Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/SAJTSg_sgmUn1qegfSZBDo28dzg.roa
File: SAJTSg_sgmUn1qegfSZBDo28dzg.roa (raw, json)
Hash identifier: /+aw7sg1V0PRh/hM76V/hy9pbA0voju5j+p4lS0FNBE=
Subject key identifier: 48:02:53:4A:0F:EC:82:65:27:D6:A7:A0:7D:26:41:0E:8D:BC:77:38
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 50A1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SAJTSg_sgmUn1qegfSZBDo28dzg.roa
Signing time: Mon 06 May 2024 02:23:59 +0000
ROA not before: Mon 06 May 2024 02:23:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20641 (0x50a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 6 02:23:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4802534A0FEC826527D6A7A07D26410E8DBC7738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2e:9e:d6:f2:eb:49:b5:da:bd:98:9f:50:c4:
9a:01:51:56:d4:7d:07:6e:35:5e:90:bd:d6:cb:b7:
de:7a:f0:3f:ae:f6:03:db:b0:2f:9c:17:c0:30:80:
f1:9a:14:2c:98:ed:f5:c1:ca:f0:10:53:af:c0:2e:
3d:cd:a5:36:f4:43:cc:79:a1:bf:fc:a2:e6:ec:82:
3f:06:03:3c:30:72:29:12:08:2c:14:bd:64:50:44:
a6:fd:00:bd:09:7e:88:97:0f:5d:84:59:b3:21:83:
89:20:3d:5d:e1:9b:4f:45:0b:04:62:a3:89:ce:64:
88:53:71:6e:93:49:9a:c3:e6:01:da:7c:20:59:96:
bd:18:62:85:0f:1c:20:60:36:cb:b8:00:2b:f7:ef:
79:73:83:a2:c2:8b:04:e6:00:f3:97:35:84:dd:6f:
ec:e2:e0:26:87:2e:54:27:57:81:74:29:8d:29:fe:
cf:ad:8b:a4:48:90:4b:28:a4:e4:a0:33:ff:58:24:
4d:cc:0d:d7:65:47:c7:8c:0b:f4:21:d5:a6:a7:60:
41:fe:1f:70:58:92:c9:95:50:9b:7c:0d:7b:22:72:
19:ce:de:06:30:be:d6:6c:41:f6:0a:3d:09:6a:a5:
38:cd:2e:d9:21:f9:4c:7d:bb:bc:c8:b9:f7:14:cb:
24:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:02:53:4A:0F:EC:82:65:27:D6:A7:A0:7D:26:41:0E:8D:BC:77:38
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SAJTSg_sgmUn1qegfSZBDo28dzg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
08:17:22:a3:ae:11:dc:43:8f:a1:38:83:c6:8c:c3:32:52:cd:
95:38:64:d0:10:49:8d:72:b3:37:55:f2:3b:4a:cf:c6:8e:49:
d1:07:c0:b4:fb:16:d9:83:71:20:03:06:62:21:d9:ee:a0:53:
ea:d0:b6:f7:71:41:76:74:81:64:86:7e:ec:2e:f8:2e:30:fa:
55:fc:d5:5e:e8:f8:90:d1:9a:b2:e8:83:af:93:b2:76:51:c9:
ae:6c:7d:a8:ea:9c:ea:3f:3e:e7:36:2d:6d:11:1e:f7:20:1f:
69:67:eb:03:c4:af:27:d5:ce:a4:81:72:2a:de:94:70:92:ad:
6b:de:48:33:ca:23:3d:d8:27:3a:1d:69:6f:81:8a:35:93:4b:
23:ac:13:89:38:2d:48:7a:0e:ac:bd:16:0d:cb:bb:0d:0a:5d:
b6:40:1b:39:35:99:83:2d:b5:49:73:6f:b7:cb:92:d0:a6:f4:
e3:e1:90:05:16:4f:88:02:eb:a4:d9:b6:3d:3d:0e:92:2d:7c:
e3:9d:13:25:cf:6a:78:c3:b8:79:cb:40:87:ab:4b:35:01:65:
aa:7e:12:62:60:8c:7b:a0:63:db:5f:dd:83:4f:51:88:f0:c7:
2d:ea:01:cf:fe:51:39:fe:44:b0:7a:61:76:c5:21:b3:8f:98:
05:b5:22:b6
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUKEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYw
MjIzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ4MDI1MzRBMEZFQzgy
NjUyN0Q2QTdBMDdEMjY0MTBFOERCQzc3MzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDALp7W8utJtdq9mJ9QxJoBUVbUfQduNV6QvdbLt9568D+u9gPb
sC+cF8AwgPGaFCyY7fXByvAQU6/ALj3NpTb0Q8x5ob/8oubsgj8GAzwwcikSCCwU
vWRQRKb9AL0JfoiXD12EWbMhg4kgPV3hm09FCwRio4nOZIhTcW6TSZrD5gHafCBZ
lr0YYoUPHCBgNsu4ACv373lzg6LCiwTmAPOXNYTdb+zi4CaHLlQnV4F0KY0p/s+t
i6RIkEsopOSgM/9YJE3MDddlR8eMC/Qh1aanYEH+H3BYksmVUJt8DXsichnO3gYw
vtZsQfYKPQlqpTjNLtkh+Ux9u7zIufcUyyRtAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUSAJTSg/sgmUn1qegfSZBDo28dzgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NBSlRTZ19zZ21VbjFx
ZWdmU1pCRG8yOGR6Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAgXIqOuEdxDj6E4
g8aMwzJSzZU4ZNAQSY1yszdV8jtKz8aOSdEHwLT7FtmDcSADBmIh2e6gU+rQtvdx
QXZ0gWSGfuwu+C4w+lX81V7o+JDRmrLog6+TsnZRya5sfajqnOo/Puc2LW0RHvcg
H2ln6wPEryfVzqSBcirelHCSrWveSDPKIz3YJzodaW+BijWTSyOsE4k4LUh6Dqy9
Fg3Luw0KXbZAGzk1mYMttUlzb7fLktCm9OPhkAUWT4gC66TZtj09DpItfOOdEyXP
anjDuHnLQIerSzUBZap+EmJgjHugY9tf3YNPUYjwxy3qAc/+UTn+RLB6YXbFIbOP
mAW1IrY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:42 2024 by rpki-client on console-ams.rpki-client.org