Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MFH5rJ1n3KGAVySIFfsj4w11du8.roa
File: MFH5rJ1n3KGAVySIFfsj4w11du8.roa (raw, json)
Hash identifier: I4KbLf06HMUg7DxdoELbhg6aMRyCxzP2OhuNwv2MC9c=
Subject key identifier: 30:51:F9:AC:9D:67:DC:A1:80:57:24:88:15:FB:23:E3:0D:75:76:EF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 32DD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MFH5rJ1n3KGAVySIFfsj4w11du8.roa
Signing time: Wed 27 Mar 2024 09:52:06 +0000
ROA not before: Wed 27 Mar 2024 09:52:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13021 (0x32dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 09:52:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3051F9AC9D67DCA18057248815FB23E30D7576EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c4:01:28:33:46:63:ce:ce:fa:bc:57:4e:3f:
22:2e:a8:4b:5c:68:bd:a6:1b:9a:3d:c2:46:09:3f:
b1:93:37:87:3a:e6:20:0a:f2:8b:2b:df:50:d3:eb:
81:71:84:91:7d:8d:5b:26:d8:d8:4c:7d:5c:b3:81:
55:2f:34:6a:42:23:ae:ae:cf:10:7a:23:af:2f:9a:
09:5d:f7:43:df:75:05:a7:0e:68:78:69:d0:9b:e2:
ff:94:db:b4:5e:ec:16:1b:de:24:f2:77:4d:a1:8d:
8c:73:21:e2:88:45:1a:29:f3:93:62:1e:37:f5:07:
1a:6a:7c:3d:69:bb:e4:e4:e7:38:49:0a:95:71:e2:
6a:58:79:bc:59:d0:89:97:16:5a:ab:43:be:28:85:
6f:01:41:81:a4:18:e6:95:18:87:14:5d:ef:3a:ed:
6f:d0:d1:db:b9:7a:36:f1:66:31:53:9b:c0:c1:8d:
08:9c:f0:49:c9:a1:98:81:1a:cb:48:99:c2:b8:0f:
91:a1:9b:34:d9:6b:49:33:03:34:e8:b5:ae:90:fa:
6e:06:37:86:f3:09:3c:4e:ce:c7:ab:2d:39:cf:12:
a6:a0:b6:a8:e3:81:d7:ee:37:ce:d0:d8:b2:a4:54:
ad:0e:30:5f:00:68:05:5b:f4:42:8a:e0:9d:8d:ad:
25:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:51:F9:AC:9D:67:DC:A1:80:57:24:88:15:FB:23:E3:0D:75:76:EF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MFH5rJ1n3KGAVySIFfsj4w11du8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
12:bf:f0:54:a6:f9:10:65:9c:76:7f:41:c3:14:3f:24:f8:0d:
e6:cd:6d:93:ba:dd:14:83:5e:c6:64:a2:b9:6b:00:9b:21:79:
d5:73:2c:9c:67:c3:5d:9d:9f:6d:e0:d5:db:7a:6d:5d:c7:18:
ea:fa:b6:3e:fb:0e:0b:61:21:d9:6b:a9:73:6c:59:08:3b:79:
42:c3:63:1c:63:2b:d0:e5:79:9c:80:05:95:44:26:c0:9a:d4:
10:31:25:ad:b8:9e:17:b8:6d:09:19:e1:69:8a:c8:cf:ea:04:
f5:16:d1:9e:11:4e:86:92:f2:73:51:cb:5b:da:fa:d4:60:01:
23:be:6c:4b:35:01:3b:8c:fb:1a:1d:86:40:bd:d9:9c:bd:41:
37:38:2c:1b:89:fb:2d:3d:31:ac:62:1e:2a:f1:b2:56:f2:9c:
8e:91:3b:c4:05:2b:4c:a9:b6:cd:c6:66:af:f9:4d:7b:d4:07:
19:4a:14:51:85:e5:82:10:e4:57:5b:a7:07:c5:87:65:2e:84:
02:28:da:48:22:58:b7:a0:b5:5f:02:10:f4:04:53:8e:be:10:
43:6c:e4:15:25:0e:76:8d:d4:88:6a:6d:f7:1b:3d:44:7d:50:
17:77:4f:1a:8f:f1:7d:43:4f:a0:75:85:fa:81:46:76:12:15:
a9:86:08:6a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICMt0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcw
OTUyMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMwNTFGOUFDOUQ2N0RD
QTE4MDU3MjQ4ODE1RkIyM0UzMEQ3NTc2RUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdxAEoM0Zjzs76vFdOPyIuqEtcaL2mG5o9wkYJP7GTN4c65iAK
8osr31DT64FxhJF9jVsm2NhMfVyzgVUvNGpCI66uzxB6I68vmgld90PfdQWnDmh4
adCb4v+U27Re7BYb3iTyd02hjYxzIeKIRRop85NiHjf1BxpqfD1pu+Tk5zhJCpVx
4mpYebxZ0ImXFlqrQ74ohW8BQYGkGOaVGIcUXe867W/Q0du5ejbxZjFTm8DBjQic
8EnJoZiBGstImcK4D5GhmzTZa0kzAzTota6Q+m4GN4bzCTxOzserLTnPEqagtqjj
gdfuN87Q2LKkVK0OMF8AaAVb9EKK4J2NrSWFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUMFH5rJ1n3KGAVySIFfsj4w11du8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L01GSDVySjFuM0tHQVZ5
U0lGZnNqNHcxMWR1OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABK/8FSm+RBlnHZ/
QcMUPyT4DebNbZO63RSDXsZkorlrAJshedVzLJxnw12dn23g1dt6bV3HGOr6tj77
DgthIdlrqXNsWQg7eULDYxxjK9DleZyABZVEJsCa1BAxJa24nhe4bQkZ4WmKyM/q
BPUW0Z4RToaS8nNRy1va+tRgASO+bEs1ATuM+xodhkC92Zy9QTc4LBuJ+y09Maxi
HirxslbynI6RO8QFK0ypts3GZq/5TXvUBxlKFFGF5YIQ5FdbpwfFh2UuhAIo2kgi
WLegtV8CEPQEU46+EENs5BUlDnaN1IhqbfcbPUR9UBd3TxqP8X1DT6B1hfqBRnYS
FamGCGo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:34 2024 by rpki-client on console-ams.rpki-client.org