Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WvqTfPhsTW40hUahidG-gv7pSVo.roa
File: WvqTfPhsTW40hUahidG-gv7pSVo.roa (raw, json)
Hash identifier: 22SVCbTGslgRUzt+31O4xNmGLz6gQ+yCgx3VjNJVHqw=
Subject key identifier: 5A:FA:93:7C:F8:6C:4D:6E:34:85:46:A1:89:D1:BE:82:FE:E9:49:5A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3739
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WvqTfPhsTW40hUahidG-gv7pSVo.roa
Signing time: Tue 02 Apr 2024 05:22:13 +0000
ROA not before: Tue 02 Apr 2024 05:22:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14137 (0x3739)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 05:22:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5AFA937CF86C4D6E348546A189D1BE82FEE9495A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7c:2f:b9:ba:f2:ba:f1:42:36:10:5b:eb:d6:
17:54:53:2e:35:45:05:b5:69:33:ef:16:ea:e9:c6:
28:cb:9d:cb:bb:19:9f:65:27:f1:01:ce:7f:42:c3:
05:c0:7d:56:df:d7:c7:70:66:cb:d5:3e:18:af:05:
f5:00:32:ce:22:25:e1:44:0d:8d:d6:b1:90:6c:53:
6b:99:7a:0e:35:95:3f:32:41:68:8a:1f:0a:ff:5b:
86:96:ed:1e:37:60:db:0c:6d:c3:f6:c5:54:71:43:
fa:fa:ba:3c:cc:35:e1:2b:0b:d1:5e:49:95:0c:99:
8c:36:9e:5b:84:09:22:b2:ff:0d:be:db:ef:4b:9c:
af:5b:48:d8:dd:e4:24:28:62:72:fd:b2:c2:66:d6:
ac:b7:28:26:0d:09:f6:cc:a2:d3:92:22:f4:cc:35:
2e:da:28:31:17:64:16:d9:f3:ea:a2:89:c9:3f:d1:
d1:fe:d3:95:e4:04:31:6f:57:f7:18:bb:3b:c6:d8:
a1:1e:79:6c:f5:5b:f5:52:61:e9:75:f2:54:34:73:
e6:1a:5b:df:c5:70:e3:80:8e:c7:24:4f:da:2d:6f:
d4:f1:50:8d:cf:fb:b5:70:b3:5a:91:f4:c3:83:2d:
83:b3:a6:50:be:e1:ad:82:ae:67:0a:3b:0d:93:65:
2a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:FA:93:7C:F8:6C:4D:6E:34:85:46:A1:89:D1:BE:82:FE:E9:49:5A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WvqTfPhsTW40hUahidG-gv7pSVo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2a:9c:b4:63:a3:79:3e:09:35:9e:a0:d9:78:85:dd:ed:2c:85:
b9:e2:c3:f9:72:04:88:e5:cc:b1:36:a1:dd:e6:d9:4f:29:81:
26:92:6c:4f:33:14:da:6d:5e:ff:42:ff:01:38:23:ca:57:f4:
97:6a:9d:02:45:46:28:62:27:5c:e3:bb:be:2e:73:38:e2:b4:
3c:d3:31:cd:d8:19:23:b5:cb:42:8b:17:44:60:42:c1:e6:ae:
29:c6:88:30:cd:72:9e:0e:70:47:66:99:dc:e6:64:08:94:5a:
32:17:85:e4:13:60:11:62:15:0f:ad:07:5c:82:28:7b:b5:4e:
35:1c:3b:1f:5c:e1:a6:f2:57:b0:ed:27:b8:b8:b6:f1:18:ab:
b0:7c:81:aa:50:d2:10:88:e2:e0:ae:81:55:b0:8e:77:55:77:
f3:e1:16:63:f6:2a:94:17:cb:20:95:45:a5:03:54:42:9d:1c:
a8:67:e4:ef:77:4a:8e:53:3f:0b:28:86:b3:42:47:65:7b:35:
da:7d:b0:a9:53:b7:1a:1e:0b:9b:ed:80:ca:a0:a6:d0:83:89:
2d:14:12:40:43:a8:fb:f7:d7:d8:77:f7:b4:b0:76:53:37:f1:
11:3f:5e:5e:e0:38:05:e2:bc:00:7b:5d:33:ec:ef:54:76:65:
c3:01:79:5d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNzkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIw
NTIyMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVBRkE5MzdDRjg2QzRE
NkUzNDg1NDZBMTg5RDFCRTgyRkVFOTQ5NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOfC+5uvK68UI2EFvr1hdUUy41RQW1aTPvFurpxijLncu7GZ9l
J/EBzn9CwwXAfVbf18dwZsvVPhivBfUAMs4iJeFEDY3WsZBsU2uZeg41lT8yQWiK
Hwr/W4aW7R43YNsMbcP2xVRxQ/r6ujzMNeErC9FeSZUMmYw2nluECSKy/w2+2+9L
nK9bSNjd5CQoYnL9ssJm1qy3KCYNCfbMotOSIvTMNS7aKDEXZBbZ8+qiick/0dH+
05XkBDFvV/cYuzvG2KEeeWz1W/VSYel18lQ0c+YaW9/FcOOAjsckT9otb9TxUI3P
+7Vws1qR9MODLYOzplC+4a2CrmcKOw2TZSoBAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUWvqTfPhsTW40hUahidG+gv7pSVowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1d2cVRmUGhzVFc0MGhV
YWhpZEctZ3Y3cFNWby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACqctGOjeT4JNZ6g
2XiF3e0shbniw/lyBIjlzLE2od3m2U8pgSaSbE8zFNptXv9C/wE4I8pX9JdqnQJF
RihiJ1zju74uczjitDzTMc3YGSO1y0KLF0RgQsHmrinGiDDNcp4OcEdmmdzmZAiU
WjIXheQTYBFiFQ+tB1yCKHu1TjUcOx9c4abyV7DtJ7i4tvEYq7B8gapQ0hCI4uCu
gVWwjndVd/PhFmP2KpQXyyCVRaUDVEKdHKhn5O93So5TPwsohrNCR2V7Ndp9sKlT
txoeC5vtgMqgptCDiS0UEkBDqPv319h397SwdlM38RE/Xl7gOAXivAB7XTPs71R2
ZcMBeV0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:30 2024 by rpki-client on console-fra.rpki-client.org