Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WAjImWEfVU0z7hUQoea-KnY_naA.roa
File: WAjImWEfVU0z7hUQoea-KnY_naA.roa (raw, json)
Hash identifier: mw8cwKqr0EJNmXwUaTklcpy8mA2bRhk5wl6hnF18Q9g=
Subject key identifier: 58:08:C8:99:61:1F:55:4D:33:EE:15:10:A1:E6:BE:2A:76:3F:9D:A0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D7D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WAjImWEfVU0z7hUQoea-KnY_naA.roa
Signing time: Wed 10 Apr 2024 13:52:46 +0000
ROA not before: Wed 10 Apr 2024 13:52:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15741 (0x3d7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 13:52:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5808C899611F554D33EE1510A1E6BE2A763F9DA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:35:c5:c5:4f:ad:42:8c:be:cc:c1:18:14:e1:
72:bd:06:08:a5:82:6b:5e:08:e0:b3:46:22:fc:83:
8f:49:77:32:65:2b:a3:ae:24:24:64:31:c1:3e:64:
01:bd:d7:99:60:c8:32:f4:a3:0e:1e:33:7c:c3:7c:
82:76:5d:c6:54:ad:8d:fe:f5:37:af:5d:cb:42:66:
ae:76:b2:cc:36:84:e9:f2:29:9e:44:b8:cc:09:0b:
fe:a0:85:d2:d3:23:c2:02:9f:7e:b4:ef:5a:07:49:
35:18:a1:ab:35:44:bf:18:bd:63:36:6e:18:f1:99:
4d:4e:83:c8:92:8d:a0:b2:f1:3f:4d:cd:4a:8d:ea:
b8:d0:0b:0f:45:57:fc:0d:a4:89:1c:47:6c:b4:08:
6a:20:02:09:02:7f:0a:54:32:a8:b3:7f:31:8f:39:
ba:99:85:15:9b:05:80:e7:62:5f:9f:66:f0:8d:ed:
43:ab:c3:f9:0f:82:ac:28:79:24:be:19:cc:0d:2f:
63:72:b8:67:36:39:32:b0:94:b1:21:9b:7b:3e:67:
e7:1c:8e:42:c4:4d:e6:83:d9:ef:cf:7e:d2:71:ec:
b9:08:69:fd:69:81:48:b9:00:f7:16:ea:4b:79:7b:
9d:b6:58:eb:e8:1d:b5:eb:0f:1f:b9:8e:1e:5c:54:
9e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:08:C8:99:61:1F:55:4D:33:EE:15:10:A1:E6:BE:2A:76:3F:9D:A0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WAjImWEfVU0z7hUQoea-KnY_naA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
13:8e:87:f9:c7:fc:a4:e8:38:56:d9:61:89:e8:9f:a2:0a:d8:
97:11:ea:70:72:37:68:32:37:fc:b1:4a:44:62:2a:8f:71:ed:
e6:47:ac:8a:2f:3a:7b:e5:7b:40:5d:93:c6:5d:c1:af:e5:4b:
8a:9d:00:aa:b6:4e:c9:4e:87:87:b2:15:a3:b1:9b:c1:9c:ca:
5e:dd:8c:c4:f9:db:31:54:2f:1a:bc:cf:e5:9f:39:ce:c2:35:
51:81:cd:91:3a:b6:fb:79:ba:27:5a:e4:0c:fc:d0:0d:9f:b7:
b7:1f:88:0c:f0:26:36:4b:c0:6d:a3:aa:5d:18:d7:58:fd:44:
04:e5:80:e4:cd:b6:cd:55:e4:0a:e3:5d:fe:e2:b9:e4:51:7f:
1b:29:95:6e:ae:72:c6:d5:24:12:34:e5:3e:29:cd:0d:7f:ad:
2c:ac:e8:d7:2e:6c:06:d9:3c:3e:5b:ad:5e:54:e6:45:b8:40:
67:5e:df:49:a5:ae:05:d7:74:32:c8:db:02:22:c9:fe:b5:a2:
2f:02:fc:d9:0d:79:b0:8b:1d:c3:8b:f3:98:ca:79:05:cc:75:
18:ee:5c:2b:07:8f:0c:1c:34:e3:fa:79:be:9c:83:f3:20:51:
27:f1:8e:1f:fb:af:91:96:38:0f:31:8d:46:69:9d:29:39:a7:
d6:23:4a:42
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPX0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAx
MzUyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU4MDhDODk5NjExRjU1
NEQzM0VFMTUxMEExRTZCRTJBNzYzRjlEQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9NcXFT61CjL7MwRgU4XK9BgilgmteCOCzRiL8g49JdzJlK6Ou
JCRkMcE+ZAG915lgyDL0ow4eM3zDfIJ2XcZUrY3+9TevXctCZq52ssw2hOnyKZ5E
uMwJC/6ghdLTI8ICn36071oHSTUYoas1RL8YvWM2bhjxmU1Og8iSjaCy8T9NzUqN
6rjQCw9FV/wNpIkcR2y0CGogAgkCfwpUMqizfzGPObqZhRWbBYDnYl+fZvCN7UOr
w/kPgqwoeSS+GcwNL2NyuGc2OTKwlLEhm3s+Z+ccjkLETeaD2e/PftJx7LkIaf1p
gUi5APcW6kt5e522WOvoHbXrDx+5jh5cVJ6LAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUWAjImWEfVU0z7hUQoea+KnY/naAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dBakltV0VmVlUwejdo
VVFvZWEtS25ZX25hQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABOOh/nH/KToOFbZ
YYnon6IK2JcR6nByN2gyN/yxSkRiKo9x7eZHrIovOnvle0Bdk8Zdwa/lS4qdAKq2
TslOh4eyFaOxm8Gcyl7djMT52zFULxq8z+WfOc7CNVGBzZE6tvt5uida5Az80A2f
t7cfiAzwJjZLwG2jql0Y11j9RATlgOTNts1V5ArjXf7iueRRfxsplW6ucsbVJBI0
5T4pzQ1/rSys6NcubAbZPD5brV5U5kW4QGde30mlrgXXdDLI2wIiyf61oi8C/NkN
ebCLHcOL85jKeQXMdRjuXCsHjwwcNOP6eb6cg/MgUSfxjh/7r5GWOA8xjUZpnSk5
p9YjSkI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:47 2024 by rpki-client on console-ams.rpki-client.org