Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jLukYhbXr6kYWZPiGS8G6oNfNPM.roa
File: jLukYhbXr6kYWZPiGS8G6oNfNPM.roa (raw, json)
Hash identifier: tSmQ9FKJgzuBJWT9bEIHg8L1PYIVUEp5xHoJWDv5lCc=
Subject key identifier: 8C:BB:A4:62:16:D7:AF:A9:18:59:93:E2:19:2F:06:EA:83:5F:34:F3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4785
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jLukYhbXr6kYWZPiGS8G6oNfNPM.roa
Signing time: Tue 23 Apr 2024 22:53:12 +0000
ROA not before: Tue 23 Apr 2024 22:53:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18309 (0x4785)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 23 22:53:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8CBBA46216D7AFA9185993E2192F06EA835F34F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:3e:78:21:18:e7:a9:81:60:e7:5c:a9:17:0d:
7a:7b:c0:e7:0e:f4:65:ca:e9:7c:1f:ef:ed:e6:1a:
23:a8:17:fa:92:26:19:fd:03:d5:6c:3f:b0:dc:a9:
3d:ea:6d:5a:b2:bb:43:f0:ca:2c:1c:c3:80:c3:fe:
63:c7:aa:6f:ef:96:0c:5c:2a:8f:ad:2e:4d:9b:fe:
18:ca:19:c2:dc:6c:74:2f:91:47:c8:26:6f:43:a4:
05:8f:4b:11:a0:5b:cc:fb:f6:95:77:12:c0:5e:5d:
f8:b5:1b:4f:4c:34:90:7f:15:c4:c2:a6:bc:7c:83:
1d:2f:e8:83:66:0d:4b:3a:65:58:ff:6f:b1:47:ae:
5b:f6:70:69:0a:7c:aa:70:ba:4b:de:8f:14:5c:95:
ec:9f:09:5a:19:60:b8:54:eb:74:a8:65:cf:f9:fa:
31:3b:2d:16:c6:6f:a0:46:b6:fb:e7:69:19:7b:37:
05:0c:d2:0f:2f:b3:64:af:57:27:d6:eb:82:20:6d:
e6:f3:4d:8b:c0:a0:e3:a7:9a:85:04:f9:55:96:a6:
c3:b8:38:d5:2b:29:a8:6c:09:4f:54:f4:b5:e9:f0:
ea:0f:89:45:be:35:3d:2c:e7:83:cb:72:33:61:ba:
b4:f6:94:fa:f2:33:05:f8:79:30:50:13:c0:12:41:
f5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:BB:A4:62:16:D7:AF:A9:18:59:93:E2:19:2F:06:EA:83:5F:34:F3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jLukYhbXr6kYWZPiGS8G6oNfNPM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
52:51:08:48:c5:60:e5:dc:e9:62:f5:fa:6b:c5:ff:a1:3b:78:
4f:f1:f7:db:94:bd:0d:6d:04:75:16:e5:f5:84:0b:ab:22:6a:
a2:dd:a8:6b:93:99:39:17:a7:90:07:40:21:26:63:df:64:22:
6c:7e:17:6c:55:35:d8:6b:9a:03:f8:d4:56:26:54:d1:d3:fc:
5d:c8:27:b5:e0:9c:d6:a0:a8:ce:de:e0:17:c5:cc:a8:8a:55:
53:1a:40:c2:ea:da:5d:34:c9:ea:bd:b6:09:54:e5:da:58:68:
8f:bd:27:4c:c1:3c:b9:ef:77:a2:6c:19:99:f1:48:fb:e9:a1:
b0:36:1a:95:2a:14:39:b2:7c:69:aa:45:7c:a5:6a:4a:4b:97:
af:69:34:85:f0:4e:26:c9:e2:cf:69:da:f3:7f:47:76:42:91:
7f:e3:f3:74:38:2b:6c:38:66:64:3d:80:52:13:c8:46:91:24:
eb:f2:34:f8:ec:df:6b:25:ae:e3:80:1f:67:55:02:6d:eb:cf:
6e:2e:6b:9d:16:be:ee:39:ad:27:13:21:2f:1f:ef:ae:64:9c:
f3:3f:f3:2c:45:6c:e6:50:e0:66:b5:9a:7d:0f:b0:98:0b:50:
07:b9:92:09:07:5c:38:3c:5d:10:65:f1:c7:fb:80:f4:66:2b:
9a:45:02:d4
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICR4UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjMy
MjUzMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhDQkJBNDYyMTZEN0FG
QTkxODU5OTNFMjE5MkYwNkVBODM1RjM0RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaPnghGOepgWDnXKkXDXp7wOcO9GXK6Xwf7+3mGiOoF/qSJhn9
A9VsP7DcqT3qbVqyu0Pwyiwcw4DD/mPHqm/vlgxcKo+tLk2b/hjKGcLcbHQvkUfI
Jm9DpAWPSxGgW8z79pV3EsBeXfi1G09MNJB/FcTCprx8gx0v6INmDUs6ZVj/b7FH
rlv2cGkKfKpwukvejxRcleyfCVoZYLhU63SoZc/5+jE7LRbGb6BGtvvnaRl7NwUM
0g8vs2SvVyfW64IgbebzTYvAoOOnmoUE+VWWpsO4ONUrKahsCU9U9LXp8OoPiUW+
NT0s54PLcjNhurT2lPryMwX4eTBQE8ASQfWPAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUjLukYhbXr6kYWZPiGS8G6oNfNPMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2pMdWtZaGJYcjZrWVda
UGlHUzhHNm9OZk5QTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFJRCEjFYOXc6WL1
+mvF/6E7eE/x99uUvQ1tBHUW5fWEC6siaqLdqGuTmTkXp5AHQCEmY99kImx+F2xV
NdhrmgP41FYmVNHT/F3IJ7XgnNagqM7e4BfFzKiKVVMaQMLq2l00yeq9tglU5dpY
aI+9J0zBPLnvd6JsGZnxSPvpobA2GpUqFDmyfGmqRXylakpLl69pNIXwTibJ4s9p
2vN/R3ZCkX/j83Q4K2w4ZmQ9gFITyEaRJOvyNPjs32slruOAH2dVAm3rz24ua50W
vu45rScTIS8f765knPM/8yxFbOZQ4Ga1mn0PsJgLUAe5kgkHXDg8XRBl8cf7gPRm
K5pFAtQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:04 2024 by rpki-client on console-ams.rpki-client.org