Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vfTbFDoWZbKTgIjwfojOezzPTo8.roa
File: vfTbFDoWZbKTgIjwfojOezzPTo8.roa (raw, json)
Hash identifier: C9UVjQtiSbYhhpNYBqBdPewCqwR3ZAtkKK61218m6Uo=
Subject key identifier: BD:F4:DB:14:3A:16:65:B2:93:80:88:F0:7E:88:CE:7B:3C:CF:4E:8F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 54FD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vfTbFDoWZbKTgIjwfojOezzPTo8.roa
Signing time: Sat 11 May 2024 21:54:08 +0000
ROA not before: Sat 11 May 2024 21:54:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21757 (0x54fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 21:54:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BDF4DB143A1665B2938088F07E88CE7B3CCF4E8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:77:ca:a5:bf:3e:b4:9d:c8:47:fc:4c:14:62:
f5:5e:e7:e9:04:87:de:9c:32:b4:a0:99:ca:5c:f6:
20:f4:87:42:d1:7c:12:1d:62:a6:b3:74:f3:22:66:
ae:de:10:23:40:80:36:ac:3f:11:c0:de:dc:64:5b:
63:68:f9:59:c2:7e:3e:2f:2f:75:0f:48:f2:4f:96:
0b:b7:00:9c:56:26:09:d1:85:1e:7e:8e:7c:75:e7:
b6:99:5e:30:32:7e:09:10:f9:df:bd:cb:ea:e2:23:
5e:32:5a:fa:8b:94:52:1a:e0:13:b0:64:8a:6c:a5:
58:70:27:94:11:5c:61:48:00:7f:f2:5f:83:99:b4:
42:a0:b2:9c:17:d1:76:0b:0d:41:26:c7:84:a2:49:
91:b5:46:12:9c:11:67:a6:92:5f:92:f9:80:d6:5a:
94:ac:6a:69:70:af:b1:c0:59:b4:8c:12:ce:52:a5:
fa:d8:20:c6:83:f2:ad:79:36:df:61:5c:ec:b7:1b:
d0:36:b5:11:1c:ec:d7:87:9e:b1:5e:22:9d:c1:fb:
76:1d:f0:04:7a:36:13:51:6e:1b:9e:ae:90:6f:99:
90:81:66:be:01:54:d7:95:0e:83:25:c4:3d:31:da:
89:70:5c:ba:01:39:d0:e4:c2:78:5c:7e:69:96:d3:
9d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F4:DB:14:3A:16:65:B2:93:80:88:F0:7E:88:CE:7B:3C:CF:4E:8F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vfTbFDoWZbKTgIjwfojOezzPTo8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a2:7d:6c:d2:0c:21:ae:b7:ca:b2:f1:8b:94:af:96:66:c2:f0:
4d:cc:a3:4b:9b:3a:8c:5a:9a:c4:90:e0:4b:a3:a2:56:63:94:
35:85:7d:a5:37:e9:18:f7:75:ab:8b:2c:13:95:d1:1a:e9:af:
b3:97:b5:88:f9:6d:46:75:e4:54:73:60:94:fd:9a:ea:f2:6b:
af:b5:b9:76:d2:a2:ac:be:19:6e:00:61:d9:22:20:63:2c:48:
73:f8:ed:ac:c1:43:17:65:5a:44:dd:38:7b:00:40:4d:45:d8:
fc:bd:23:c3:93:56:6f:8b:b5:63:08:6d:56:87:f3:09:e9:3e:
14:84:52:fc:f1:c0:a8:76:3a:f9:42:cb:45:37:0b:5b:e1:88:
ca:1d:d3:93:1c:64:33:cb:3d:75:4d:d7:7e:77:21:5e:83:6b:
29:f1:fa:c9:2d:3f:1b:8a:6a:f9:84:32:d6:a2:40:ea:01:7b:
b1:12:91:aa:9b:c3:06:38:90:79:66:7d:bd:87:a5:cf:1a:79:
78:a6:36:12:89:57:31:55:e2:49:d0:5d:41:c3:be:29:22:a8:
ca:46:82:f7:d7:d8:a8:ed:bf:9a:6d:b3:f1:ca:cc:d7:7e:c9:
cc:e5:43:83:df:87:44:14:0c:16:43:63:bb:76:00:4b:a5:24:
fa:fc:88:0c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVP0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEy
MTU0MDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJERjREQjE0M0ExNjY1
QjI5MzgwODhGMDdFODhDRTdCM0NDRjRFOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMd8qlvz60nchH/EwUYvVe5+kEh96cMrSgmcpc9iD0h0LRfBId
YqazdPMiZq7eECNAgDasPxHA3txkW2No+VnCfj4vL3UPSPJPlgu3AJxWJgnRhR5+
jnx157aZXjAyfgkQ+d+9y+riI14yWvqLlFIa4BOwZIpspVhwJ5QRXGFIAH/yX4OZ
tEKgspwX0XYLDUEmx4SiSZG1RhKcEWemkl+S+YDWWpSsamlwr7HAWbSMEs5SpfrY
IMaD8q15Nt9hXOy3G9A2tREc7NeHnrFeIp3B+3Yd8AR6NhNRbhuerpBvmZCBZr4B
VNeVDoMlxD0x2olwXLoBOdDkwnhcfmmW052tAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUvfTbFDoWZbKTgIjwfojOezzPTo8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZmVGJGRG9XWmJLVGdJ
andmb2pPZXp6UFRvOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKJ9bNIMIa63yrLx
i5SvlmbC8E3Mo0ubOoxamsSQ4EujolZjlDWFfaU36Rj3dauLLBOV0Rrpr7OXtYj5
bUZ15FRzYJT9murya6+1uXbSoqy+GW4AYdkiIGMsSHP47azBQxdlWkTdOHsAQE1F
2Py9I8OTVm+LtWMIbVaH8wnpPhSEUvzxwKh2OvlCy0U3C1vhiMod05McZDPLPXVN
1353IV6Daynx+sktPxuKavmEMtaiQOoBe7ESkaqbwwY4kHlmfb2Hpc8aeXimNhKJ
VzFV4knQXUHDvikiqMpGgvfX2Kjtv5pts/HKzNd+yczlQ4Pfh0QUDBZDY7t2AEul
JPr8iAw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:53 2024 by rpki-client on console-fra.rpki-client.org