Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/IUPs4qZlMi0ERtpSyniNw4aSERY.roa
File: IUPs4qZlMi0ERtpSyniNw4aSERY.roa (raw, json)
Hash identifier: jRyei+VUGi/7x1iF/RMfgvyAC/yhj23X4blK0BsTAa4=
Subject key identifier: 21:43:EC:E2:A6:65:32:2D:04:46:DA:52:CA:78:8D:C3:86:92:11:16
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 51FD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IUPs4qZlMi0ERtpSyniNw4aSERY.roa
Signing time: Tue 07 May 2024 21:53:56 +0000
ROA not before: Tue 07 May 2024 21:53:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20989 (0x51fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 21:53:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2143ECE2A665322D0446DA52CA788DC386921116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:9b:92:74:80:27:03:20:d6:b8:10:84:33:ed:
69:43:e7:42:81:13:00:e7:5a:c7:62:f1:39:55:c4:
5e:87:c1:dc:54:c5:d6:3d:26:6f:10:d3:87:49:ed:
5c:2b:43:43:2a:c8:74:d8:73:73:1c:4b:51:0f:7d:
04:3b:52:cf:9a:67:90:53:1f:5f:b5:6d:ec:63:27:
2c:83:f6:ef:31:01:f0:04:f9:96:9e:9e:da:fb:61:
31:60:29:fd:51:19:a8:91:e4:ef:59:55:7c:1b:61:
f1:55:90:76:f1:50:86:e9:8e:50:08:a3:20:10:ee:
4a:42:8c:e2:97:8e:3f:17:b2:b9:d1:ca:f5:00:f8:
85:71:06:24:22:78:ba:64:60:a4:1b:6b:c1:8a:68:
7b:9f:d6:06:ad:f2:ec:bf:39:99:67:14:68:ee:67:
b5:f0:22:78:0e:da:59:9b:27:7d:46:06:3b:0b:49:
56:f5:77:cc:be:1e:fc:2b:5d:d1:d7:ef:54:0e:8a:
7f:ab:f7:ab:2f:77:36:ea:fd:cd:60:30:f6:ce:59:
51:e6:48:eb:7b:1a:05:01:9b:2d:30:87:68:72:de:
b9:6b:17:88:47:2a:84:3d:5a:e1:25:38:a4:76:96:
f8:f9:d2:64:e8:c7:a2:4e:48:39:91:18:0d:00:90:
6e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:43:EC:E2:A6:65:32:2D:04:46:DA:52:CA:78:8D:C3:86:92:11:16
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IUPs4qZlMi0ERtpSyniNw4aSERY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
84:9b:9c:3c:7a:c1:f1:55:d9:7c:a6:e3:c5:00:fd:f7:e8:2a:
73:fc:8d:ce:2e:14:47:e5:30:ec:90:31:35:2e:e7:26:46:bc:
b9:25:f2:1c:c2:8f:68:a1:90:19:bb:0b:43:f9:61:39:94:3f:
fa:b8:9d:9a:2e:f9:61:79:fa:3b:b2:82:9d:8a:f2:b4:c6:cf:
57:4e:ff:82:0a:02:8e:16:8d:12:ef:26:f0:39:46:d2:cc:61:
ed:7a:d8:9d:94:0f:66:e3:ca:b9:ee:2d:c6:65:40:8d:3f:5f:
ae:43:73:0d:f9:ae:d0:48:18:57:10:20:1a:07:2e:09:db:5e:
1e:6d:a8:c5:85:78:4e:4d:da:1f:89:95:60:21:5d:c8:dd:54:
c2:85:2f:f4:7a:f7:c0:0a:35:f2:f3:c7:90:e4:f4:85:98:2e:
65:5d:26:57:3f:e4:f0:64:ae:a8:0d:ad:54:d4:45:73:c6:ad:
8d:95:73:04:ba:10:ab:f7:61:18:f6:1b:23:02:41:58:a2:c9:
32:4f:90:b6:81:55:29:10:dc:f1:cf:b4:e3:4d:a2:d5:7b:8e:
53:ca:51:4c:98:dd:4f:38:1c:a6:03:55:b4:32:1e:ad:55:72:
f3:5a:69:ac:55:7a:79:78:1a:a8:87:1b:8f:57:e8:96:95:4b:
d8:1d:77:f5
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUf0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcy
MTUzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxNDNFQ0UyQTY2NTMy
MkQwNDQ2REE1MkNBNzg4REMzODY5MjExMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnm5J0gCcDINa4EIQz7WlD50KBEwDnWsdi8TlVxF6HwdxUxdY9
Jm8Q04dJ7VwrQ0MqyHTYc3McS1EPfQQ7Us+aZ5BTH1+1bexjJyyD9u8xAfAE+Zae
ntr7YTFgKf1RGaiR5O9ZVXwbYfFVkHbxUIbpjlAIoyAQ7kpCjOKXjj8XsrnRyvUA
+IVxBiQieLpkYKQba8GKaHuf1gat8uy/OZlnFGjuZ7XwIngO2lmbJ31GBjsLSVb1
d8y+HvwrXdHX71QOin+r96svdzbq/c1gMPbOWVHmSOt7GgUBmy0wh2hy3rlrF4hH
KoQ9WuElOKR2lvj50mTox6JOSDmRGA0AkG5DAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUIUPs4qZlMi0ERtpSyniNw4aSERYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0lVUHM0cVpsTWkwRVJ0
cFN5bmlOdzRhU0VSWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAISbnDx6wfFV2Xym
48UA/ffoKnP8jc4uFEflMOyQMTUu5yZGvLkl8hzCj2ihkBm7C0P5YTmUP/q4nZou
+WF5+juygp2K8rTGz1dO/4IKAo4WjRLvJvA5RtLMYe162J2UD2bjyrnuLcZlQI0/
X65Dcw35rtBIGFcQIBoHLgnbXh5tqMWFeE5N2h+JlWAhXcjdVMKFL/R698AKNfLz
x5Dk9IWYLmVdJlc/5PBkrqgNrVTURXPGrY2VcwS6EKv3YRj2GyMCQViiyTJPkLaB
VSkQ3PHPtONNotV7jlPKUUyY3U84HKYDVbQyHq1VcvNaaaxVenl4GqiHG49X6JaV
S9gdd/U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:18 2024 by rpki-client on console-fra.rpki-client.org