Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/u3fNsL6oAbC9ZlzlQkTcPtmdTps.roa
File: u3fNsL6oAbC9ZlzlQkTcPtmdTps.roa (raw, json)
Hash identifier: SIIWrgnSjT3jMXKSy+dqdPmS7jyIdLHNU60vguVEE1k=
Subject key identifier: BB:77:CD:B0:BE:A8:01:B0:BD:66:5C:E5:42:44:DC:3E:D9:9D:4E:9B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 38A1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/u3fNsL6oAbC9ZlzlQkTcPtmdTps.roa
Signing time: Thu 04 Apr 2024 02:22:20 +0000
ROA not before: Thu 04 Apr 2024 02:22:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14497 (0x38a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 02:22:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BB77CDB0BEA801B0BD665CE54244DC3ED99D4E9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0b:82:66:9c:54:b5:3b:e4:95:66:6b:d0:26:
8e:1e:d1:71:fa:4f:ef:fb:6b:75:b8:4f:bb:86:92:
5a:ef:94:97:47:4c:03:7e:18:70:71:aa:66:de:5c:
4e:81:6e:8a:6b:a2:28:b6:f3:99:07:98:d4:01:e6:
b2:a4:bc:31:79:32:36:16:d9:a3:35:59:66:bd:33:
5f:5b:43:98:fc:8c:e1:3e:e4:a3:1e:b4:c9:fe:0a:
14:37:36:ac:d4:91:2f:59:f7:4d:9b:eb:1a:1f:52:
60:1a:40:f2:f2:52:d3:92:f6:b1:f9:b5:62:1e:88:
fb:45:65:ce:6e:c9:1b:8c:d0:ac:47:50:e5:c6:72:
64:83:96:e6:de:e9:75:c2:e0:09:86:1f:de:e8:f9:
09:59:72:ff:02:a5:2b:5b:a1:45:a5:b8:fa:da:9e:
24:2b:53:e7:d2:4c:0a:6c:c3:7b:a9:d4:9c:13:e3:
ef:36:e5:9b:d6:e0:21:3a:7b:66:77:4a:76:4d:8b:
93:39:33:ff:33:86:a2:59:5f:1e:32:7c:9e:c5:b2:
49:40:01:84:2e:6e:9d:a3:c5:72:ee:0e:62:9c:42:
2a:e1:b8:5d:7c:2e:45:e1:5f:53:37:d1:ce:4c:c4:
6c:3a:21:2c:4c:a9:40:db:52:71:a5:22:ad:65:ef:
07:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:77:CD:B0:BE:A8:01:B0:BD:66:5C:E5:42:44:DC:3E:D9:9D:4E:9B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/u3fNsL6oAbC9ZlzlQkTcPtmdTps.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
1d:48:02:97:87:5b:c1:09:3e:80:51:ba:f6:79:d1:d9:45:b6:
d1:0c:02:44:7c:7b:63:65:6c:52:32:08:f8:12:e7:c3:44:19:
29:ea:62:5e:25:68:1d:36:3c:49:d0:41:47:ef:3f:05:74:38:
5b:f4:fd:76:56:95:e8:69:8e:63:01:76:5e:50:f4:7d:d9:78:
a8:03:45:82:fe:c4:d8:4b:57:3c:47:a8:5c:af:9e:78:28:a5:
d9:18:97:63:c3:23:56:58:b8:53:16:de:c7:8a:b4:2b:de:ef:
46:71:95:47:58:cf:a4:7a:ab:35:af:45:7a:d3:04:20:c7:68:
73:2c:bd:d1:ff:87:89:57:0d:64:4f:b6:d9:88:2e:42:33:c0:
0d:3f:bf:4e:c2:31:1e:f5:cd:50:ca:75:b1:7c:d1:e5:23:23:
5a:7b:87:d1:2e:7c:5b:0d:de:7e:7e:8e:e1:dc:0e:14:d5:85:
a0:e4:67:f6:be:a2:04:20:c2:6e:68:28:66:2c:23:66:77:57:
e1:41:91:0d:60:15:db:c4:a9:be:f9:6e:e7:97:a0:90:d2:19:
7f:65:ab:ed:f0:ef:12:62:05:36:a5:80:4a:c4:f9:f9:23:18:
90:3b:88:aa:77:22:d3:db:27:8a:a4:a1:dd:71:63:22:18:fd:
ad:9e:49:34
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOKEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQw
MjIyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJCNzdDREIwQkVBODAx
QjBCRDY2NUNFNTQyNDREQzNFRDk5RDRFOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0C4JmnFS1O+SVZmvQJo4e0XH6T+/7a3W4T7uGklrvlJdHTAN+
GHBxqmbeXE6Bboproii285kHmNQB5rKkvDF5MjYW2aM1WWa9M19bQ5j8jOE+5KMe
tMn+ChQ3NqzUkS9Z902b6xofUmAaQPLyUtOS9rH5tWIeiPtFZc5uyRuM0KxHUOXG
cmSDlube6XXC4AmGH97o+QlZcv8CpStboUWluPraniQrU+fSTApsw3up1JwT4+82
5ZvW4CE6e2Z3SnZNi5M5M/8zhqJZXx4yfJ7FsklAAYQubp2jxXLuDmKcQirhuF18
LkXhX1M30c5MxGw6ISxMqUDbUnGlIq1l7wdFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUu3fNsL6oAbC9ZlzlQkTcPtmdTpswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3UzZk5zTDZvQWJDOVps
emxRa1RjUHRtZFRwcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAB1IApeHW8EJPoBR
uvZ50dlFttEMAkR8e2NlbFIyCPgS58NEGSnqYl4laB02PEnQQUfvPwV0OFv0/XZW
lehpjmMBdl5Q9H3ZeKgDRYL+xNhLVzxHqFyvnngopdkYl2PDI1ZYuFMW3seKtCve
70ZxlUdYz6R6qzWvRXrTBCDHaHMsvdH/h4lXDWRPttmILkIzwA0/v07CMR71zVDK
dbF80eUjI1p7h9EufFsN3n5+juHcDhTVhaDkZ/a+ogQgwm5oKGYsI2Z3V+FBkQ1g
FdvEqb75bueXoJDSGX9lq+3w7xJiBTalgErE+fkjGJA7iKp3ItPbJ4qkod1xYyIY
/a2eSTQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:16 2024 by rpki-client on console-ams.rpki-client.org