Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RSh8PSMC75Av_LpxDuSIuW2WTHI.roa
File: RSh8PSMC75Av_LpxDuSIuW2WTHI.roa (raw, json)
Hash identifier: xAcCk1tsDvQYtRpgWnifAmPomGbOvvugFGGraAuHAf8=
Subject key identifier: 45:28:7C:3D:23:02:EF:90:2F:FC:BA:71:0E:E4:88:B9:6D:96:4C:72
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3451
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RSh8PSMC75Av_LpxDuSIuW2WTHI.roa
Signing time: Fri 29 Mar 2024 08:22:04 +0000
ROA not before: Fri 29 Mar 2024 08:22:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13393 (0x3451)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 08:22:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=45287C3D2302EF902FFCBA710EE488B96D964C72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:27:b6:fd:b0:be:74:1d:3b:ec:2d:ea:6d:7a:
c0:c4:0f:76:83:18:07:87:49:24:65:0d:87:58:fa:
ee:96:0e:78:e2:33:b8:2f:07:fd:1b:af:df:64:c8:
ab:77:d4:26:b7:61:07:81:e9:a8:ba:a8:55:48:d2:
8c:aa:79:44:f4:b8:61:21:f5:e4:cc:f6:c3:b0:d1:
a3:97:7f:58:99:6b:9d:45:38:12:d6:7d:cf:f0:f4:
4b:26:e1:1f:24:e3:52:5c:d2:19:65:dc:01:3f:d6:
d0:66:3d:f1:46:a4:6d:61:34:01:d5:67:33:c8:a2:
0d:97:29:aa:6e:14:09:56:3d:73:ff:3f:bf:7f:12:
2f:75:7f:65:8e:3a:c8:c5:6d:f4:4e:27:a0:32:80:
37:4c:79:2b:ba:bb:e7:99:76:96:eb:e2:83:14:98:
6c:80:fe:4c:78:7f:85:fe:2f:fd:a6:c2:91:5d:58:
a2:7e:99:e9:e4:7b:2e:b2:c7:ad:be:6d:18:40:a0:
6a:1b:34:dd:d3:e9:fd:6d:ef:62:02:07:ae:db:ea:
c0:ef:d8:fb:9a:b4:c7:62:a7:84:29:ed:25:db:9f:
f1:a5:71:e8:ab:e0:49:ed:7c:3b:6c:8d:a6:54:5c:
3f:2f:04:b9:63:ec:3a:27:4f:44:a0:44:17:aa:a3:
3a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:28:7C:3D:23:02:EF:90:2F:FC:BA:71:0E:E4:88:B9:6D:96:4C:72
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RSh8PSMC75Av_LpxDuSIuW2WTHI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9b:d6:74:94:da:6a:0c:94:94:9c:c5:fc:57:2e:03:b2:c0:da:
8a:c5:65:fa:86:f0:ea:0c:e9:27:76:95:f9:90:e5:5f:8f:0a:
6f:f9:e9:87:33:61:ca:3a:7e:7f:64:ce:df:61:2a:50:03:4d:
d4:ee:18:91:2e:7a:91:3d:52:86:08:1d:ac:ba:60:d8:33:8a:
24:5f:11:84:c9:c5:38:5e:65:f7:87:41:4d:8e:2f:03:38:bd:
7c:6b:d9:50:e1:3b:aa:96:40:f3:25:b4:22:a3:19:27:1a:3c:
b0:96:d7:a6:12:8f:5d:4e:6e:bb:e7:61:ee:cf:8c:8c:8c:c4:
1c:d0:77:f2:b7:81:14:a7:ff:c5:03:6e:a2:91:aa:80:f2:4c:
22:4b:2b:d1:d6:a5:e8:19:a3:43:28:0f:eb:d9:2c:41:4d:9f:
7a:fb:5d:5c:ca:ae:c4:01:49:fd:88:a6:44:d4:ba:ea:49:7a:
10:bd:2f:11:e8:fe:25:38:df:08:08:5a:ea:c7:c8:b9:04:ca:
a1:da:45:d5:b3:fb:76:ba:f3:06:7c:9d:68:52:7d:ab:f1:b6:
98:59:56:ee:d9:c2:eb:b0:df:a7:a5:2b:76:fe:b6:a5:71:6f:
62:50:9e:96:8a:8c:d9:fc:c9:60:b0:ce:15:fe:6e:e3:29:dc:
26:ce:bb:c9
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNFEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
ODIyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ1Mjg3QzNEMjMwMkVG
OTAyRkZDQkE3MTBFRTQ4OEI5NkQ5NjRDNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiJ7b9sL50HTvsLeptesDED3aDGAeHSSRlDYdY+u6WDnjiM7gv
B/0br99kyKt31Ca3YQeB6ai6qFVI0oyqeUT0uGEh9eTM9sOw0aOXf1iZa51FOBLW
fc/w9Esm4R8k41Jc0hll3AE/1tBmPfFGpG1hNAHVZzPIog2XKapuFAlWPXP/P79/
Ei91f2WOOsjFbfROJ6AygDdMeSu6u+eZdpbr4oMUmGyA/kx4f4X+L/2mwpFdWKJ+
menkey6yx62+bRhAoGobNN3T6f1t72ICB67b6sDv2PuatMdip4Qp7SXbn/Glceir
4EntfDtsjaZUXD8vBLlj7DonT0SgRBeqozqXAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQURSh8PSMC75Av/LpxDuSIuW2WTHIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JTaDhQU01DNzVBdl9M
cHhEdVNJdVcyV1RISS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJvWdJTaagyUlJzF
/FcuA7LA2orFZfqG8OoM6Sd2lfmQ5V+PCm/56YczYco6fn9kzt9hKlADTdTuGJEu
epE9UoYIHay6YNgziiRfEYTJxTheZfeHQU2OLwM4vXxr2VDhO6qWQPMltCKjGSca
PLCW16YSj11ObrvnYe7PjIyMxBzQd/K3gRSn/8UDbqKRqoDyTCJLK9HWpegZo0Mo
D+vZLEFNn3r7XVzKrsQBSf2IpkTUuupJehC9LxHo/iU43wgIWurHyLkEyqHaRdWz
+3a68wZ8nWhSfavxtphZVu7Zwuuw36elK3b+tqVxb2JQnpaKjNn8yWCwzhX+buMp
3CbOu8k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:25 2024 by rpki-client on console-fra.rpki-client.org