Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/z6uegQmsyrgdgAWUO7oyZikzfpE.roa
File: z6uegQmsyrgdgAWUO7oyZikzfpE.roa (raw, json)
Hash identifier: ttcz4dZPF0xsjyMjsVOGvw5qqeYGZqmgjzBSfiupHbk=
Subject key identifier: CF:AB:9E:81:09:AC:CA:B8:1D:80:05:94:3B:BA:32:66:29:33:7E:91
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5085
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/z6uegQmsyrgdgAWUO7oyZikzfpE.roa
Signing time: Sun 05 May 2024 22:53:49 +0000
ROA not before: Sun 05 May 2024 22:53:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20613 (0x5085)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 22:53:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CFAB9E8109ACCAB81D8005943BBA326629337E91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:06:b2:1b:6e:b5:eb:1b:9e:46:6e:f9:75:40:
58:df:95:40:de:45:0f:59:1a:ac:c3:b3:b7:bf:49:
67:c8:f9:21:c2:48:0c:a9:19:ba:32:fc:db:18:23:
55:3d:49:c8:a9:a3:2c:4b:5b:fe:03:e0:78:09:72:
34:58:b5:b2:2f:98:46:ff:4d:d2:69:74:d4:ed:a7:
26:5d:75:ac:ea:2d:a1:86:4c:7d:66:ff:30:25:e3:
a5:6e:59:d4:5e:12:37:1e:d9:3e:a6:fc:96:12:a7:
0b:ef:d8:88:17:1a:b5:57:ab:c0:c2:a2:4c:d1:ce:
46:a1:17:61:57:0e:b7:6a:9a:48:be:eb:1e:9e:ee:
31:b8:48:9b:31:79:d6:79:c3:03:b0:95:3b:00:da:
f8:e4:d8:c3:53:8d:d3:9c:d3:24:45:5e:cf:98:b0:
d2:34:e8:21:48:b5:73:38:90:ec:69:48:4f:0a:bc:
71:77:46:f2:c4:38:95:bf:29:3f:2d:40:b3:c0:0a:
18:f7:77:bb:c8:63:9d:f1:9e:ef:8e:96:a8:ad:7b:
9f:a7:c2:95:e4:dc:c4:4b:85:b9:66:cc:97:98:b5:
f1:5c:20:a1:4f:25:43:7c:32:c9:38:e9:2d:a4:de:
90:d7:22:31:7c:e7:63:d2:87:66:4f:29:0b:11:50:
9a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:AB:9E:81:09:AC:CA:B8:1D:80:05:94:3B:BA:32:66:29:33:7E:91
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/z6uegQmsyrgdgAWUO7oyZikzfpE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3a:fa:87:f7:61:af:16:bf:b7:c1:8d:b4:00:d9:4d:53:f5:67:
b3:9b:78:99:ad:06:6e:ae:3f:91:4d:99:01:6c:2e:f5:71:b6:
d1:e6:f9:dc:93:2a:42:78:29:ce:91:9a:b0:c8:65:7c:80:85:
25:77:77:f7:4f:09:3a:1b:ab:ad:50:05:03:e2:9f:38:aa:09:
f5:dc:46:2f:56:c2:d3:01:d3:4e:f8:d5:b5:32:5a:81:c6:3a:
8a:e8:4b:64:c8:6a:e7:45:c9:3a:ef:f2:fb:3d:e4:d2:d0:a4:
a9:c6:d6:7a:37:50:54:b4:3e:c2:93:38:d8:23:67:06:6a:3a:
fd:17:15:10:de:7e:2d:bb:ae:a7:b7:b3:dd:ac:4a:5b:40:50:
ed:f8:ca:71:ec:6d:22:6a:3a:43:5b:a6:dd:e2:b3:89:c3:67:
17:4c:21:4a:5d:6e:2a:d2:7f:c4:0b:53:c9:45:0b:1e:41:2d:
e5:38:3a:5c:6d:58:93:2b:39:aa:d6:3a:79:10:5d:b4:5f:4e:
9c:82:69:47:4c:4f:5c:0c:26:af:db:6d:88:c7:66:c6:4e:82:
11:cf:ab:8b:64:c8:a9:f4:b4:5c:74:7f:d7:2d:d7:d3:19:e1:
33:6a:50:ff:02:5d:4d:f2:f4:9f:f8:32:25:df:38:5a:54:b6:
77:30:59:f1
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUIUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUy
MjUzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENGQUI5RTgxMDlBQ0NB
QjgxRDgwMDU5NDNCQkEzMjY2MjkzMzdFOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpBrIbbrXrG55Gbvl1QFjflUDeRQ9ZGqzDs7e/SWfI+SHCSAyp
Gboy/NsYI1U9ScipoyxLW/4D4HgJcjRYtbIvmEb/TdJpdNTtpyZddazqLaGGTH1m
/zAl46VuWdReEjce2T6m/JYSpwvv2IgXGrVXq8DCokzRzkahF2FXDrdqmki+6x6e
7jG4SJsxedZ5wwOwlTsA2vjk2MNTjdOc0yRFXs+YsNI06CFItXM4kOxpSE8KvHF3
RvLEOJW/KT8tQLPAChj3d7vIY53xnu+Olqite5+nwpXk3MRLhblmzJeYtfFcIKFP
JUN8Msk46S2k3pDXIjF852PSh2ZPKQsRUJopAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUz6uegQmsyrgdgAWUO7oyZikzfpEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3o2dWVnUW1zeXJnZGdB
V1VPN295WmlremZwRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADr6h/dhrxa/t8GN
tADZTVP1Z7ObeJmtBm6uP5FNmQFsLvVxttHm+dyTKkJ4Kc6RmrDIZXyAhSV3d/dP
CTobq61QBQPinziqCfXcRi9WwtMB00741bUyWoHGOoroS2TIaudFyTrv8vs95NLQ
pKnG1no3UFS0PsKTONgjZwZqOv0XFRDefi27rqe3s92sSltAUO34ynHsbSJqOkNb
pt3is4nDZxdMIUpdbirSf8QLU8lFCx5BLeU4OlxtWJMrOarWOnkQXbRfTpyCaUdM
T1wMJq/bbYjHZsZOghHPq4tkyKn0tFx0f9ct19MZ4TNqUP8CXU3y9J/4MiXfOFpU
tncwWfE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:56 2024 by rpki-client on console-fra.rpki-client.org