Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vUn2AADOJRx0EZUKyzxQLGDWiVQ.roa
File: vUn2AADOJRx0EZUKyzxQLGDWiVQ.roa (raw, json)
Hash identifier: KaHooi7VHDKoDtXc8hgmCWnYEjIvHM2W/2iMRvxWaBc=
Subject key identifier: BD:49:F6:00:00:CE:25:1C:74:11:95:0A:CB:3C:50:2C:60:D6:89:54
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5545
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vUn2AADOJRx0EZUKyzxQLGDWiVQ.roa
Signing time: Sun 12 May 2024 06:54:12 +0000
ROA not before: Sun 12 May 2024 06:54:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21829 (0x5545)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 06:54:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BD49F60000CE251C7411950ACB3C502C60D68954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:08:7f:77:d7:71:a5:85:4a:a4:4c:05:11:0a:
88:6b:fc:98:57:4f:ec:fd:4f:64:61:47:ce:1f:2d:
c9:bb:6d:97:62:05:10:51:51:cd:37:14:49:d0:0f:
81:87:94:99:1b:7c:54:11:bc:d4:8e:9b:4d:03:0f:
bf:b9:5a:f4:90:a0:f8:18:0a:d0:bd:65:3d:36:f2:
3c:35:c1:ca:47:12:11:ca:7c:e2:9f:9c:fb:1d:e2:
50:95:4d:c3:d1:ff:7c:14:08:27:d7:e9:45:6d:b2:
14:57:88:5c:d9:00:9c:06:ef:84:77:65:36:b6:66:
21:d0:b6:31:cd:ae:de:21:8c:33:95:ee:64:73:4d:
71:d4:d4:92:14:4e:54:f4:ce:2a:b7:ad:86:8e:b7:
dc:68:33:15:ad:13:ec:37:80:34:52:bd:52:55:41:
f5:a4:3b:c9:3e:cd:0f:ca:b4:07:e8:db:51:d3:32:
58:4c:47:c3:d5:b3:9b:97:f3:82:e4:4b:4b:b1:fb:
b4:4b:73:94:b7:54:53:22:b0:45:43:5d:df:32:7e:
20:e5:ba:78:ce:0e:f2:f7:59:40:de:5a:27:1b:10:
01:6b:6a:c3:c6:89:2f:c2:35:2e:1d:f1:b8:26:d1:
77:3a:ed:38:98:b5:e0:59:dc:5b:fe:77:f0:a4:96:
18:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:49:F6:00:00:CE:25:1C:74:11:95:0A:CB:3C:50:2C:60:D6:89:54
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vUn2AADOJRx0EZUKyzxQLGDWiVQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
0b:bd:37:57:46:12:e6:fa:1a:e1:03:24:a1:9d:68:3a:c9:03:
2e:aa:de:3f:db:e5:d3:76:80:2f:b7:2d:70:a4:fe:60:de:ca:
e8:0f:a2:fb:04:dd:a2:d1:b8:be:b5:4a:b3:a4:b6:11:a7:1b:
be:c7:53:9e:cf:bb:e6:29:10:67:cb:a3:ae:b5:fe:da:6e:f8:
29:aa:7c:39:20:2f:f1:03:88:4b:33:f6:f6:28:e3:a2:70:4e:
ac:a2:2e:37:3e:a8:6c:ac:34:16:72:e6:bd:c0:73:a7:4c:8b:
60:aa:19:71:f4:56:70:f1:df:4a:16:52:03:31:bc:21:3c:c6:
1b:19:d2:3a:d3:7e:73:69:6f:a4:90:cc:dd:79:90:8b:ad:53:
5e:ca:4e:80:97:d8:a0:1f:61:97:8b:4e:17:dc:cf:89:a8:1f:
b9:56:c3:3c:2a:e1:f3:88:0a:9b:21:7b:94:8c:34:b2:bd:85:
12:af:f5:dd:e9:5f:bd:d4:de:a1:6a:61:4c:4e:1a:41:ab:84:
0f:37:c2:45:6f:66:4d:86:40:60:d1:1c:1b:53:33:01:bf:c6:
15:6d:96:5a:d1:b6:cf:ba:ae:3d:68:bf:5c:83:a1:5e:7a:1a:
ee:31:83:ca:29:2c:f8:f9:3c:a9:22:7c:53:4a:11:55:fa:1e:
91:1f:fb:5a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVUUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIw
NjU0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJENDlGNjAwMDBDRTI1
MUM3NDExOTUwQUNCM0M1MDJDNjBENjg5NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvCH9313GlhUqkTAURCohr/JhXT+z9T2RhR84fLcm7bZdiBRBR
Uc03FEnQD4GHlJkbfFQRvNSOm00DD7+5WvSQoPgYCtC9ZT028jw1wcpHEhHKfOKf
nPsd4lCVTcPR/3wUCCfX6UVtshRXiFzZAJwG74R3ZTa2ZiHQtjHNrt4hjDOV7mRz
TXHU1JIUTlT0ziq3rYaOt9xoMxWtE+w3gDRSvVJVQfWkO8k+zQ/KtAfo21HTMlhM
R8PVs5uX84LkS0ux+7RLc5S3VFMisEVDXd8yfiDlunjODvL3WUDeWicbEAFrasPG
iS/CNS4d8bgm0Xc67TiYteBZ3Fv+d/Cklhi5AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUvUn2AADOJRx0EZUKyzxQLGDWiVQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZVbjJBQURPSlJ4MEVa
VUt5enhRTEdEV2lWUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAu9N1dGEub6GuED
JKGdaDrJAy6q3j/b5dN2gC+3LXCk/mDeyugPovsE3aLRuL61SrOkthGnG77HU57P
u+YpEGfLo661/tpu+CmqfDkgL/EDiEsz9vYo46JwTqyiLjc+qGysNBZy5r3Ac6dM
i2CqGXH0VnDx30oWUgMxvCE8xhsZ0jrTfnNpb6SQzN15kIutU17KToCX2KAfYZeL
Thfcz4moH7lWwzwq4fOICpshe5SMNLK9hRKv9d3pX73U3qFqYUxOGkGrhA83wkVv
Zk2GQGDRHBtTMwG/xhVtllrRts+6rj1ov1yDoV56Gu4xg8opLPj5PKkifFNKEVX6
HpEf+1o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:53 2024 by rpki-client on console-fra.rpki-client.org