Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sH0mpmRZVXLDhVxuaQlg2KoKJ6A.roa
File: sH0mpmRZVXLDhVxuaQlg2KoKJ6A.roa (raw, json)
Hash identifier: y2HJ3QudHZzQ0Q4KJnrmnSKs1a4NMb4YzZKDzX2k7t4=
Subject key identifier: B0:7D:26:A6:64:59:55:72:C3:85:5C:6E:69:09:60:D8:AA:0A:27:A0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 453D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sH0mpmRZVXLDhVxuaQlg2KoKJ6A.roa
Signing time: Sat 20 Apr 2024 21:53:11 +0000
ROA not before: Sat 20 Apr 2024 21:53:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17725 (0x453d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 21:53:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B07D26A664595572C3855C6E690960D8AA0A27A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:38:9b:49:42:12:da:67:cb:38:c8:90:21:29:
80:93:ab:fe:63:39:4c:02:f4:88:22:27:81:67:8a:
02:43:05:3f:75:35:5e:22:84:bd:2e:23:95:39:b4:
b1:6b:bf:b5:06:23:d1:45:67:3e:52:6d:9e:d5:54:
0a:93:13:c7:ca:f5:0f:3a:6f:3d:2e:b9:76:5d:12:
7a:6e:10:ed:26:87:ee:f3:4e:d3:d4:ca:2a:69:0f:
24:84:a5:3f:41:8d:6d:c8:87:3b:71:83:da:7d:76:
4d:57:db:09:b6:47:c0:5c:2f:34:8e:2c:d1:df:2e:
84:d5:60:c9:b9:4d:12:68:2e:29:0b:27:a5:02:66:
74:22:45:dc:19:c1:3e:b7:78:52:d6:b8:cc:ee:cf:
4e:6d:6d:04:df:1e:1c:8c:d2:70:18:69:97:17:41:
d7:38:1d:64:0c:92:63:e2:78:59:96:a6:a2:dc:80:
e0:1e:f4:6d:ab:ff:c5:98:60:e6:bc:74:c5:8b:92:
fb:04:36:ec:83:1f:1b:69:68:5e:de:87:21:2a:bf:
24:6b:2e:f3:08:51:de:db:45:c7:6b:a3:3b:bc:0e:
f6:ca:65:51:0b:c4:40:19:9a:ec:9e:c8:ee:76:74:
a9:bd:98:e5:fa:28:34:13:41:c9:13:c7:ec:56:b0:
9e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:7D:26:A6:64:59:55:72:C3:85:5C:6E:69:09:60:D8:AA:0A:27:A0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sH0mpmRZVXLDhVxuaQlg2KoKJ6A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5c:d7:c6:ed:9e:3f:15:07:c1:6e:17:89:77:f2:c8:60:11:ac:
b8:fb:fd:06:ea:dc:7d:94:cf:4d:dd:5e:ca:7e:90:5e:11:34:
2d:a1:40:4d:ab:8f:cb:73:23:f9:3b:1d:f3:54:8f:b0:82:c8:
a0:6c:d3:4a:05:1b:06:0a:72:2a:8b:cc:b6:2b:1e:d1:34:d4:
ff:31:38:06:86:81:a3:1d:dd:69:0b:af:2d:12:3f:43:ae:9a:
93:8d:e5:89:ad:37:24:d7:7b:13:b6:ef:2d:90:06:4d:42:c8:
c2:9d:53:76:1e:48:1e:12:92:b8:9a:2b:37:6d:8a:63:d9:e2:
d8:e5:79:d0:ba:8c:3d:05:70:60:f1:99:d2:5a:72:ba:9c:d2:
ad:51:cd:d9:65:78:4a:ec:3a:40:70:e3:6d:9a:75:28:19:24:
f0:25:b6:bb:f3:ff:7d:f6:e6:5e:96:71:f2:5c:4b:0a:45:72:
d8:44:b1:50:20:70:1d:cb:cc:30:b0:36:23:e7:99:b2:93:8e:
a3:02:9b:54:81:7e:f8:13:a5:6c:9d:30:b6:7e:0b:f1:0c:29:
d2:04:7c:e2:fc:ed:2b:d3:e1:49:41:e2:ee:df:9c:70:ab:3e:
53:f0:19:bc:19:10:e4:e2:1b:b0:69:5d:b9:77:bd:b7:e0:98:
f5:13:c9:9b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRT0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAy
MTUzMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIwN0QyNkE2NjQ1OTU1
NzJDMzg1NUM2RTY5MDk2MEQ4QUEwQTI3QTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGOJtJQhLaZ8s4yJAhKYCTq/5jOUwC9IgiJ4FnigJDBT91NV4i
hL0uI5U5tLFrv7UGI9FFZz5SbZ7VVAqTE8fK9Q86bz0uuXZdEnpuEO0mh+7zTtPU
yippDySEpT9BjW3Ihztxg9p9dk1X2wm2R8BcLzSOLNHfLoTVYMm5TRJoLikLJ6UC
ZnQiRdwZwT63eFLWuMzuz05tbQTfHhyM0nAYaZcXQdc4HWQMkmPieFmWpqLcgOAe
9G2r/8WYYOa8dMWLkvsENuyDHxtpaF7ehyEqvyRrLvMIUd7bRcdrozu8DvbKZVEL
xEAZmuyeyO52dKm9mOX6KDQTQckTx+xWsJ5nAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUsH0mpmRZVXLDhVxuaQlg2KoKJ6AwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NIMG1wbVJaVlhMRGhW
eHVhUWxnMktvS0o2QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFzXxu2ePxUHwW4X
iXfyyGARrLj7/Qbq3H2Uz03dXsp+kF4RNC2hQE2rj8tzI/k7HfNUj7CCyKBs00oF
GwYKciqLzLYrHtE01P8xOAaGgaMd3WkLry0SP0OumpON5YmtNyTXexO27y2QBk1C
yMKdU3YeSB4SkriaKzdtimPZ4tjledC6jD0FcGDxmdJacrqc0q1RzdlleErsOkBw
422adSgZJPAltrvz/3325l6WcfJcSwpFcthEsVAgcB3LzDCwNiPnmbKTjqMCm1SB
fvgTpWydMLZ+C/EMKdIEfOL87SvT4UlB4u7fnHCrPlPwGbwZEOTiG7BpXbl3vbfg
mPUTyZs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:50 2024 by rpki-client on console-fra.rpki-client.org