Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VPuKAgcPFE-s0FhQGnDNbuAQCeQ.roa
File: VPuKAgcPFE-s0FhQGnDNbuAQCeQ.roa (raw, json)
Hash identifier: l+WlaFNJQdweWOqL9xa3cJ+/Edrfzpu3lAVJ+g5thHU=
Subject key identifier: 54:FB:8A:02:07:0F:14:4F:AC:D0:58:50:1A:70:CD:6E:E0:10:09:E4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 48DD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VPuKAgcPFE-s0FhQGnDNbuAQCeQ.roa
Signing time: Thu 25 Apr 2024 17:53:18 +0000
ROA not before: Thu 25 Apr 2024 17:53:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18653 (0x48dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 17:53:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=54FB8A02070F144FACD058501A70CD6EE01009E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e1:62:e3:92:4f:80:d0:fb:ab:55:8b:e2:86:
67:6a:1e:34:64:e5:35:1d:5c:6d:eb:a8:19:7a:db:
45:43:d0:bd:56:fa:f2:79:3c:28:16:49:13:43:bc:
1f:58:2b:5b:ca:3d:23:64:2f:59:3f:b4:f2:88:91:
b7:7b:fa:e2:13:15:e9:f0:ba:6a:ae:1f:cb:57:f6:
7e:ec:bd:63:2e:c7:5c:35:84:03:df:61:49:64:8f:
80:79:dd:fa:81:5e:ef:b5:61:9f:a1:13:b7:50:22:
fb:48:41:e6:e2:59:7b:c2:fe:90:cf:4b:71:c7:7d:
2a:dd:ba:0a:fe:8f:df:1e:67:72:b3:c8:cb:ed:fc:
33:80:0e:83:c3:a1:a5:1e:6c:d2:e0:92:7a:84:32:
a9:d9:16:6f:6d:68:e5:47:84:8d:29:07:35:50:07:
f7:b9:97:1f:51:28:1b:15:1b:9e:fb:a7:ae:d0:6e:
2b:a8:02:e5:83:c0:9b:26:f2:89:76:dc:2d:97:3c:
85:da:fc:53:6c:bd:dc:17:54:7d:e4:31:3b:f5:5c:
b2:e2:1d:b6:04:9e:fd:65:96:c8:4f:ac:57:c1:3d:
46:27:64:c7:1b:ff:0d:46:9c:92:64:fa:f0:56:8e:
ad:1c:ce:e0:83:3c:c0:78:68:37:c7:d1:ff:3c:ae:
05:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:FB:8A:02:07:0F:14:4F:AC:D0:58:50:1A:70:CD:6E:E0:10:09:E4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VPuKAgcPFE-s0FhQGnDNbuAQCeQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
17:1a:c5:5f:45:62:22:28:f2:ad:5d:05:c4:c0:45:a6:12:03:
c3:26:6c:f2:c4:1a:37:0c:56:3d:ec:48:2e:0c:1e:0e:82:5b:
9d:5f:16:50:f7:d2:48:b1:33:31:de:e2:39:ee:59:34:72:e4:
97:6c:17:96:99:2e:21:4a:4a:f5:a1:d6:c6:f5:00:d7:9a:ba:
02:9e:4f:aa:e4:5b:3a:1c:6f:a2:e3:f9:e5:5b:b4:95:d0:73:
cf:a4:d1:05:46:bb:f3:18:77:d6:64:88:64:ce:6c:8c:cd:1f:
c8:8f:3b:c9:ab:0f:87:ea:0e:ca:5a:bc:77:49:6b:f9:85:cf:
a1:10:27:69:9a:38:dd:20:f9:03:e0:4a:b4:41:fb:4c:51:62:
40:4e:63:6d:fa:10:c3:17:1c:ea:b0:f0:7f:0a:74:3c:45:ae:
df:e5:6d:d4:7c:d6:41:57:98:19:20:fa:d3:3f:9a:c3:44:2e:
39:6c:84:b9:2f:98:5d:2a:cf:dc:d5:b8:ef:7d:7a:f9:48:39:
2a:81:fb:78:c5:a0:12:d3:13:c8:82:ac:b1:f9:b0:89:24:21:
ec:85:a0:47:11:83:9c:d7:02:46:d0:21:f4:1c:d8:6d:71:6b:
d4:9d:96:1f:13:5f:f4:a3:24:25:02:33:57:c8:2f:09:b8:21:
ed:92:95:42
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSN0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUx
NzUzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU0RkI4QTAyMDcwRjE0
NEZBQ0QwNTg1MDFBNzBDRDZFRTAxMDA5RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCl4WLjkk+A0PurVYvihmdqHjRk5TUdXG3rqBl620VD0L1W+vJ5
PCgWSRNDvB9YK1vKPSNkL1k/tPKIkbd7+uITFenwumquH8tX9n7svWMux1w1hAPf
YUlkj4B53fqBXu+1YZ+hE7dQIvtIQebiWXvC/pDPS3HHfSrdugr+j98eZ3KzyMvt
/DOADoPDoaUebNLgknqEMqnZFm9taOVHhI0pBzVQB/e5lx9RKBsVG577p67Qbiuo
AuWDwJsm8ol23C2XPIXa/FNsvdwXVH3kMTv1XLLiHbYEnv1llshPrFfBPUYnZMcb
/w1GnJJk+vBWjq0czuCDPMB4aDfH0f88rgUBAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUVPuKAgcPFE+s0FhQGnDNbuAQCeQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZQdUtBZ2NQRkUtczBG
aFFHbkROYnVBUUNlUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABcaxV9FYiIo8q1d
BcTARaYSA8MmbPLEGjcMVj3sSC4MHg6CW51fFlD30kixMzHe4jnuWTRy5JdsF5aZ
LiFKSvWh1sb1ANeaugKeT6rkWzocb6Lj+eVbtJXQc8+k0QVGu/MYd9ZkiGTObIzN
H8iPO8mrD4fqDspavHdJa/mFz6EQJ2maON0g+QPgSrRB+0xRYkBOY236EMMXHOqw
8H8KdDxFrt/lbdR81kFXmBkg+tM/msNELjlshLkvmF0qz9zVuO99evlIOSqB+3jF
oBLTE8iCrLH5sIkkIeyFoEcRg5zXAkbQIfQc2G1xa9Sdlh8TX/SjJCUCM1fILwm4
Ie2SlUI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:28 2024 by rpki-client on console-fra.rpki-client.org