Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sVjLRwKDjN3llCPfLmE9Mb0CNPM.roa
File: sVjLRwKDjN3llCPfLmE9Mb0CNPM.roa (raw, json)
Hash identifier: atA1Cn6lPjnO3Oi+dNgl2s1YDB0f0A7EH/5LGqkqJZ8=
Subject key identifier: B1:58:CB:47:02:83:8C:DD:E5:94:23:DF:2E:61:3D:31:BD:02:34:F3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 364D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sVjLRwKDjN3llCPfLmE9Mb0CNPM.roa
Signing time: Sun 31 Mar 2024 23:52:09 +0000
ROA not before: Sun 31 Mar 2024 23:52:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13901 (0x364d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 23:52:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B158CB4702838CDDE59423DF2E613D31BD0234F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c4:16:87:c7:fb:54:3f:b0:05:a2:51:26:0f:
51:f9:80:a6:98:2d:94:e1:e0:5d:d6:59:70:10:db:
19:75:0d:ea:e8:ad:1a:df:97:32:f1:21:8b:57:16:
3c:a5:31:d6:60:7c:11:87:0c:62:63:ba:58:40:6f:
85:a9:00:6f:c6:1d:7d:90:68:f0:5e:61:d4:b7:3d:
3c:20:f7:70:c2:bd:6f:f3:3e:7d:27:b2:b0:47:eb:
8b:63:9b:99:fe:e8:cf:c3:35:48:c7:af:d7:ed:a0:
97:bf:af:f6:9d:5d:1b:7f:63:f7:2f:42:3e:c7:4d:
f8:eb:8e:7a:33:7a:1f:82:45:63:74:ee:c1:23:4c:
96:e3:63:4c:6e:5f:58:95:8b:92:21:26:b3:7b:43:
b2:25:db:ae:fd:ab:f9:68:40:fb:f8:96:c5:6b:1f:
5a:13:5b:d0:62:d1:62:88:7c:94:99:77:40:90:60:
2d:53:6c:8e:d2:7c:ff:53:4b:f1:a7:a7:ac:65:46:
97:08:9d:91:04:cf:db:db:65:66:c4:6d:c3:fe:a8:
b1:a4:47:dd:4e:d3:35:01:b5:bf:5b:48:a2:b8:bd:
9c:31:9f:d9:34:47:13:be:cc:25:18:2e:7b:16:5d:
fc:cd:91:20:6b:0c:59:72:4e:7f:6d:59:f5:6f:51:
26:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:58:CB:47:02:83:8C:DD:E5:94:23:DF:2E:61:3D:31:BD:02:34:F3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sVjLRwKDjN3llCPfLmE9Mb0CNPM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
af:fd:b5:48:e4:bd:e1:77:1f:a7:86:28:9d:32:1c:01:8c:d2:
d2:91:ca:70:10:f5:ef:a4:25:d4:ac:ba:97:1d:57:ba:e7:32:
bf:02:29:92:c8:c0:a5:d7:bd:a4:6a:6a:5e:b9:3d:ef:70:84:
87:cd:1c:dc:13:95:c0:11:03:fe:3f:28:3a:7f:f6:8a:bb:3c:
2d:ba:38:60:29:fa:03:83:05:8e:7d:28:8b:f9:0d:21:da:d1:
dd:05:b7:2e:5b:a1:d9:10:fe:83:a0:7f:02:ce:8d:92:ea:27:
8c:7e:c7:99:d4:19:ac:17:4f:e0:89:31:2d:b8:43:21:fe:ec:
f2:37:1d:6c:9f:c8:02:22:da:52:51:01:37:b3:ec:42:bc:25:
01:c8:58:c0:69:a7:f5:32:09:31:19:7d:66:14:a1:88:af:44:
4a:36:37:e1:c6:20:18:9f:2b:2c:59:01:19:c7:2f:c0:de:0a:
97:2f:e7:0e:42:ab:1d:e0:cb:f7:25:f6:9e:42:bf:9c:97:b8:
ba:f6:2b:4e:28:9a:b0:ae:41:ad:3b:51:3f:bf:a2:eb:ab:6b:
ba:b0:a4:ae:3b:9b:59:88:39:24:4a:70:4c:56:43:d9:39:c2:
0a:72:41:fd:45:9f:75:00:67:48:fb:6a:5a:dc:9c:b1:91:12:
fa:4f:bd:82
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNk0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEy
MzUyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIxNThDQjQ3MDI4MzhD
RERFNTk0MjNERjJFNjEzRDMxQkQwMjM0RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfxBaHx/tUP7AFolEmD1H5gKaYLZTh4F3WWXAQ2xl1DerorRrf
lzLxIYtXFjylMdZgfBGHDGJjulhAb4WpAG/GHX2QaPBeYdS3PTwg93DCvW/zPn0n
srBH64tjm5n+6M/DNUjHr9ftoJe/r/adXRt/Y/cvQj7HTfjrjnozeh+CRWN07sEj
TJbjY0xuX1iVi5IhJrN7Q7Il2679q/loQPv4lsVrH1oTW9Bi0WKIfJSZd0CQYC1T
bI7SfP9TS/Gnp6xlRpcInZEEz9vbZWbEbcP+qLGkR91O0zUBtb9bSKK4vZwxn9k0
RxO+zCUYLnsWXfzNkSBrDFlyTn9tWfVvUSYvAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUsVjLRwKDjN3llCPfLmE9Mb0CNPMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NWakxSd0tEak4zbGxD
UGZMbUU5TWIwQ05QTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAK/9tUjkveF3H6eG
KJ0yHAGM0tKRynAQ9e+kJdSsupcdV7rnMr8CKZLIwKXXvaRqal65Pe9whIfNHNwT
lcARA/4/KDp/9oq7PC26OGAp+gODBY59KIv5DSHa0d0Fty5bodkQ/oOgfwLOjZLq
J4x+x5nUGawXT+CJMS24QyH+7PI3HWyfyAIi2lJRATez7EK8JQHIWMBpp/UyCTEZ
fWYUoYivREo2N+HGIBifKyxZARnHL8DeCpcv5w5Cqx3gy/cl9p5Cv5yXuLr2K04o
mrCuQa07UT+/ouura7qwpK47m1mIOSRKcExWQ9k5wgpyQf1Fn3UAZ0j7alrcnLGR
EvpPvYI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:50 2024 by rpki-client on console-fra.rpki-client.org