Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hFoO4CCcY0DASi07icaM6CXAhZ8.roa
File: hFoO4CCcY0DASi07icaM6CXAhZ8.roa (raw, json)
Hash identifier: fbpJkD/eYOz8TItoxQpfKKtROH9Nt1jhA5nTFHJ9z2o=
Subject key identifier: 84:5A:0E:E0:20:9C:63:40:C0:4A:2D:3B:89:C6:8C:E8:25:C0:85:9F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 454D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hFoO4CCcY0DASi07icaM6CXAhZ8.roa
Signing time: Sat 20 Apr 2024 23:53:28 +0000
ROA not before: Sat 20 Apr 2024 23:53:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17741 (0x454d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 23:53:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=845A0EE0209C6340C04A2D3B89C68CE825C0859F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8c:d2:cd:8d:47:01:ba:79:3d:98:6d:b5:66:
6c:75:46:87:0b:f8:ad:e5:02:09:ae:72:0e:80:36:
f1:92:17:5a:25:0a:09:95:3b:b1:5f:cc:19:b2:4f:
03:64:8c:e4:22:59:eb:87:22:cc:74:fa:1f:bc:68:
d0:da:e0:06:e5:26:16:9e:70:dd:99:d7:49:b3:ec:
5b:cb:06:d4:3b:da:5b:bf:ea:a7:b8:91:f2:1c:22:
43:d5:8c:21:85:8d:f5:bb:18:29:41:21:fd:4d:97:
79:46:45:33:e9:87:30:e8:f5:c4:1a:a1:9e:d0:d7:
d3:35:d8:46:8f:e5:41:0d:2c:23:0d:88:c5:52:01:
4c:6c:5b:05:b3:07:72:ee:6f:9d:08:62:1f:68:19:
f8:4b:a4:2d:2e:d7:23:c8:51:83:26:86:82:db:3c:
ea:0e:a8:fe:80:ba:13:4e:9f:ca:3e:cb:3d:88:d5:
e4:a9:2b:db:81:e9:6a:fe:bd:04:d2:4e:d9:17:e4:
98:d9:c7:1a:41:5f:2c:80:ec:f1:b1:fe:ac:ea:99:
16:89:e9:db:42:ee:54:41:a1:ef:9d:aa:4a:d2:9d:
6c:ea:3f:4a:3a:c1:7c:c3:7b:1a:5b:56:00:1c:3c:
c8:60:88:db:56:6c:65:79:a6:21:65:e0:91:a8:2f:
b3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:5A:0E:E0:20:9C:63:40:C0:4A:2D:3B:89:C6:8C:E8:25:C0:85:9F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hFoO4CCcY0DASi07icaM6CXAhZ8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
46:d1:f8:c0:25:1e:96:43:93:ab:02:99:0d:38:bf:03:e7:a0:
46:31:e9:d5:69:22:81:43:cd:78:98:03:3f:d5:a1:aa:5e:87:
c6:f8:25:af:31:24:21:31:16:e4:3a:11:63:43:e7:d6:11:9d:
79:ab:58:75:d5:9a:17:c1:f5:45:ee:43:c1:f3:4b:30:32:6b:
70:a8:04:35:59:50:20:ad:b4:d5:64:f1:0a:d8:f6:b1:b0:6d:
c8:a3:ad:ff:83:43:ce:ab:bd:31:ab:76:1a:84:ac:91:9b:76:
5f:d2:36:17:e4:3a:51:7a:10:e9:3d:0e:06:e8:3e:df:85:b0:
97:dd:c2:7e:31:6d:72:2c:f3:a8:d9:bf:f8:36:00:67:fc:3e:
23:2e:e1:cb:a9:14:cd:16:b5:ba:46:56:d4:2a:5b:51:5b:f4:
79:63:0f:c6:9c:d1:c3:d7:bb:07:2d:23:8b:8f:f2:92:71:92:
2b:18:87:fc:7d:68:ce:eb:76:54:f6:6d:35:54:83:68:80:47:
11:c1:ba:8e:4b:69:16:b8:a3:a9:e8:47:91:a1:64:d9:05:bb:
1f:06:2b:ea:03:cc:82:a7:b1:b8:e3:a2:6e:91:f5:08:13:fb:
68:e3:34:cc:90:06:f8:59:e5:ec:f4:cb:a0:14:8f:cb:c9:9d:
aa:ad:8d:7c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRU0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAy
MzUzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg0NUEwRUUwMjA5QzYz
NDBDMDRBMkQzQjg5QzY4Q0U4MjVDMDg1OUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3jNLNjUcBunk9mG21Zmx1RocL+K3lAgmucg6ANvGSF1olCgmV
O7FfzBmyTwNkjOQiWeuHIsx0+h+8aNDa4AblJhaecN2Z10mz7FvLBtQ72lu/6qe4
kfIcIkPVjCGFjfW7GClBIf1Nl3lGRTPphzDo9cQaoZ7Q19M12EaP5UENLCMNiMVS
AUxsWwWzB3Lub50IYh9oGfhLpC0u1yPIUYMmhoLbPOoOqP6AuhNOn8o+yz2I1eSp
K9uB6Wr+vQTSTtkX5JjZxxpBXyyA7PGx/qzqmRaJ6dtC7lRBoe+dqkrSnWzqP0o6
wXzDexpbVgAcPMhgiNtWbGV5piFl4JGoL7N9AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUhFoO4CCcY0DASi07icaM6CXAhZ8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hGb080Q0NjWTBEQVNp
MDdpY2FNNkNYQWhaOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEbR+MAlHpZDk6sC
mQ04vwPnoEYx6dVpIoFDzXiYAz/Voapeh8b4Ja8xJCExFuQ6EWND59YRnXmrWHXV
mhfB9UXuQ8HzSzAya3CoBDVZUCCttNVk8QrY9rGwbcijrf+DQ86rvTGrdhqErJGb
dl/SNhfkOlF6EOk9DgboPt+FsJfdwn4xbXIs86jZv/g2AGf8PiMu4cupFM0WtbpG
VtQqW1Fb9HljD8ac0cPXuwctI4uP8pJxkisYh/x9aM7rdlT2bTVUg2iARxHBuo5L
aRa4o6noR5GhZNkFux8GK+oDzIKnsbjjom6R9QgT+2jjNMyQBvhZ5ez0y6AUj8vJ
naqtjXw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:01 2024 by rpki-client on console-ams.rpki-client.org