Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hQ61DgEkTTlc5VkgOpfKehizRLY.roa
File: hQ61DgEkTTlc5VkgOpfKehizRLY.roa (raw, json)
Hash identifier: lBZw+67XbWQczGc/58sSiArbyigepAZ45J3a4rEN1WE=
Subject key identifier: 85:0E:B5:0E:01:24:4D:39:5C:E5:59:20:3A:97:CA:7A:18:B3:44:B6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4E91
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hQ61DgEkTTlc5VkgOpfKehizRLY.roa
Signing time: Fri 03 May 2024 08:23:44 +0000
ROA not before: Fri 03 May 2024 08:23:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20113 (0x4e91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 08:23:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=850EB50E01244D395CE559203A97CA7A18B344B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:79:03:02:02:bc:32:c0:a1:ff:da:ce:5d:f4:
a2:06:c3:c5:f2:12:b5:62:8d:29:24:25:38:19:82:
79:a9:a1:c2:ea:a8:9d:e3:d6:98:39:8f:55:84:c0:
f4:02:8d:8a:03:17:dd:44:33:59:be:53:b8:49:2b:
26:2b:05:2e:72:28:1d:ae:52:5b:05:14:42:6c:f1:
92:e5:70:75:86:38:ae:4d:7e:f6:06:6d:34:6a:14:
75:de:4d:25:e1:fd:b7:7d:a6:aa:d8:dc:c9:4b:39:
e0:99:c1:c7:66:a0:bf:65:df:33:36:1c:22:ab:0e:
82:5b:98:7f:9d:77:58:07:ef:9c:c8:08:62:47:a3:
74:46:14:32:6e:fd:e4:d8:be:2b:6c:bb:a7:f6:a4:
51:be:0e:03:33:e8:8a:36:b0:d4:3f:dc:69:89:2f:
96:e1:af:a6:01:e2:c4:24:1f:d0:20:6c:0d:72:98:
13:0e:21:08:4f:47:69:76:8f:fe:60:cc:b5:bc:c1:
97:1d:bb:27:a5:ab:6b:a1:3c:27:5c:da:29:c2:0f:
f9:4d:d5:c9:c2:a9:a1:e8:ba:3b:6d:e6:28:a8:75:
f5:24:83:9c:48:b6:ea:e1:2b:59:fa:c6:6a:20:a2:
57:57:b8:d0:e3:ef:d3:06:e5:62:6e:e9:b4:84:c8:
1d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:0E:B5:0E:01:24:4D:39:5C:E5:59:20:3A:97:CA:7A:18:B3:44:B6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hQ61DgEkTTlc5VkgOpfKehizRLY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a9:ae:88:95:f1:98:c2:cf:01:39:3a:39:fb:5e:9e:a2:11:50:
f1:fe:fc:1c:e8:77:f4:a7:d4:b2:51:02:ae:70:11:95:98:4e:
73:ec:89:bf:04:6e:58:59:b2:72:e5:1c:d5:a4:05:9f:71:c1:
f4:09:55:dc:c1:a8:50:40:8e:71:ca:2a:e5:cd:d7:e4:84:bb:
07:e5:d8:2a:ae:06:cc:7f:ca:d3:d9:88:8f:58:45:fc:81:1f:
06:b8:6c:2f:a8:96:94:9a:58:86:09:ba:b1:3c:01:8b:47:57:
61:6d:d8:3b:f6:9c:72:e0:84:fb:3d:71:7d:ae:08:4a:1b:5f:
af:23:86:32:f6:95:e1:d2:f5:21:70:3d:25:f0:88:83:9f:14:
96:ae:d3:cc:75:c7:6f:b7:43:ce:f9:ad:fe:56:9c:ae:f6:b8:
b5:1b:5f:06:41:c8:1a:f7:70:ad:3f:3e:fa:e7:f0:a8:de:9a:
9f:1f:3f:c4:e1:d1:60:43:e7:96:d0:22:2d:f7:e6:c6:86:35:
1a:b3:78:c4:89:a8:04:b3:19:71:0e:1d:78:ba:92:3e:f6:3d:
0d:86:59:86:f8:0c:08:a2:78:53:48:62:64:06:ce:e1:fc:87:
6e:66:d0:90:03:fa:af:a8:a7:83:d9:4c:b9:cb:0b:bd:17:cb:
9e:02:06:ae
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTpEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMw
ODIzNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg1MEVCNTBFMDEyNDRE
Mzk1Q0U1NTkyMDNBOTdDQTdBMThCMzQ0QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGeQMCArwywKH/2s5d9KIGw8XyErVijSkkJTgZgnmpocLqqJ3j
1pg5j1WEwPQCjYoDF91EM1m+U7hJKyYrBS5yKB2uUlsFFEJs8ZLlcHWGOK5NfvYG
bTRqFHXeTSXh/bd9pqrY3MlLOeCZwcdmoL9l3zM2HCKrDoJbmH+dd1gH75zICGJH
o3RGFDJu/eTYvitsu6f2pFG+DgMz6Io2sNQ/3GmJL5bhr6YB4sQkH9AgbA1ymBMO
IQhPR2l2j/5gzLW8wZcduyelq2uhPCdc2inCD/lN1cnCqaHoujtt5iiodfUkg5xI
turhK1n6xmogoldXuNDj79MG5WJu6bSEyB2pAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUhQ61DgEkTTlc5VkgOpfKehizRLYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hRNjFEZ0VrVFRsYzVW
a2dPcGZLZWhpelJMWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKmuiJXxmMLPATk6
OftenqIRUPH+/Bzod/Sn1LJRAq5wEZWYTnPsib8EblhZsnLlHNWkBZ9xwfQJVdzB
qFBAjnHKKuXN1+SEuwfl2CquBsx/ytPZiI9YRfyBHwa4bC+olpSaWIYJurE8AYtH
V2Ft2Dv2nHLghPs9cX2uCEobX68jhjL2leHS9SFwPSXwiIOfFJau08x1x2+3Q875
rf5WnK72uLUbXwZByBr3cK0/Pvrn8Kjemp8fP8Th0WBD55bQIi335saGNRqzeMSJ
qASzGXEOHXi6kj72PQ2GWYb4DAiieFNIYmQGzuH8h25m0JAD+q+op4PZTLnLC70X
y54CBq4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:40 2024 by rpki-client on console-fra.rpki-client.org