Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UtiY7p_3RULLMg_1k0jjThhEnfg.roa
File: UtiY7p_3RULLMg_1k0jjThhEnfg.roa (raw, json)
Hash identifier: f6FBhFNpxvuIx9rkQb9tVYkkMlplRGHfvf7yjNBI+I8=
Subject key identifier: 52:D8:98:EE:9F:F7:45:42:CB:32:0F:F5:93:48:E3:4E:18:44:9D:F8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C99
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UtiY7p_3RULLMg_1k0jjThhEnfg.roa
Signing time: Tue 09 Apr 2024 09:23:05 +0000
ROA not before: Tue 09 Apr 2024 09:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15513 (0x3c99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 09:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=52D898EE9FF74542CB320FF59348E34E18449DF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:b4:e8:56:18:2a:70:9c:da:92:8c:92:cb:8c:
f0:c3:60:66:36:35:02:00:0f:9e:4b:07:b7:42:f6:
98:59:58:7b:61:de:50:75:5f:25:76:6a:22:81:fd:
2c:49:9c:db:f2:03:8e:a5:90:61:72:62:50:0e:be:
d0:1d:c8:87:12:60:2d:3f:24:60:33:1c:5c:ff:fd:
b0:94:71:86:c3:95:6b:47:a1:69:40:eb:99:0e:3a:
9c:6d:9f:01:44:3b:fe:bb:8a:6c:59:9c:eb:ed:66:
92:ff:a4:98:5e:97:04:45:01:97:9b:c8:3c:e0:4a:
9d:4d:49:28:3d:ba:5d:2e:fc:fb:4f:e1:60:3d:d1:
64:a1:5e:57:3d:e4:47:e3:a6:30:a6:1b:64:98:28:
27:aa:d7:a2:b5:36:6b:08:7a:db:ce:52:5d:af:ff:
d9:60:93:02:b3:7f:49:84:5e:5d:5c:e8:2b:eb:54:
fe:a1:5f:31:7f:c2:fe:f5:64:98:71:64:54:c2:9e:
3b:84:1f:60:d9:36:2d:d4:80:fb:96:8c:66:5c:a6:
84:c1:aa:4d:76:2c:c0:30:45:ee:bd:e4:93:9e:47:
9c:b2:b7:78:4b:47:63:c4:7c:82:97:9a:31:af:22:
59:b4:35:cd:30:25:4e:66:02:e8:cb:4d:b5:f2:28:
09:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D8:98:EE:9F:F7:45:42:CB:32:0F:F5:93:48:E3:4E:18:44:9D:F8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UtiY7p_3RULLMg_1k0jjThhEnfg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8c:9c:c2:91:31:21:06:c5:b1:3c:e2:58:3e:90:ab:8c:d2:f7:
2c:74:e1:bb:f1:be:ce:2a:73:0a:9b:3b:76:be:a7:38:34:26:
65:b2:df:e8:eb:74:4d:81:54:00:90:8a:61:6f:e3:f5:0d:90:
56:d0:96:6b:8d:b2:12:84:66:a3:ef:04:b6:23:e8:95:93:07:
75:10:82:d6:c6:26:d8:27:db:b4:3e:b0:a5:29:51:92:0f:63:
53:e6:66:c0:15:75:ca:83:77:a0:73:bf:9c:73:4c:6a:17:78:
20:0c:49:dd:aa:e1:03:f0:f1:93:a8:3b:46:76:02:c1:97:64:
4a:9a:09:aa:c2:0e:6a:bc:41:47:23:c9:ea:6e:77:62:73:30:
74:20:f3:f0:ef:6c:70:29:fd:3a:01:26:65:de:11:db:62:2d:
b2:98:cd:25:43:a8:13:70:31:7b:27:b8:29:9c:38:f7:b9:d0:
f1:16:13:0a:79:8f:e8:ba:5a:3c:d6:c5:7e:4b:22:bc:39:2e:
a7:08:6e:4e:71:37:08:a0:64:d0:ce:10:1a:27:98:cb:95:96:
37:70:96:54:26:ff:5e:95:82:b3:24:02:75:64:ef:e5:e7:df:
9f:bb:81:8e:01:4a:69:62:74:5d:b3:55:29:8a:82:f7:d9:db:
e8:97:83:24
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkw
OTIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUyRDg5OEVFOUZGNzQ1
NDJDQjMyMEZGNTkzNDhFMzRFMTg0NDlERjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDytOhWGCpwnNqSjJLLjPDDYGY2NQIAD55LB7dC9phZWHth3lB1
XyV2aiKB/SxJnNvyA46lkGFyYlAOvtAdyIcSYC0/JGAzHFz//bCUcYbDlWtHoWlA
65kOOpxtnwFEO/67imxZnOvtZpL/pJhelwRFAZebyDzgSp1NSSg9ul0u/PtP4WA9
0WShXlc95EfjpjCmG2SYKCeq16K1NmsIetvOUl2v/9lgkwKzf0mEXl1c6CvrVP6h
XzF/wv71ZJhxZFTCnjuEH2DZNi3UgPuWjGZcpoTBqk12LMAwRe695JOeR5yyt3hL
R2PEfIKXmjGvIlm0Nc0wJU5mAujLTbXyKAnzAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUUtiY7p/3RULLMg/1k0jjThhEnfgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1V0aVk3cF8zUlVMTE1n
XzFrMGpqVGhoRW5mZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIycwpExIQbFsTzi
WD6Qq4zS9yx04bvxvs4qcwqbO3a+pzg0JmWy3+jrdE2BVACQimFv4/UNkFbQlmuN
shKEZqPvBLYj6JWTB3UQgtbGJtgn27Q+sKUpUZIPY1PmZsAVdcqDd6Bzv5xzTGoX
eCAMSd2q4QPw8ZOoO0Z2AsGXZEqaCarCDmq8QUcjyepud2JzMHQg8/DvbHAp/ToB
JmXeEdtiLbKYzSVDqBNwMXsnuCmcOPe50PEWEwp5j+i6WjzWxX5LIrw5LqcIbk5x
NwigZNDOEBonmMuVljdwllQm/16VgrMkAnVk7+Xn35+7gY4BSmlidF2zVSmKgvfZ
2+iXgyQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:45 2024 by rpki-client on console-ams.rpki-client.org