Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MMI6-MKWQjc-sOwfI6HHoAmzUyU.roa
File: MMI6-MKWQjc-sOwfI6HHoAmzUyU.roa (raw, json)
Hash identifier: Ghzee8iT82+AzLzqN8YcV/JnWMO+n1e8ZcqzIuM61Qc=
Subject key identifier: 30:C2:3A:F8:C2:96:42:37:3E:B0:EC:1F:23:A1:C7:A0:09:B3:53:25
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36FD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MMI6-MKWQjc-sOwfI6HHoAmzUyU.roa
Signing time: Mon 01 Apr 2024 21:52:12 +0000
ROA not before: Mon 01 Apr 2024 21:52:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14077 (0x36fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 21:52:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=30C23AF8C29642373EB0EC1F23A1C7A009B35325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f1:b4:9c:28:fc:a9:dd:ae:6a:f2:26:e9:fb:
f8:b2:f3:43:1d:75:fe:64:fc:f2:5d:ef:b3:ee:6d:
65:b0:88:5c:d4:cd:dc:eb:14:6f:32:f5:6f:80:83:
7f:8d:6b:a9:0a:3c:e7:e5:c5:03:89:5f:b4:24:c4:
a0:a5:49:b5:3c:bf:02:b5:0a:30:d9:32:f2:a3:fc:
cd:9b:69:95:10:f8:30:01:95:d2:54:d8:5a:0d:81:
5b:3e:79:77:46:b6:1c:44:dd:0c:51:27:18:9b:88:
20:55:bd:ed:3c:98:1e:0d:47:ab:a1:9e:8f:6a:04:
87:e9:a3:15:49:11:73:27:3b:57:51:7f:92:40:1e:
53:a8:e0:7f:39:bb:a4:5a:90:a1:f3:02:cd:18:04:
c5:26:5c:af:a3:04:e7:78:a3:59:d6:89:48:75:58:
89:1f:d1:d6:fe:5e:47:fd:12:d8:f3:6d:dd:fc:a0:
6c:3e:ea:0c:71:32:78:ae:55:14:66:d5:cc:16:7b:
d8:7e:f9:bc:27:cc:90:b3:15:b8:58:3e:51:c5:be:
ec:9a:bb:99:a6:9f:a1:83:46:9d:c3:da:72:d3:35:
a1:aa:c8:0a:50:d0:d0:92:82:0f:77:ea:32:c6:9f:
5c:2d:32:c6:78:59:43:d0:ba:28:69:49:3b:78:a1:
99:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:C2:3A:F8:C2:96:42:37:3E:B0:EC:1F:23:A1:C7:A0:09:B3:53:25
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MMI6-MKWQjc-sOwfI6HHoAmzUyU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
62:1d:e2:8e:fa:ff:fb:47:a6:4d:5c:c1:aa:17:24:9b:09:c1:
a7:8c:cc:13:1d:70:5c:8e:40:17:d2:05:dd:77:11:b3:8d:ed:
bd:88:cb:4d:f3:52:76:9d:db:fd:86:1a:44:df:70:3b:8e:55:
01:49:db:8f:06:40:d7:50:56:64:d3:01:5d:56:7a:35:f6:7c:
d5:0a:2d:91:e7:db:f8:8c:65:ee:5b:2f:17:bf:86:5a:dc:3f:
1e:0e:ba:4e:be:d8:00:29:8a:20:19:b8:3a:b8:0a:d3:a9:4a:
2b:d5:40:21:11:5d:46:36:85:ec:e3:7f:6d:56:3a:1d:75:f5:
37:67:f7:c2:30:e9:40:0b:79:21:af:2c:25:37:f3:f9:56:01:
5e:59:aa:ea:ab:8e:91:ec:5e:69:23:41:31:33:7d:a1:9c:b0:
51:32:93:af:8e:06:e5:74:2e:58:7f:41:f8:50:96:be:c5:f8:
bf:f8:67:16:3f:48:65:c4:3a:6f:87:32:47:d3:a8:71:07:68:
db:24:cf:7a:f0:dc:32:70:3a:3b:73:b5:49:bc:ca:73:67:e7:
17:cf:a1:e9:4c:c0:64:86:50:c1:68:21:fe:f7:16:af:af:c4:
e9:0f:09:2a:cc:a9:03:4a:d0:ac:db:6c:0a:8e:e8:78:1c:a6:
de:0c:ae:02
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNv0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEy
MTUyMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMwQzIzQUY4QzI5NjQy
MzczRUIwRUMxRjIzQTFDN0EwMDlCMzUzMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC38bScKPyp3a5q8ibp+/iy80Mddf5k/PJd77PubWWwiFzUzdzr
FG8y9W+Ag3+Na6kKPOflxQOJX7QkxKClSbU8vwK1CjDZMvKj/M2baZUQ+DABldJU
2FoNgVs+eXdGthxE3QxRJxibiCBVve08mB4NR6uhno9qBIfpoxVJEXMnO1dRf5JA
HlOo4H85u6RakKHzAs0YBMUmXK+jBOd4o1nWiUh1WIkf0db+Xkf9Etjzbd38oGw+
6gxxMniuVRRm1cwWe9h++bwnzJCzFbhYPlHFvuyau5mmn6GDRp3D2nLTNaGqyApQ
0NCSgg936jLGn1wtMsZ4WUPQuihpSTt4oZlTAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUMMI6+MKWQjc+sOwfI6HHoAmzUyUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L01NSTYtTUtXUWpjLXNP
d2ZJNkhIb0FtelV5VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGId4o76//tHpk1c
waoXJJsJwaeMzBMdcFyOQBfSBd13EbON7b2Iy03zUnad2/2GGkTfcDuOVQFJ248G
QNdQVmTTAV1WejX2fNUKLZHn2/iMZe5bLxe/hlrcPx4Ouk6+2AApiiAZuDq4CtOp
SivVQCERXUY2hezjf21WOh119Tdn98Iw6UALeSGvLCU38/lWAV5ZquqrjpHsXmkj
QTEzfaGcsFEyk6+OBuV0Llh/QfhQlr7F+L/4ZxY/SGXEOm+HMkfTqHEHaNskz3rw
3DJwOjtztUm8ynNn5xfPoelMwGSGUMFoIf73Fq+vxOkPCSrMqQNK0KzbbAqO6Hgc
pt4MrgI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:34 2024 by rpki-client on console-ams.rpki-client.org