Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jYz7GzQFwtf_lkwjXo_qTVd4rtE.roa
File: jYz7GzQFwtf_lkwjXo_qTVd4rtE.roa (raw, json)
Hash identifier: 2VNwjKQ4XsKUzgri45DJ0R+2DMrbFEONDGOUKpuTV9g=
Subject key identifier: 8D:8C:FB:1B:34:05:C2:D7:FF:96:4C:23:5E:8F:EA:4D:57:78:AE:D1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4775
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jYz7GzQFwtf_lkwjXo_qTVd4rtE.roa
Signing time: Tue 23 Apr 2024 20:53:30 +0000
ROA not before: Tue 23 Apr 2024 20:53:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18293 (0x4775)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 23 20:53:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8D8CFB1B3405C2D7FF964C235E8FEA4D5778AED1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:8a:21:b3:f7:57:82:a2:e5:de:35:18:f2:3a:
15:c0:b4:4b:46:a0:c2:9a:ba:b3:49:a8:08:a6:a1:
b2:48:6f:d7:51:b7:73:c9:b9:2f:b5:81:55:b3:f0:
c7:83:98:e2:39:a8:a1:d3:7d:23:fc:1a:6c:03:67:
42:c3:29:b1:6b:2c:75:86:7a:00:94:b5:f8:f5:4a:
95:26:53:78:bf:10:ba:fd:b2:fd:89:eb:98:32:77:
ce:07:fd:7d:ea:b9:0d:9a:80:6b:17:c9:dd:29:33:
41:8e:21:a3:b0:fb:55:d2:48:e0:8f:99:04:d3:b8:
5e:86:2d:fb:87:67:7e:14:c4:1c:28:b7:d0:95:f9:
a8:82:52:ec:db:cb:84:d5:d9:17:06:d6:9f:e0:91:
45:fd:70:c6:16:6d:24:71:85:b0:f9:e2:c6:da:52:
08:8f:1f:40:2e:1e:db:34:49:24:e2:20:93:e5:e6:
d6:2a:08:80:c9:1f:2c:df:fb:a5:0e:e4:10:07:91:
7f:cd:66:be:e4:3b:9c:31:73:c2:b9:2e:5d:1f:9f:
7c:2a:a9:73:19:8d:0c:3c:b8:c5:ed:77:24:b1:57:
b7:fa:e7:52:9a:4d:60:5e:0a:c8:44:21:33:9a:e2:
1e:5d:c7:75:3e:19:0b:82:a3:f8:bc:67:e5:dc:1f:
69:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:8C:FB:1B:34:05:C2:D7:FF:96:4C:23:5E:8F:EA:4D:57:78:AE:D1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jYz7GzQFwtf_lkwjXo_qTVd4rtE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
37:49:39:8b:af:72:39:9a:7f:72:8c:c4:ab:46:6d:3c:14:bf:
34:e4:a0:93:d4:e3:fa:58:1c:8a:11:0a:79:89:d9:a0:31:56:
91:15:21:7d:a3:12:1f:fb:39:35:e5:d0:ae:6a:98:dd:03:54:
7e:55:bf:c1:05:b9:fe:a4:20:f2:e5:73:fa:33:6d:8c:8b:ee:
70:84:68:8a:37:a9:59:4d:9c:4e:5c:88:d3:f1:1a:0f:0c:32:
07:1a:78:fb:98:5e:f6:5e:54:b9:1c:8f:96:fc:db:f9:de:05:
97:ca:0d:6f:f2:d6:7c:ac:32:59:c7:b0:8f:95:19:54:0b:24:
2f:70:54:78:29:22:9c:69:f6:1f:dd:b8:24:10:a1:01:4f:c9:
ad:e7:46:df:18:a5:ba:03:9c:42:7f:a5:af:cd:28:37:25:44:
17:cf:f0:28:3d:af:1c:60:5c:1c:66:82:a9:a0:46:2d:f5:b7:
0d:34:4d:19:bf:4f:65:80:19:4b:9a:b6:18:62:08:f5:8d:e2:
df:55:1a:50:a5:28:5c:e0:5a:0c:e0:d7:5c:70:28:78:18:e8:
cf:fa:80:fd:d1:ac:25:5f:09:e0:72:c9:c8:ec:74:44:4a:6f:
cb:30:28:4a:7d:07:4d:0e:64:3b:46:0c:3a:2c:85:70:b4:06:
6e:d0:56:d3
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICR3UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjMy
MDUzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhEOENGQjFCMzQwNUMy
RDdGRjk2NEMyMzVFOEZFQTRENTc3OEFFRDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZiiGz91eCouXeNRjyOhXAtEtGoMKaurNJqAimobJIb9dRt3PJ
uS+1gVWz8MeDmOI5qKHTfSP8GmwDZ0LDKbFrLHWGegCUtfj1SpUmU3i/ELr9sv2J
65gyd84H/X3quQ2agGsXyd0pM0GOIaOw+1XSSOCPmQTTuF6GLfuHZ34UxBwot9CV
+aiCUuzby4TV2RcG1p/gkUX9cMYWbSRxhbD54sbaUgiPH0AuHts0SSTiIJPl5tYq
CIDJHyzf+6UO5BAHkX/NZr7kO5wxc8K5Ll0fn3wqqXMZjQw8uMXtdySxV7f651Ka
TWBeCshEITOa4h5dx3U+GQuCo/i8Z+XcH2nrAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUjYz7GzQFwtf/lkwjXo/qTVd4rtEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2pZejdHelFGd3RmX2xr
d2pYb19xVFZkNHJ0RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADdJOYuvcjmaf3KM
xKtGbTwUvzTkoJPU4/pYHIoRCnmJ2aAxVpEVIX2jEh/7OTXl0K5qmN0DVH5Vv8EF
uf6kIPLlc/ozbYyL7nCEaIo3qVlNnE5ciNPxGg8MMgcaePuYXvZeVLkcj5b82/ne
BZfKDW/y1nysMlnHsI+VGVQLJC9wVHgpIpxp9h/duCQQoQFPya3nRt8YpboDnEJ/
pa/NKDclRBfP8Cg9rxxgXBxmgqmgRi31tw00TRm/T2WAGUuathhiCPWN4t9VGlCl
KFzgWgzg11xwKHgY6M/6gP3RrCVfCeByycjsdERKb8swKEp9B00OZDtGDDoshXC0
Bm7QVtM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:04 2024 by rpki-client on console-ams.rpki-client.org