Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/huF4W9htTSxVg5INwi2SIp6LuVM.roa
File: huF4W9htTSxVg5INwi2SIp6LuVM.roa (raw, json)
Hash identifier: ncivg6FTL6Xl36yhgZF/GNlYK5c7cjMtnMYa8afyL7o=
Subject key identifier: 86:E1:78:5B:D8:6D:4D:2C:55:83:92:0D:C2:2D:92:22:9E:8B:B9:53
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5381
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/huF4W9htTSxVg5INwi2SIp6LuVM.roa
Signing time: Thu 09 May 2024 22:23:59 +0000
ROA not before: Thu 09 May 2024 22:23:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21377 (0x5381)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 22:23:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=86E1785BD86D4D2C5583920DC22D92229E8BB953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9c:06:d4:5f:90:1f:4f:b2:28:ad:d9:d3:3e:
94:35:2c:2f:60:1d:7e:b5:84:c3:c5:13:0b:fe:6c:
03:d9:16:75:56:f6:67:68:21:e7:09:99:2d:53:2b:
3b:e1:e6:b5:c6:44:e2:75:3e:89:51:1c:d7:09:4e:
55:c4:71:d0:ea:ee:a7:07:36:ea:9f:55:03:e4:0f:
f5:b4:75:42:df:63:2c:e7:30:58:9c:0f:cd:50:4f:
3a:4b:c8:c5:df:5d:79:ce:9f:57:1e:9d:da:d2:09:
29:4b:37:3b:f6:b8:08:a4:ad:6f:e7:4d:54:0c:45:
48:cf:17:e1:56:61:4f:f2:c2:11:a8:4d:72:10:b3:
01:0d:8f:91:2c:80:b9:2b:8b:b0:91:2a:93:03:a5:
01:51:87:25:d8:25:13:41:34:96:d1:3d:59:fb:c4:
f4:14:c4:ae:f5:2b:27:0d:ce:04:59:a7:7a:54:f8:
2e:7a:6f:75:c3:a6:91:57:73:0f:fc:dc:f7:66:7a:
3c:36:6b:f6:fe:c0:a4:84:ec:9c:cb:16:b9:b0:1d:
7e:9f:91:2f:b3:0b:66:fc:c1:2f:79:38:7f:84:8f:
98:a0:3f:52:d7:ef:19:96:52:d6:28:fe:28:64:cc:
51:28:44:4e:75:19:99:d1:89:19:59:c1:76:96:0e:
82:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E1:78:5B:D8:6D:4D:2C:55:83:92:0D:C2:2D:92:22:9E:8B:B9:53
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/huF4W9htTSxVg5INwi2SIp6LuVM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
af:17:13:d5:60:e2:da:4f:e9:d5:77:e3:95:06:93:8a:e6:26:
d6:c5:b3:c7:58:e4:2b:d0:38:25:9f:eb:f9:63:7f:a0:bc:62:
0b:fc:d4:ce:7d:36:0a:22:b3:3f:e5:79:89:b4:d3:be:0a:37:
b8:ad:01:a5:86:c0:c2:70:db:00:52:ea:ef:f7:f9:7f:1c:aa:
81:c6:bc:3a:fa:2a:03:ea:18:b4:aa:61:73:6d:92:74:02:aa:
61:c1:27:22:0a:14:e1:1a:81:93:c3:7b:e4:82:50:3c:00:75:
82:45:63:a4:fb:c7:66:23:33:e6:cd:ae:7e:72:74:46:e9:de:
af:6b:f9:ad:c0:6e:7d:5a:ef:58:a4:20:70:c2:5a:65:6d:ed:
4f:f8:66:b4:bf:a5:fb:2f:c2:b8:fd:1e:c1:39:b9:0a:55:0f:
a1:fc:39:bc:32:9d:e0:b7:78:f7:c3:80:06:03:20:2f:27:71:
12:48:a3:5d:62:f5:59:12:31:1d:ca:86:2b:2f:18:48:19:d0:
92:8f:87:99:25:d7:2e:ef:57:8c:52:f5:c1:9c:7d:08:66:68:
c0:25:48:99:42:d7:c4:7e:19:59:8a:9a:e6:0f:fc:ac:1c:99:
fa:93:2b:37:65:d8:76:4a:db:5f:6d:1c:f7:0a:2e:a0:9b:c5:
65:20:44:e1
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICU4EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDky
MjIzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg2RTE3ODVCRDg2RDRE
MkM1NTgzOTIwREMyMkQ5MjIyOUU4QkI5NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHnAbUX5AfT7IordnTPpQ1LC9gHX61hMPFEwv+bAPZFnVW9mdo
IecJmS1TKzvh5rXGROJ1PolRHNcJTlXEcdDq7qcHNuqfVQPkD/W0dULfYyznMFic
D81QTzpLyMXfXXnOn1cendrSCSlLNzv2uAikrW/nTVQMRUjPF+FWYU/ywhGoTXIQ
swENj5EsgLkri7CRKpMDpQFRhyXYJRNBNJbRPVn7xPQUxK71KycNzgRZp3pU+C56
b3XDppFXcw/83Pdmejw2a/b+wKSE7JzLFrmwHX6fkS+zC2b8wS95OH+Ej5igP1LX
7xmWUtYo/ihkzFEoRE51GZnRiRlZwXaWDoKJAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUhuF4W9htTSxVg5INwi2SIp6LuVMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2h1RjRXOWh0VFN4Vmc1
SU53aTJTSXA2THVWTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAK8XE9Vg4tpP6dV3
45UGk4rmJtbFs8dY5CvQOCWf6/ljf6C8Ygv81M59Ngoisz/leYm0074KN7itAaWG
wMJw2wBS6u/3+X8cqoHGvDr6KgPqGLSqYXNtknQCqmHBJyIKFOEagZPDe+SCUDwA
dYJFY6T7x2YjM+bNrn5ydEbp3q9r+a3Abn1a71ikIHDCWmVt7U/4ZrS/pfsvwrj9
HsE5uQpVD6H8ObwyneC3ePfDgAYDIC8ncRJIo11i9VkSMR3KhisvGEgZ0JKPh5kl
1y7vV4xS9cGcfQhmaMAlSJlC18R+GVmKmuYP/KwcmfqTKzdl2HZK219tHPcKLqCb
xWUgROE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:02 2024 by rpki-client on console-ams.rpki-client.org