Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/d8cDz05kF1Xaf7pH6YJsWfsXko4.roa
File: d8cDz05kF1Xaf7pH6YJsWfsXko4.roa (raw, json)
Hash identifier: qGInXqUMQnfMqOcK632sNQs5SzSsAgODToQnmSJHsvc=
Subject key identifier: 77:C7:03:CF:4E:64:17:55:DA:7F:BA:47:E9:82:6C:59:FB:17:92:8E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F3D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/d8cDz05kF1Xaf7pH6YJsWfsXko4.roa
Signing time: Sat 04 May 2024 05:53:56 +0000
ROA not before: Sat 04 May 2024 05:53:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20285 (0x4f3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 05:53:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=77C703CF4E641755DA7FBA47E9826C59FB17928E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:20:7c:9d:25:c4:6d:59:8c:c5:21:5b:a3:4a:
50:c7:39:12:a7:58:bd:06:7c:d1:2a:ab:9f:04:f9:
0c:99:08:8a:2e:d7:33:58:8f:e0:0c:37:d6:25:b3:
60:33:fd:84:55:3e:81:ff:ed:65:dd:b0:11:6f:3a:
20:bf:63:90:f1:7a:da:0e:69:45:51:5c:57:ec:6b:
8c:04:72:11:18:d5:1a:2a:38:14:e9:db:df:f2:a5:
4b:33:44:c6:76:ea:ee:97:79:4f:89:a6:5d:ab:19:
0d:59:54:c1:cd:82:81:e6:0b:0e:8e:61:d7:df:b5:
e8:44:b3:3e:6d:80:04:b4:aa:80:59:82:25:3d:c9:
81:39:41:a7:d0:d0:0c:ca:5c:d0:7c:8f:34:83:0c:
23:fb:9c:27:e7:30:ec:53:c7:c0:7a:13:75:19:b7:
e2:a0:df:28:b8:34:55:5a:3f:d4:56:79:9f:b7:31:
6d:52:ba:2c:91:23:fc:1b:65:6a:6a:0d:b7:a9:80:
be:76:77:cb:f7:54:b6:55:78:e3:a0:41:8a:f4:08:
dc:6b:87:85:90:7c:40:76:be:97:a5:57:26:2f:5c:
4b:77:48:50:50:17:72:3c:38:0b:f2:96:c3:8d:99:
cb:ab:98:a0:21:0c:4f:c6:06:bb:3a:4a:98:07:6e:
9e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:C7:03:CF:4E:64:17:55:DA:7F:BA:47:E9:82:6C:59:FB:17:92:8E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/d8cDz05kF1Xaf7pH6YJsWfsXko4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
bc:6c:6b:46:47:36:e5:9b:3a:1c:1e:ea:49:f3:6e:a4:1e:34:
8a:96:22:b7:32:6b:14:96:2d:3b:23:4d:8a:d6:e5:85:5b:ad:
ab:9a:09:b3:e4:23:8c:5e:d6:93:7b:a5:d6:12:0d:64:41:39:
9c:dc:4b:84:2f:a0:8d:a9:c8:71:4c:72:2a:a9:70:18:d6:45:
e4:84:52:30:d4:3d:52:6c:85:b2:3c:31:c5:d7:52:ea:2e:ec:
04:64:aa:b8:fb:fa:69:dc:86:9b:46:2a:1b:04:f4:f5:48:73:
25:ae:62:81:9f:23:3b:e6:e5:b7:b6:b4:76:2b:e3:b1:d4:dd:
b0:55:b6:aa:57:93:e2:02:ad:b1:ce:68:db:73:eb:34:a0:0b:
d5:bb:96:ee:a6:50:df:da:c0:67:02:c2:d9:6d:6f:dd:10:0c:
36:2e:49:49:fb:cc:52:5f:24:8d:e6:85:71:34:8f:f9:94:7b:
6c:20:d8:39:8b:53:1c:f9:e3:5b:21:8d:b4:99:0d:18:a9:cc:
3c:fe:53:87:49:55:6c:aa:0a:78:5e:67:06:66:99:ac:4b:e5:
d9:ab:c4:cf:f2:61:b2:14:c0:e4:36:54:c3:d8:b7:93:cf:cd:
e5:8e:92:b6:31:d5:19:b5:d6:75:2a:bc:ec:0d:10:12:9f:0f:
fa:a7:2e:70
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTz0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQw
NTUzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc3QzcwM0NGNEU2NDE3
NTVEQTdGQkE0N0U5ODI2QzU5RkIxNzkyOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7IHydJcRtWYzFIVujSlDHORKnWL0GfNEqq58E+QyZCIou1zNY
j+AMN9Yls2Az/YRVPoH/7WXdsBFvOiC/Y5DxetoOaUVRXFfsa4wEchEY1RoqOBTp
29/ypUszRMZ26u6XeU+Jpl2rGQ1ZVMHNgoHmCw6OYdfftehEsz5tgAS0qoBZgiU9
yYE5QafQ0AzKXNB8jzSDDCP7nCfnMOxTx8B6E3UZt+Kg3yi4NFVaP9RWeZ+3MW1S
uiyRI/wbZWpqDbepgL52d8v3VLZVeOOgQYr0CNxrh4WQfEB2vpelVyYvXEt3SFBQ
F3I8OAvylsONmcurmKAhDE/GBrs6SpgHbp5vAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUd8cDz05kF1Xaf7pH6YJsWfsXko4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Q4Y0R6MDVrRjFYYWY3
cEg2WUpzV2ZzWGtvNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALxsa0ZHNuWbOhwe
6knzbqQeNIqWIrcyaxSWLTsjTYrW5YVbrauaCbPkI4xe1pN7pdYSDWRBOZzcS4Qv
oI2pyHFMciqpcBjWReSEUjDUPVJshbI8McXXUuou7ARkqrj7+mnchptGKhsE9PVI
cyWuYoGfIzvm5be2tHYr47HU3bBVtqpXk+ICrbHOaNtz6zSgC9W7lu6mUN/awGcC
wtltb90QDDYuSUn7zFJfJI3mhXE0j/mUe2wg2DmLUxz541shjbSZDRipzDz+U4dJ
VWyqCnheZwZmmaxL5dmrxM/yYbIUwOQ2VMPYt5PPzeWOkrYx1Rm11nUqvOwNEBKf
D/qnLnA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:56 2024 by rpki-client on console-ams.rpki-client.org