Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/SpW0c_tKlkBS2wMntRwF6z74vEE.roa
File: SpW0c_tKlkBS2wMntRwF6z74vEE.roa (raw, json)
Hash identifier: jlPEk6voqEihwp9Sc0gAbK4X1L/R6YoeF/RmZXqVjnI=
Subject key identifier: 4A:95:B4:73:FB:4A:96:40:52:DB:03:27:B5:1C:05:EB:3E:F8:BC:41
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3EDD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SpW0c_tKlkBS2wMntRwF6z74vEE.roa
Signing time: Fri 12 Apr 2024 09:52:51 +0000
ROA not before: Fri 12 Apr 2024 09:52:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16093 (0x3edd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 09:52:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4A95B473FB4A964052DB0327B51C05EB3EF8BC41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7a:e4:6d:b9:11:0d:8d:e4:6c:f1:c9:71:e5:
a8:85:ca:26:1e:ab:72:d7:62:16:04:a5:3d:8d:3b:
26:69:0a:95:b6:16:a4:c9:bc:02:92:4d:ef:cd:fe:
a4:ef:33:37:d0:57:4b:9f:0f:09:1c:f7:9c:19:3f:
c5:1c:bb:42:38:2f:76:b4:57:30:c9:1b:d8:74:65:
6f:50:33:a8:f6:19:87:ab:fd:29:0d:73:06:3f:3b:
90:dc:6c:d6:1f:83:fd:f1:6a:d2:4d:f5:f4:5f:a7:
bb:0c:10:8d:07:7e:d1:05:2b:c5:aa:aa:3f:fb:b3:
0a:f1:6b:f2:d9:18:73:20:69:43:82:99:c7:db:5e:
a7:b1:7a:56:00:6f:37:b0:73:10:64:e7:f2:34:ae:
be:10:5e:e1:1b:07:d8:9b:61:3a:eb:8d:1e:f0:f6:
34:dc:51:18:a7:f9:97:e2:65:21:a2:13:e8:07:34:
bd:5b:98:73:cc:56:11:e9:3d:fd:56:d5:62:bc:ab:
24:3f:98:d7:88:21:fd:64:03:38:38:8f:11:61:e8:
e8:51:6c:7c:b5:49:e8:e1:cb:0c:e1:4d:02:11:17:
06:f1:9e:27:83:e9:d7:2b:4b:a6:58:13:fe:4e:83:
93:d0:0d:e0:cc:15:78:ec:38:c5:dd:f1:2c:14:b7:
06:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:95:B4:73:FB:4A:96:40:52:DB:03:27:B5:1C:05:EB:3E:F8:BC:41
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SpW0c_tKlkBS2wMntRwF6z74vEE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
70:7f:09:61:6b:61:e4:6e:a0:0f:de:4c:dd:aa:0b:a7:df:93:
d6:2c:ec:0b:c4:ab:5a:ff:f4:f0:d0:3f:8f:04:76:bf:f8:11:
6b:e9:ad:6d:42:e0:6e:2e:70:94:c2:27:06:58:bc:ff:0b:ee:
c7:c3:52:b8:42:27:3e:4a:a2:8e:ea:8f:06:2a:06:b2:dc:56:
d0:1a:d7:55:bb:4a:1b:5d:3d:05:16:d0:4d:eb:5b:e1:52:b4:
1d:41:4d:ab:d1:21:e8:52:6f:4b:23:53:11:8f:30:61:b1:85:
b5:66:42:b1:b6:fe:c8:c2:38:1f:6e:a5:5a:71:25:d2:f1:70:
a9:10:de:44:d6:e7:af:27:e1:0a:ec:a4:62:79:a0:e3:e8:0a:
85:03:30:9c:7c:c0:d6:eb:a9:f0:e2:49:f7:3c:98:cb:66:7d:
a2:52:32:6c:da:24:57:94:ce:33:3a:d5:9f:cc:0c:a2:82:29:
9d:c3:f2:7f:a8:5d:8d:92:17:cf:2f:ec:38:b3:83:db:2b:8a:
36:ee:10:e4:ad:5b:51:2d:b8:8d:00:ee:47:a5:49:93:93:04:
65:3d:b7:e0:c1:a8:8e:b5:5a:e9:02:17:30:93:fd:56:4a:29:
e6:aa:9c:dc:d1:83:d1:6a:cc:27:96:48:0b:40:87:d7:58:e2:
9c:c0:46:87
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPt0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIw
OTUyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRBOTVCNDczRkI0QTk2
NDA1MkRCMDMyN0I1MUMwNUVCM0VGOEJDNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCreuRtuRENjeRs8clx5aiFyiYeq3LXYhYEpT2NOyZpCpW2FqTJ
vAKSTe/N/qTvMzfQV0ufDwkc95wZP8Ucu0I4L3a0VzDJG9h0ZW9QM6j2GYer/SkN
cwY/O5DcbNYfg/3xatJN9fRfp7sMEI0HftEFK8Wqqj/7swrxa/LZGHMgaUOCmcfb
XqexelYAbzewcxBk5/I0rr4QXuEbB9ibYTrrjR7w9jTcURin+ZfiZSGiE+gHNL1b
mHPMVhHpPf1W1WK8qyQ/mNeIIf1kAzg4jxFh6OhRbHy1SejhywzhTQIRFwbxnieD
6dcrS6ZYE/5Og5PQDeDMFXjsOMXd8SwUtwaLAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUSpW0c/tKlkBS2wMntRwF6z74vEEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NwVzBjX3RLbGtCUzJ3
TW50UndGNno3NHZFRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHB/CWFrYeRuoA/e
TN2qC6ffk9Ys7AvEq1r/9PDQP48Edr/4EWvprW1C4G4ucJTCJwZYvP8L7sfDUrhC
Jz5Koo7qjwYqBrLcVtAa11W7ShtdPQUW0E3rW+FStB1BTavRIehSb0sjUxGPMGGx
hbVmQrG2/sjCOB9upVpxJdLxcKkQ3kTW568n4QrspGJ5oOPoCoUDMJx8wNbrqfDi
Sfc8mMtmfaJSMmzaJFeUzjM61Z/MDKKCKZ3D8n+oXY2SF88v7Dizg9srijbuEOSt
W1EtuI0A7kelSZOTBGU9t+DBqI61WukCFzCT/VZKKeaqnNzRg9FqzCeWSAtAh9dY
4pzARoc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:26 2024 by rpki-client on console-fra.rpki-client.org