Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8azKxVpb5p3XbGHyMjre2ncwLm0.roa
File: 8azKxVpb5p3XbGHyMjre2ncwLm0.roa (raw, json)
Hash identifier: n9yo9ZrPEWQysUQTg/X8Bfu60AkRVj50egD3d3s9Ulk=
Subject key identifier: F1:AC:CA:C5:5A:5B:E6:9D:D7:6C:61:F2:32:3A:DE:DA:77:30:2E:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5769
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8azKxVpb5p3XbGHyMjre2ncwLm0.roa
Signing time: Wed 15 May 2024 03:24:34 +0000
ROA not before: Wed 15 May 2024 03:24:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22377 (0x5769)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 03:24:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F1ACCAC55A5BE69DD76C61F2323ADEDA77302E6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9a:a6:bf:aa:31:45:fd:ab:48:08:4c:72:3c:
6b:b4:9b:d6:2d:61:33:cc:73:a1:1e:49:9d:73:6d:
fb:c6:1f:45:6e:bd:38:a9:d9:a1:60:27:74:b4:af:
c1:f0:7c:01:80:f6:4b:47:66:31:eb:16:6c:d6:1d:
da:14:91:c0:9b:b3:51:75:14:fb:6c:c7:43:72:b3:
fa:e5:f5:c2:53:cc:04:6e:99:cd:b4:d0:79:2d:b3:
5d:68:ba:be:bf:ab:54:13:80:6c:ff:7f:59:64:78:
b0:e6:18:e4:07:06:78:eb:cb:59:91:50:e9:5d:1e:
9e:d5:6a:cd:f6:f0:3a:a1:76:d0:9e:b0:39:a6:61:
3c:e1:ce:4c:bf:8b:de:89:00:57:eb:7e:dd:47:83:
cd:eb:49:83:86:74:a8:df:7d:86:61:03:09:ec:97:
73:d2:4d:88:a5:41:9e:b0:f7:bb:9c:50:69:b0:d6:
3a:99:7b:a9:30:7d:a8:e5:3d:47:20:8d:ef:9e:cd:
b1:45:7e:86:16:e6:b5:95:cb:d2:27:87:eb:ff:e0:
0d:69:cf:8d:f3:3f:b5:45:db:24:dd:f8:c3:7f:7d:
7b:3f:a1:d4:44:d4:63:9f:71:64:9a:85:41:f7:b3:
6c:e4:e4:44:52:d5:39:52:e0:4f:43:75:c6:54:44:
54:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:AC:CA:C5:5A:5B:E6:9D:D7:6C:61:F2:32:3A:DE:DA:77:30:2E:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8azKxVpb5p3XbGHyMjre2ncwLm0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
ae:73:27:4c:96:b2:a4:0d:df:02:03:2d:1a:9c:15:4b:4c:91:
48:c7:51:92:a0:dd:f8:30:b3:d9:5b:ba:0b:65:57:0c:3c:40:
24:8d:13:2c:72:99:f1:0d:c9:8a:d0:1f:fa:f8:bd:0a:ad:ff:
d1:e9:8c:66:7b:b6:39:db:13:66:ec:52:83:0b:e1:7b:f3:ba:
b9:e8:ee:d9:10:f3:fe:9b:81:96:cc:ef:1f:95:6e:81:cd:3b:
46:79:fb:34:0f:b9:b8:db:90:2c:0c:c9:ad:7b:42:80:d8:46:
0e:9d:7f:9c:a8:18:7a:52:33:76:6e:a5:ef:4a:fb:5c:c2:b3:
55:6b:60:d3:c1:2a:62:ac:ea:9d:b4:84:3a:93:ae:ec:bf:d9:
94:40:b8:1e:b6:50:08:76:f5:f7:fb:1d:5f:b8:82:77:33:bd:
09:d1:f9:64:b4:eb:58:b3:34:e1:ec:eb:69:63:72:9e:4f:06:
f9:a7:92:1e:ee:fa:05:cd:b9:c1:1c:d7:ce:24:63:26:16:55:
86:8c:6d:15:c6:62:3a:f8:af:53:49:3b:63:59:42:32:c8:74:
e7:e1:72:45:bb:b4:79:74:83:25:1a:b2:9c:f0:40:d2:a0:f5:
a6:42:e6:1e:72:87:ef:99:f6:d0:c2:b0:d6:56:cd:5b:99:16:
d5:fd:12:4f
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICV2kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUw
MzI0MzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYxQUNDQUM1NUE1QkU2
OURENzZDNjFGMjMyM0FERURBNzczMDJFNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjmqa/qjFF/atICExyPGu0m9YtYTPMc6EeSZ1zbfvGH0VuvTip
2aFgJ3S0r8HwfAGA9ktHZjHrFmzWHdoUkcCbs1F1FPtsx0Nys/rl9cJTzARumc20
0Hkts11our6/q1QTgGz/f1lkeLDmGOQHBnjry1mRUOldHp7Vas328DqhdtCesDmm
YTzhzky/i96JAFfrft1Hg83rSYOGdKjffYZhAwnsl3PSTYilQZ6w97ucUGmw1jqZ
e6kwfajlPUcgje+ezbFFfoYW5rWVy9Inh+v/4A1pz43zP7VF2yTd+MN/fXs/odRE
1GOfcWSahUH3s2zk5ERS1TlS4E9DdcZURFRrAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU8azKxVpb5p3XbGHyMjre2ncwLm0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Lzhhekt4VnBiNXAzWGJH
SHlNanJlMm5jd0xtMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAK5zJ0yWsqQN3wID
LRqcFUtMkUjHUZKg3fgws9lbugtlVww8QCSNEyxymfENyYrQH/r4vQqt/9HpjGZ7
tjnbE2bsUoML4Xvzurno7tkQ8/6bgZbM7x+VboHNO0Z5+zQPubjbkCwMya17QoDY
Rg6df5yoGHpSM3Zupe9K+1zCs1VrYNPBKmKs6p20hDqTruy/2ZRAuB62UAh29ff7
HV+4gnczvQnR+WS061izNOHs62ljcp5PBvmnkh7u+gXNucEc184kYyYWVYaMbRXG
Yjr4r1NJO2NZQjLIdOfhckW7tHl0gyUaspzwQNKg9aZC5h5yh++Z9tDCsNZWzVuZ
FtX9Ek8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:09 2024 by rpki-client on console-fra.rpki-client.org