Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sc0jytjwH2GVdiQjK0dudD9DpLg.roa
File: sc0jytjwH2GVdiQjK0dudD9DpLg.roa (raw, json)
Hash identifier: 0LHFooFa+iMWIz62P7KdyTiEoux30uGvoj8KSjXVavk=
Subject key identifier: B1:CD:23:CA:D8:F0:1F:61:95:76:24:23:2B:47:6E:74:3F:43:A4:B8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4301
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sc0jytjwH2GVdiQjK0dudD9DpLg.roa
Signing time: Wed 17 Apr 2024 22:23:23 +0000
ROA not before: Wed 17 Apr 2024 22:23:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17153 (0x4301)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 22:23:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B1CD23CAD8F01F61957624232B476E743F43A4B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:4e:7a:64:38:20:f9:38:1c:bd:db:4b:b5:c8:
0b:61:ec:b9:52:96:6c:c3:c8:ee:2f:50:9a:05:9e:
a9:80:7d:eb:37:d4:ea:bd:a7:ac:4c:45:34:ca:67:
35:45:b0:be:47:b6:99:48:df:43:d9:d6:53:dd:45:
1b:85:12:88:0f:b6:56:fe:96:ae:71:6b:bf:42:d9:
aa:5d:42:17:1f:93:9e:9f:17:fc:d4:b7:a5:2c:70:
13:4d:54:a2:30:04:7e:1d:fc:c2:6d:74:0a:0e:3a:
06:d6:f4:63:ac:79:0c:c9:8d:d6:d8:af:54:b4:19:
b7:93:11:a6:12:27:97:f4:0e:24:bd:7b:0c:80:c1:
b5:b4:f9:cb:34:f5:bf:e9:7a:ef:17:9e:a6:dc:0f:
ff:1f:59:a3:23:5b:8f:df:01:e0:b0:be:6e:8e:6c:
cf:b5:cc:72:98:0a:4f:47:0b:f8:64:ef:7f:b3:9b:
80:f5:39:d5:4c:9a:78:cf:20:75:cf:49:02:f3:30:
e8:e1:4d:f1:a0:3f:be:fa:94:27:8b:00:11:a7:e1:
ea:d8:ba:c6:fb:3d:3f:9f:7a:43:c4:f3:0f:71:40:
f5:a9:70:21:d4:a7:23:f3:5b:d5:8d:22:cc:f6:f6:
23:67:1c:47:ad:76:06:fa:9f:f4:85:19:1b:81:da:
9a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:CD:23:CA:D8:F0:1F:61:95:76:24:23:2B:47:6E:74:3F:43:A4:B8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sc0jytjwH2GVdiQjK0dudD9DpLg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
97:80:31:d7:a7:aa:61:80:7a:cd:3c:56:f5:68:04:7a:42:3e:
c1:c4:22:24:7c:6d:78:8b:3e:9a:9f:8e:15:fe:bd:9d:43:f8:
ff:86:48:e1:ab:b8:c5:3b:b2:99:de:e5:b1:ac:ef:11:09:f5:
95:d7:95:5e:55:63:ae:ad:aa:3f:75:a2:70:53:57:cd:50:2f:
c1:0d:f2:35:bf:3f:97:ae:e3:24:e6:61:cc:57:5f:44:29:be:
d6:08:60:e9:06:c3:ab:d9:fd:2d:46:03:7d:35:3d:6f:ce:54:
a1:2e:cc:62:5a:bf:d2:8a:bd:00:a6:75:17:e1:68:30:65:f0:
43:ca:46:17:58:4c:9b:2a:01:ff:bc:90:61:dd:92:05:ff:2c:
e2:fb:18:74:eb:08:a8:73:da:b3:35:41:b1:00:4c:af:12:c1:
c8:3a:3c:e9:a6:14:b2:77:3d:f5:7c:5c:e2:5b:09:b6:53:c5:
40:e8:94:5c:87:ce:9a:38:54:f7:0f:ba:92:6e:8e:99:3b:83:
36:d7:13:fb:c0:f7:ab:09:ea:34:ed:44:1b:68:99:f8:e5:fe:
a7:dd:8b:f9:d4:1b:a0:eb:40:fb:f5:4c:65:ed:a3:a1:6d:d6:
58:95:37:66:1e:d1:e2:78:9e:9c:ef:d1:f9:e4:65:d0:da:02:
04:09:12:52
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQwEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcy
MjIzMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIxQ0QyM0NBRDhGMDFG
NjE5NTc2MjQyMzJCNDc2RTc0M0Y0M0E0QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYTnpkOCD5OBy920u1yAth7LlSlmzDyO4vUJoFnqmAfes31Oq9
p6xMRTTKZzVFsL5HtplI30PZ1lPdRRuFEogPtlb+lq5xa79C2apdQhcfk56fF/zU
t6UscBNNVKIwBH4d/MJtdAoOOgbW9GOseQzJjdbYr1S0GbeTEaYSJ5f0DiS9ewyA
wbW0+cs09b/peu8XnqbcD/8fWaMjW4/fAeCwvm6ObM+1zHKYCk9HC/hk73+zm4D1
OdVMmnjPIHXPSQLzMOjhTfGgP776lCeLABGn4erYusb7PT+fekPE8w9xQPWpcCHU
pyPzW9WNIsz29iNnHEetdgb6n/SFGRuB2prPAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUsc0jytjwH2GVdiQjK0dudD9DpLgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NjMGp5dGp3SDJHVmRp
UWpLMGR1ZEQ5RHBMZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJeAMdenqmGAes08
VvVoBHpCPsHEIiR8bXiLPpqfjhX+vZ1D+P+GSOGruMU7spne5bGs7xEJ9ZXXlV5V
Y66tqj91onBTV81QL8EN8jW/P5eu4yTmYcxXX0QpvtYIYOkGw6vZ/S1GA301PW/O
VKEuzGJav9KKvQCmdRfhaDBl8EPKRhdYTJsqAf+8kGHdkgX/LOL7GHTrCKhz2rM1
QbEATK8Swcg6POmmFLJ3PfV8XOJbCbZTxUDolFyHzpo4VPcPupJujpk7gzbXE/vA
96sJ6jTtRBtomfjl/qfdi/nUG6DrQPv1TGXto6Ft1liVN2Ye0eJ4npzv0fnkZdDa
AgQJElI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:50 2024 by rpki-client on console-fra.rpki-client.org