Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ON8XFLKxWiXUgYfsqRYS8jV0vbA.roa
File: ON8XFLKxWiXUgYfsqRYS8jV0vbA.roa (raw, json)
Hash identifier: AztdqJk4zsM1SQC9idm7kBbOltpW9TjF7jNq94upOlM=
Subject key identifier: 38:DF:17:14:B2:B1:5A:25:D4:81:87:EC:A9:16:12:F2:35:74:BD:B0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 545D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ON8XFLKxWiXUgYfsqRYS8jV0vbA.roa
Signing time: Sat 11 May 2024 01:54:08 +0000
ROA not before: Sat 11 May 2024 01:54:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21597 (0x545d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 01:54:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=38DF1714B2B15A25D48187ECA91612F23574BDB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:2c:c0:10:ab:dc:62:0f:ec:c8:f3:62:65:01:
20:e3:c5:1e:2f:9a:ca:34:2e:47:38:f7:53:d7:03:
33:7b:ca:a9:27:78:49:31:0c:e2:b6:26:39:af:49:
4d:92:66:a3:32:ed:96:ee:09:ea:75:c6:89:71:f3:
2b:9c:6e:c5:59:12:20:12:bb:3d:68:e2:c1:ec:2c:
1b:5e:ce:86:e4:8b:cc:c4:57:13:ff:08:1f:a8:0b:
08:df:13:ba:18:66:c9:89:88:d4:79:b2:62:f0:b8:
78:8c:8d:1e:b4:0a:fc:db:52:67:71:4b:de:32:7f:
00:c4:e3:61:fd:05:85:fe:d8:92:d5:0d:0b:a6:76:
cb:85:d5:ee:18:46:fe:df:92:d9:d4:14:02:cd:c3:
09:2d:02:ea:f3:8a:e7:f8:8a:e6:d1:5c:b9:c1:fe:
59:b2:e7:12:a1:05:a4:65:de:55:49:0b:1a:e8:27:
d3:31:d1:f1:30:ac:24:9e:39:4e:34:f6:34:36:70:
3d:c7:17:7f:16:70:57:4e:ab:8b:c8:9b:a5:51:79:
dd:27:68:a5:b6:0f:1c:e5:05:92:b7:9a:94:cf:30:
f1:86:5e:0a:13:d4:b4:0a:83:c5:31:8c:6b:45:97:
15:d6:ec:71:52:40:18:81:fe:4e:d2:35:09:38:cd:
d8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DF:17:14:B2:B1:5A:25:D4:81:87:EC:A9:16:12:F2:35:74:BD:B0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ON8XFLKxWiXUgYfsqRYS8jV0vbA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
84:d0:7d:b1:84:ca:65:7d:8b:d2:2a:21:1f:5a:ff:d0:5b:29:
c7:57:22:87:63:88:d6:a2:53:bb:d4:94:21:e4:a6:47:4b:01:
df:6c:de:65:b6:01:9d:6f:68:e2:96:20:fd:f5:de:c4:b0:6c:
e8:4b:39:27:92:0c:57:13:e8:5e:8c:64:7e:d3:da:4d:d2:54:
8a:e4:fe:1e:c7:91:2e:e4:b4:a4:37:38:06:e7:af:0b:1f:ac:
70:7a:57:e8:f9:11:00:a5:fa:7a:3e:64:4d:69:37:4f:5a:4d:
4f:42:c1:2d:b0:35:c5:cb:0b:bf:ba:be:ba:ee:54:39:2c:ed:
84:59:f8:13:54:0c:67:4c:40:f3:e0:e9:05:19:85:04:8c:a0:
41:00:e4:72:42:19:d9:fc:7a:79:32:1b:2a:34:41:fb:b5:a3:
bc:b5:23:ee:71:84:41:9c:3a:1c:79:12:74:b4:0b:8c:37:a8:
1b:6b:8a:3d:40:d7:34:16:26:cd:8d:25:12:22:1b:0c:85:8e:
c8:ff:40:b2:da:f4:3c:f8:5e:4d:52:4b:10:c9:b8:3e:4e:4e:
8b:75:da:c8:ab:0b:de:8b:f5:27:a6:a5:f2:e7:c4:67:0d:5a:
0d:2b:c1:9b:dd:ff:0d:c1:84:b3:6a:d3:86:3a:cc:df:37:32:
21:b3:8c:46
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVF0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEw
MTU0MDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM4REYxNzE0QjJCMTVB
MjVENDgxODdFQ0E5MTYxMkYyMzU3NEJEQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD2LMAQq9xiD+zI82JlASDjxR4vmso0Lkc491PXAzN7yqkneEkx
DOK2JjmvSU2SZqMy7ZbuCep1xolx8yucbsVZEiASuz1o4sHsLBtezobki8zEVxP/
CB+oCwjfE7oYZsmJiNR5smLwuHiMjR60CvzbUmdxS94yfwDE42H9BYX+2JLVDQum
dsuF1e4YRv7fktnUFALNwwktAurziuf4iubRXLnB/lmy5xKhBaRl3lVJCxroJ9Mx
0fEwrCSeOU409jQ2cD3HF38WcFdOq4vIm6VRed0naKW2DxzlBZK3mpTPMPGGXgoT
1LQKg8UxjGtFlxXW7HFSQBiB/k7SNQk4zdjXAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUON8XFLKxWiXUgYfsqRYS8jV0vbAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09OOFhGTEt4V2lYVWdZ
ZnNxUllTOGpWMHZiQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAITQfbGEymV9i9Iq
IR9a/9BbKcdXIodjiNaiU7vUlCHkpkdLAd9s3mW2AZ1vaOKWIP313sSwbOhLOSeS
DFcT6F6MZH7T2k3SVIrk/h7HkS7ktKQ3OAbnrwsfrHB6V+j5EQCl+no+ZE1pN09a
TU9CwS2wNcXLC7+6vrruVDks7YRZ+BNUDGdMQPPg6QUZhQSMoEEA5HJCGdn8enky
Gyo0Qfu1o7y1I+5xhEGcOhx5EnS0C4w3qBtrij1A1zQWJs2NJRIiGwyFjsj/QLLa
9Dz4Xk1SSxDJuD5OTot12sirC96L9SempfLnxGcNWg0rwZvd/w3BhLNq04Y6zN83
MiGzjEY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:37 2024 by rpki-client on console-ams.rpki-client.org