b1:59:8c:b3:e7:a7:c1:30:7a:a6:f8:52:1b:43:e9:a4:63:
12:5b:a8:52:cd:41:92:c6:20:4b:78:4b:8f:b0:e2:a6:51:f7:
a1:26:1f:32:ea:dd:c4:7f:15:20:19:9b:73:a6:df:f1:5c:73:
71:9a:fd:f8:69:de:4a:04:fb:ea:d5:4c:57:e9:47:ce:29:a6:
61:55:7c:c4:dc:fe:18:c8:d6:bd:49:dd:7e:4b:5b:7b:b5:d0:
3c:da:0b:14:f9:64:5e:9c:7e:1c:81:0a:8d:18:b6:da:f7:9d:
48:1d:3c:e0:1c:fd:f8:44:0d:02:dd:7d:2b:9b:ad:44:27:4f:
69:ce:81:97:95:91:db:e0:05:a4:d8:5a:b1:0e:4f:b0:fa:e8:
c5:f4:c9:ac:df:14:37:d3:5c:7c:4a:e4:4d:47:2f:76:a5:96:
12:a0:47:84:16:4e:02:d5:d5:b5:2b:1f:3d:8e:dd:96:29:61:
4f:e7:a1:39:40:50:f0:d1:48:b3:f1:04:9b:50:9a:ad:98:e2:
e7:c0:36:dd:41:bc:01:11:8c:f0:ac:0e:ec:c1:3f:ad:51:48:
ae:d5:47:76:70:c0:43:66:85:6c:a4:6e:e2:23:e1:12:fd:66:
e6:be:49:b6
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICO6UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgw
MjUyMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU5NDRBNzkxQjhBNzAx
NDA1NENEMjJEMzFERjA3NjZEN0IwRkY3NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDe+omYSkUoQG4yE+LWXcUk2HfMcr/W09Bxvsu9XNLaOLZWsoJa
xy3LyyfckzKTDCKgmelzLLnperhx+zyVxtlPIIBfszdnKYzM1p6q2hJLkc3zpzYD
kNkGf2hgaYJfRRMjF+eAKvOiW28y0pn4zRcODJZlmmtYNevc/3NoaQef2hRAGsAo
orqMefNmSDv7H7ODuVA7pRt6I8G9FE5DnYrOnwgNtKJ0PlsPYzmOToeox0S2993Q
AMDVtcn65hTQqORvz/sZOYCXB9mPQV7VH85lUKX+5ZnXjt316saSAmcIm32vJuGg
sHFRxUj6Cgeo3NTgqdKpFU8acnOV6YeUS2lhAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU6USnkbinAUBUzSLTHfB2bXsP908wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZVU25rYmluQVVCVXpT
TFRIZkIyYlhzUDkwOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHpbZj0lxxUKS8OD
L4oLRwbIioyxWYyz56fBMHqm+FIbQ+mkYxJbqFLNQZLGIEt4S4+w4qZR96EmHzLq
3cR/FSAZm3Om3/Fcc3Ga/fhp3koE++rVTFfpR84ppmFVfMTc/hjI1r1J3X5LW3u1
0DzaCxT5ZF6cfhyBCo0Yttr3nUgdPOAc/fhEDQLdfSubrUQnT2nOgZeVkdvgBaTY
WrEOT7D66MX0yazfFDfTXHxK5E1HL3allhKgR4QWTgLV1bUrHz2O3ZYpYU/noTlA
UPDRSLPxBJtQmq2Y4ufANt1BvAERjPCsDuzBP61RSK7VR3ZwwENmhWykbuIj4RL9
Zua+SbY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:08 2024 by rpki-client on console-fra.rpki-client.org