Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/yLwRFP8G_w0H3-4F1jNjWYdc6D0.roa
File: yLwRFP8G_w0H3-4F1jNjWYdc6D0.roa (raw, json)
Hash identifier: RJ2d03RImb8Vmcp05aIkDAoK9ZeQ1tAL773e427+hjg=
Subject key identifier: C8:BC:11:14:FF:06:FF:0D:07:DF:EE:05:D6:33:63:59:87:5C:E8:3D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 522D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yLwRFP8G_w0H3-4F1jNjWYdc6D0.roa
Signing time: Wed 08 May 2024 03:53:56 +0000
ROA not before: Wed 08 May 2024 03:53:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21037 (0x522d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 03:53:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C8BC1114FF06FF0D07DFEE05D6336359875CE83D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:40:ad:38:cf:34:1f:55:50:11:64:3f:8d:55:
69:db:93:79:ee:e2:a0:ba:69:e1:0f:98:a8:a6:70:
6d:bb:89:0b:ae:95:67:7d:dd:58:1a:01:c9:f8:af:
fe:8f:6f:f8:a0:ea:cf:c7:28:b8:ce:2b:86:eb:ac:
cd:08:2e:7e:3b:74:44:77:04:47:84:f9:a1:7c:52:
6c:fd:bf:20:55:fb:98:eb:5e:c9:fd:c3:b3:3f:65:
03:d5:8c:b9:ae:9c:f1:63:59:14:2d:33:d5:47:12:
fa:95:22:dd:66:4b:0c:d8:47:ba:f4:ff:af:38:2c:
9d:71:eb:fb:60:fe:8e:48:dc:cf:67:4a:a5:17:d8:
c5:25:8c:a9:31:49:9f:b0:16:3c:d1:12:24:42:36:
f0:50:86:1a:59:d0:69:a8:0e:0e:9c:cc:fb:16:ca:
50:43:0b:bf:27:03:b3:4d:ca:73:88:be:f5:3b:aa:
03:2f:83:0a:b1:94:10:82:57:e4:41:d6:f6:13:10:
cd:5e:f0:d2:95:e2:89:f2:b4:6f:24:a2:85:e2:ce:
cc:75:f3:51:2a:a1:0f:28:00:56:65:cf:d2:29:cf:
90:09:60:ff:c1:a0:cb:c7:d4:ab:71:46:7a:61:63:
c4:c6:76:3e:ea:aa:57:c4:30:d6:a1:10:a7:dc:29:
30:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:BC:11:14:FF:06:FF:0D:07:DF:EE:05:D6:33:63:59:87:5C:E8:3D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/yLwRFP8G_w0H3-4F1jNjWYdc6D0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
34:8e:ba:9e:1d:bd:63:08:f6:d0:4e:be:d3:54:85:ee:d3:91:
e7:cd:f5:ef:e9:7d:15:43:22:ab:2b:ca:ab:7b:b7:1d:8e:0a:
2e:2a:5b:19:be:41:16:10:74:e5:21:ff:f6:ad:ee:12:f1:fb:
61:ce:38:19:44:08:9c:26:fc:00:05:22:0d:cb:a9:2a:a1:3f:
18:82:da:4c:41:46:8f:f2:20:7f:08:0e:41:cd:af:64:35:67:
51:01:0b:a0:cf:52:61:be:53:21:11:35:b3:3d:4a:b3:5f:ca:
ce:8c:7f:dc:95:e1:38:23:f9:2c:7d:a6:ee:73:59:84:67:ba:
62:e1:04:9d:5e:a0:74:37:4c:83:a8:3c:11:f8:c8:17:11:28:
9b:79:11:6f:6b:df:6b:a2:f4:16:bf:c5:5d:d0:bf:c9:68:4b:
aa:68:b0:ac:c6:f2:33:69:d4:62:d1:bd:9f:32:6d:0b:c5:84:
dc:cf:c3:b7:13:8e:c3:ea:a3:92:2f:97:0f:7d:47:7b:2c:30:
c2:74:32:9b:5c:20:d4:23:0c:7d:88:3a:9d:06:c8:57:42:0d:
11:e0:b2:63:53:13:41:12:d5:da:ca:fa:13:ad:7e:90:17:7d:
d3:b7:73:c2:8d:84:01:22:2f:8d:a0:9a:15:b2:a6:d7:31:78:
c9:dd:6d:0e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUi0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgw
MzUzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM4QkMxMTE0RkYwNkZG
MEQwN0RGRUUwNUQ2MzM2MzU5ODc1Q0U4M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnQK04zzQfVVARZD+NVWnbk3nu4qC6aeEPmKimcG27iQuulWd9
3VgaAcn4r/6Pb/ig6s/HKLjOK4brrM0ILn47dER3BEeE+aF8Umz9vyBV+5jrXsn9
w7M/ZQPVjLmunPFjWRQtM9VHEvqVIt1mSwzYR7r0/684LJ1x6/tg/o5I3M9nSqUX
2MUljKkxSZ+wFjzREiRCNvBQhhpZ0GmoDg6czPsWylBDC78nA7NNynOIvvU7qgMv
gwqxlBCCV+RB1vYTEM1e8NKV4onytG8kooXizsx181EqoQ8oAFZlz9Ipz5AJYP/B
oMvH1KtxRnphY8TGdj7qqlfEMNahEKfcKTCxAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUyLwRFP8G/w0H3+4F1jNjWYdc6D0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3lMd1JGUDhHX3cwSDMt
NEYxak5qV1lkYzZEMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADSOup4dvWMI9tBO
vtNUhe7TkefN9e/pfRVDIqsryqt7tx2OCi4qWxm+QRYQdOUh//at7hLx+2HOOBlE
CJwm/AAFIg3LqSqhPxiC2kxBRo/yIH8IDkHNr2Q1Z1EBC6DPUmG+UyERNbM9SrNf
ys6Mf9yV4Tgj+Sx9pu5zWYRnumLhBJ1eoHQ3TIOoPBH4yBcRKJt5EW9r32ui9Ba/
xV3Qv8loS6posKzG8jNp1GLRvZ8ybQvFhNzPw7cTjsPqo5Ivlw99R3ssMMJ0Mptc
INQjDH2IOp0GyFdCDRHgsmNTE0ES1drK+hOtfpAXfdO3c8KNhAEiL42gmhWyptcx
eMndbQ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:56 2024 by rpki-client on console-fra.rpki-client.org