Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/U1a_soGe4YDo4L4CWXAeitDejAY.roa
File: U1a_soGe4YDo4L4CWXAeitDejAY.roa (raw, json)
Hash identifier: AFkKftWfDclNfP3pfavnVpITB5Oyc4YNHPFGSQJB+Oo=
Subject key identifier: 53:56:BF:B2:81:9E:E1:80:E8:E0:BE:02:59:70:1E:8A:D0:DE:8C:06
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43C1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/U1a_soGe4YDo4L4CWXAeitDejAY.roa
Signing time: Thu 18 Apr 2024 22:22:59 +0000
ROA not before: Thu 18 Apr 2024 22:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17345 (0x43c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 22:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5356BFB2819EE180E8E0BE0259701E8AD0DE8C06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c8:fb:21:b6:c1:54:06:5d:64:f7:a0:91:1b:
1b:fa:f7:fa:b8:0b:12:a2:88:e8:cd:56:2f:2c:6a:
32:46:6e:16:25:04:1d:85:04:ab:10:29:07:0c:e3:
6b:2c:c9:61:41:a4:81:a5:f6:fa:96:3e:74:be:c8:
7e:d1:1d:a5:4f:3e:7f:5b:ac:f8:b6:42:3c:9a:06:
a7:36:21:e0:3b:be:94:13:ee:e2:cf:a6:cc:a1:7d:
83:7b:de:4d:48:5a:32:3d:6f:81:ba:0f:23:d8:e0:
8c:6e:37:95:7f:be:5f:ea:2e:4e:9f:9f:33:4c:a0:
78:bd:6d:14:30:e2:6b:d5:5b:25:83:8a:20:aa:a7:
aa:26:9e:4c:cf:b8:40:95:44:39:ed:45:20:b3:7c:
5b:ac:7d:34:b4:d8:1d:ca:66:da:f8:8c:b9:be:21:
b0:be:f1:b4:16:10:03:c1:c2:47:e9:90:97:92:90:
d6:c6:cb:a6:bc:79:fb:06:ad:d1:f7:39:42:03:2a:
e8:de:8b:18:ad:fa:05:0b:ef:06:a8:e4:1e:6b:ea:
f0:8f:26:3e:ab:a5:36:e2:a3:51:94:29:9b:58:e5:
e6:af:d0:7c:04:0a:14:c1:6c:be:f2:a3:78:fd:53:
57:a8:91:35:f0:90:c1:0e:40:e6:82:bc:1e:c8:ac:
50:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:56:BF:B2:81:9E:E1:80:E8:E0:BE:02:59:70:1E:8A:D0:DE:8C:06
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/U1a_soGe4YDo4L4CWXAeitDejAY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7b:6d:b0:a4:d2:c8:31:cb:c6:a3:18:62:3b:47:0d:3f:e4:b5:
ef:7e:b4:38:c8:6d:a7:67:9f:12:37:da:2c:2f:66:12:39:f6:
f7:ad:58:3f:0e:b6:7e:84:23:42:ba:36:40:4c:1a:43:f2:23:
ea:f9:77:aa:0d:26:b4:00:36:c0:a2:b8:6b:3b:30:31:0f:91:
bb:fd:54:f6:b8:e6:c9:6c:e9:c1:e8:00:3b:4c:6c:3e:ab:ff:
e1:6f:6d:90:20:bc:73:e4:cb:05:38:0d:45:23:c7:33:85:79:
8c:df:cf:92:9f:96:b2:34:9b:d7:bd:c3:fa:10:a0:65:28:bd:
92:49:7c:d5:2e:6a:0c:14:b9:f5:d0:4c:88:59:73:0f:fe:4c:
60:d6:ed:e3:37:cd:66:2e:5c:05:84:00:40:ae:16:57:cb:98:
41:d3:6a:ee:39:23:70:71:be:ba:b3:1f:1d:a4:54:8f:cc:bb:
39:ee:32:12:05:32:59:29:2d:57:e3:db:b5:8d:2a:b5:17:e5:
5d:7b:e2:7a:4d:08:09:e2:b9:34:1b:70:9e:94:6d:b4:3d:55:
be:92:4f:9b:0a:45:64:75:55:76:ce:9b:84:01:a6:2b:a5:c3:
85:4b:48:5b:e0:22:ef:0c:fa:b9:a5:7a:f8:b3:46:23:3c:53:
92:b6:52:0d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQ8EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgy
MjIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUzNTZCRkIyODE5RUUx
ODBFOEUwQkUwMjU5NzAxRThBRDBERThDMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9yPshtsFUBl1k96CRGxv69/q4CxKiiOjNVi8sajJGbhYlBB2F
BKsQKQcM42ssyWFBpIGl9vqWPnS+yH7RHaVPPn9brPi2QjyaBqc2IeA7vpQT7uLP
psyhfYN73k1IWjI9b4G6DyPY4IxuN5V/vl/qLk6fnzNMoHi9bRQw4mvVWyWDiiCq
p6omnkzPuECVRDntRSCzfFusfTS02B3KZtr4jLm+IbC+8bQWEAPBwkfpkJeSkNbG
y6a8efsGrdH3OUIDKujeixit+gUL7wao5B5r6vCPJj6rpTbio1GUKZtY5eav0HwE
ChTBbL7yo3j9U1eokTXwkMEOQOaCvB7IrFCvAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUU1a/soGe4YDo4L4CWXAeitDejAYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1UxYV9zb0dlNFlEbzRM
NENXWEFlaXREZWpBWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHttsKTSyDHLxqMY
YjtHDT/kte9+tDjIbadnnxI32iwvZhI59vetWD8Otn6EI0K6NkBMGkPyI+r5d6oN
JrQANsCiuGs7MDEPkbv9VPa45sls6cHoADtMbD6r/+FvbZAgvHPkywU4DUUjxzOF
eYzfz5KflrI0m9e9w/oQoGUovZJJfNUuagwUufXQTIhZcw/+TGDW7eM3zWYuXAWE
AECuFlfLmEHTau45I3BxvrqzHx2kVI/MuznuMhIFMlkpLVfj27WNKrUX5V174npN
CAniuTQbcJ6UbbQ9Vb6ST5sKRWR1VXbOm4QBpiulw4VLSFvgIu8M+rmlevizRiM8
U5K2Ug0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:27 2024 by rpki-client on console-fra.rpki-client.org