Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/U7lCc38HQf-Uq_WC6_0zGSpBd8o.roa
File: U7lCc38HQf-Uq_WC6_0zGSpBd8o.roa (raw, json)
Hash identifier: M4Qy18l6tR7SBnRW3X8NaSx18dJa22yvr3fKlqP9fkg=
Subject key identifier: 53:B9:42:73:7F:07:41:FF:94:AB:F5:82:EB:FD:33:19:2A:41:77:CA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3551
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/U7lCc38HQf-Uq_WC6_0zGSpBd8o.roa
Signing time: Sat 30 Mar 2024 16:22:26 +0000
ROA not before: Sat 30 Mar 2024 16:22:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13649 (0x3551)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 16:22:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=53B942737F0741FF94ABF582EBFD33192A4177CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:38:75:02:57:51:7c:10:96:3a:c4:b6:eb:b4:
3c:62:7e:ff:31:12:47:bf:1c:70:32:16:7c:a4:3c:
c9:9a:49:3f:aa:34:c3:27:02:51:d6:1e:f9:a1:2b:
5e:0f:90:f7:f1:3b:cf:e2:fb:f3:d2:92:6f:18:d3:
de:10:d4:0a:3a:19:d6:2d:97:67:64:87:6a:dd:ad:
1c:83:be:c0:95:f9:cb:34:92:86:aa:63:89:14:a6:
58:ab:25:a7:ee:99:0b:08:13:10:94:8d:3f:db:84:
a7:0f:9e:96:b6:b5:d3:6b:c0:70:ba:fd:99:14:5d:
fd:c5:f1:ff:d6:83:a5:dc:5c:68:c4:a4:ba:a4:8d:
af:5e:46:51:42:dc:ce:19:b7:e6:d2:54:1a:d8:a5:
80:a3:ee:39:2d:88:4d:15:17:74:c6:9f:21:f9:12:
4b:d8:fd:23:dc:ca:2b:e0:80:75:0c:ad:a6:47:b3:
c4:43:0d:13:10:7d:62:d0:5e:92:b8:72:5e:cd:79:
d7:d9:01:08:f5:fc:43:de:c5:15:8d:cc:d1:08:a0:
41:be:5f:f7:50:f8:32:56:8e:fb:ef:7e:ec:d2:b3:
70:61:2d:14:c4:02:b2:d7:cd:3f:35:9b:7d:3f:e7:
df:b1:e5:05:bc:3c:ae:53:51:21:c6:aa:9e:11:bd:
95:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B9:42:73:7F:07:41:FF:94:AB:F5:82:EB:FD:33:19:2A:41:77:CA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/U7lCc38HQf-Uq_WC6_0zGSpBd8o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9e:c1:6c:92:99:15:5f:ac:38:37:90:21:ed:b4:a7:a2:55:ea:
4d:03:54:64:01:08:dd:ae:56:2d:0a:0e:cf:15:28:ce:9e:d1:
9b:b9:fd:c3:52:e4:ef:fb:aa:59:d5:57:04:19:c1:84:94:f3:
4f:20:a8:13:86:66:4d:60:b6:46:c9:bb:ac:dd:40:00:22:47:
c2:9f:6a:d6:88:26:cd:20:8c:6b:bb:53:4f:8c:27:1f:05:8d:
b8:82:cd:40:c5:67:23:05:a2:86:35:de:e6:fa:fa:81:b7:12:
ba:ad:f9:6d:57:df:88:d3:6c:26:df:e7:40:22:04:de:88:74:
c2:8f:6b:e3:24:e1:c3:54:8f:10:20:12:54:98:f2:45:50:52:
26:1d:ac:f3:fd:07:7e:c3:e3:1a:d0:35:46:d4:c1:13:cd:a2:
c5:59:8c:84:ef:31:9e:4e:eb:0f:bf:c7:40:4f:c4:5b:82:b5:
9a:d6:36:8e:f1:87:28:28:7a:7a:f5:0c:00:51:c0:b1:a6:55:
33:e4:0e:6a:c4:47:53:be:9d:24:9e:a5:29:02:f6:30:3c:9b:
18:f6:85:07:6b:4e:ac:cd:36:ad:42:9f:bb:80:82:72:67:37:
b9:69:d2:6c:07:00:60:72:4c:d3:64:d1:98:0d:0f:bd:aa:24:
92:9e:6e:5b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNVEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
NjIyMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUzQjk0MjczN0YwNzQx
RkY5NEFCRjU4MkVCRkQzMzE5MkE0MTc3Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfOHUCV1F8EJY6xLbrtDxifv8xEke/HHAyFnykPMmaST+qNMMn
AlHWHvmhK14PkPfxO8/i+/PSkm8Y094Q1Ao6GdYtl2dkh2rdrRyDvsCV+cs0koaq
Y4kUplirJafumQsIExCUjT/bhKcPnpa2tdNrwHC6/ZkUXf3F8f/Wg6XcXGjEpLqk
ja9eRlFC3M4Zt+bSVBrYpYCj7jktiE0VF3TGnyH5EkvY/SPcyivggHUMraZHs8RD
DRMQfWLQXpK4cl7NedfZAQj1/EPexRWNzNEIoEG+X/dQ+DJWjvvvfuzSs3BhLRTE
ArLXzT81m30/59+x5QW8PK5TUSHGqp4RvZU7AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUU7lCc38HQf+Uq/WC6/0zGSpBd8owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1U3bENjMzhIUWYtVXFf
V0M2XzB6R1NwQmQ4by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJ7BbJKZFV+sODeQ
Ie20p6JV6k0DVGQBCN2uVi0KDs8VKM6e0Zu5/cNS5O/7qlnVVwQZwYSU808gqBOG
Zk1gtkbJu6zdQAAiR8KfataIJs0gjGu7U0+MJx8FjbiCzUDFZyMFooY13ub6+oG3
Erqt+W1X34jTbCbf50AiBN6IdMKPa+Mk4cNUjxAgElSY8kVQUiYdrPP9B37D4xrQ
NUbUwRPNosVZjITvMZ5O6w+/x0BPxFuCtZrWNo7xhygoenr1DABRwLGmVTPkDmrE
R1O+nSSepSkC9jA8mxj2hQdrTqzNNq1Cn7uAgnJnN7lp0mwHAGByTNNk0ZgND72q
JJKebls=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:44 2024 by rpki-client on console-ams.rpki-client.org