Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/uvhbHdlLHvD0S1guyQztCdf1dJs.roa
File: uvhbHdlLHvD0S1guyQztCdf1dJs.roa (raw, json)
Hash identifier: OXwHw3tmJVF1zUtiy9//zB0MqJMKFUzadniX8Kc0jls=
Subject key identifier: BA:F8:5B:1D:D9:4B:1E:F0:F4:4B:58:2E:C9:0C:ED:09:D7:F5:74:9B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F51
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uvhbHdlLHvD0S1guyQztCdf1dJs.roa
Signing time: Sat 13 Apr 2024 00:22:48 +0000
ROA not before: Sat 13 Apr 2024 00:22:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16209 (0x3f51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 00:22:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BAF85B1DD94B1EF0F44B582EC90CED09D7F5749B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:68:34:f5:99:bc:0b:aa:14:d9:79:71:a3:f8:
b8:d2:02:50:8a:6a:a4:5d:f0:31:2a:02:00:ee:c8:
f8:8a:1b:7d:bf:a7:7b:ce:a5:12:c2:29:0e:ba:25:
ec:59:d4:5d:ef:a6:10:e5:97:8a:c3:cd:0b:b7:71:
88:7a:b0:8c:19:17:aa:76:a0:ac:03:b8:d4:24:c5:
c5:95:dd:3f:bf:a6:53:b5:11:46:4b:64:91:ac:e3:
2d:9f:ee:1b:78:cb:cb:88:fb:d9:b7:60:56:b9:60:
e4:62:7b:eb:95:df:e9:d1:47:d8:d4:60:e4:b3:60:
71:70:62:8e:36:66:fe:7a:93:e2:c5:81:63:1f:d7:
fd:02:24:a0:66:3d:5f:f6:af:b9:27:35:c0:c5:24:
5c:83:62:bd:55:46:7e:17:a2:b7:be:4d:ba:af:aa:
2f:91:b0:b6:95:5f:82:d8:c7:ee:20:54:91:a3:6d:
4a:ff:6d:f9:be:68:ed:7d:01:33:dd:e3:6f:76:6a:
c9:7a:aa:fc:41:a4:a2:53:80:e8:39:68:5d:0d:4f:
16:5a:67:d8:38:82:b2:2d:7a:e5:ac:85:4e:f9:85:
41:83:68:56:f4:68:c4:00:ce:4b:b0:b1:d1:f8:dc:
fb:8a:85:8b:f3:81:d8:dc:e3:ba:47:5e:b8:42:95:
b7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F8:5B:1D:D9:4B:1E:F0:F4:4B:58:2E:C9:0C:ED:09:D7:F5:74:9B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uvhbHdlLHvD0S1guyQztCdf1dJs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
aa:ec:10:8e:b2:e3:60:a7:f6:df:99:99:3e:e4:8e:9b:e0:8e:
74:aa:17:78:d9:0f:64:9c:68:db:a7:81:53:d0:78:46:d6:72:
15:83:34:f9:ea:8a:d3:c0:0f:a7:e9:74:9c:5e:0d:34:cd:da:
9c:7c:8c:dd:85:96:d2:d3:0b:f9:78:92:80:e6:ed:f1:07:86:
13:bc:21:d7:db:ff:2b:bf:3f:b6:ca:1a:02:9d:dd:34:fc:73:
72:eb:04:b9:ab:e4:5a:df:75:1a:07:2c:92:36:c4:7b:91:ab:
8e:29:21:d9:7f:c0:1d:f7:04:2f:f3:89:a0:b4:c8:07:d0:2a:
f4:c0:15:43:b4:aa:40:cd:b6:36:cc:d2:54:1d:65:11:d0:f6:
35:d0:2e:c2:71:05:7e:e4:ad:c0:6c:cf:f9:a1:ab:88:13:02:
40:f2:67:08:c4:c6:88:5e:88:a2:13:84:32:1b:f2:58:e3:ea:
c4:7b:9f:d2:4a:1e:68:4d:1a:cc:ee:10:c0:4d:22:51:a8:a9:
60:9b:2a:5c:4d:91:90:00:e7:11:42:2b:81:38:24:41:76:72:
b5:1c:8c:0d:28:5e:24:fc:12:14:83:50:40:6c:9d:c8:1e:6f:
33:d7:1b:63:02:d5:73:07:60:05:df:b0:f9:4a:c5:30:b6:7f:
47:d5:22:b8
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICP1EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMw
MDIyNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJBRjg1QjFERDk0QjFF
RjBGNDRCNTgyRUM5MENFRDA5RDdGNTc0OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqaDT1mbwLqhTZeXGj+LjSAlCKaqRd8DEqAgDuyPiKG32/p3vO
pRLCKQ66JexZ1F3vphDll4rDzQu3cYh6sIwZF6p2oKwDuNQkxcWV3T+/plO1EUZL
ZJGs4y2f7ht4y8uI+9m3YFa5YORie+uV3+nRR9jUYOSzYHFwYo42Zv56k+LFgWMf
1/0CJKBmPV/2r7knNcDFJFyDYr1VRn4Xore+Tbqvqi+RsLaVX4LYx+4gVJGjbUr/
bfm+aO19ATPd4292asl6qvxBpKJTgOg5aF0NTxZaZ9g4grIteuWshU75hUGDaFb0
aMQAzkuwsdH43PuKhYvzgdjc47pHXrhClbc/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUuvhbHdlLHvD0S1guyQztCdf1dJswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3V2aGJIZGxMSHZEMFMx
Z3V5UXp0Q2RmMWRKcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKrsEI6y42Cn9t+Z
mT7kjpvgjnSqF3jZD2ScaNungVPQeEbWchWDNPnqitPAD6fpdJxeDTTN2px8jN2F
ltLTC/l4koDm7fEHhhO8Idfb/yu/P7bKGgKd3TT8c3LrBLmr5FrfdRoHLJI2xHuR
q44pIdl/wB33BC/ziaC0yAfQKvTAFUO0qkDNtjbM0lQdZRHQ9jXQLsJxBX7krcBs
z/mhq4gTAkDyZwjExoheiKIThDIb8ljj6sR7n9JKHmhNGszuEMBNIlGoqWCbKlxN
kZAA5xFCK4E4JEF2crUcjA0oXiT8EhSDUEBsncgebzPXG2MC1XMHYAXfsPlKxTC2
f0fVIrg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:53 2024 by rpki-client on console-fra.rpki-client.org