Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/mvP71bb9pE1BF7N__8Ez_g6IwLk.roa
File: mvP71bb9pE1BF7N__8Ez_g6IwLk.roa (raw, json)
Hash identifier: VNZlX9UzzPO+VyEpyaHqhK/6E0EEii7UeE1mxPeCBCc=
Subject key identifier: 9A:F3:FB:D5:B6:FD:A4:4D:41:17:B3:7F:FF:C1:33:FE:0E:88:C0:B9
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 0CD7
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/mvP71bb9pE1BF7N__8Ez_g6IwLk.roa
Signing time: Wed 13 Mar 2024 01:21:56 +0000
ROA not before: Wed 13 Mar 2024 01:21:56 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 17621
IP address blocks: 43.254.152.0/24 maxlen: 24
103.5.192.0/22 maxlen: 24
103.24.116.0/24 maxlen: 24
103.24.118.0/23 maxlen: 24
150.242.238.0/23 maxlen: 24
202.89.96.0/24 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3287 (0xcd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Mar 13 01:21:56 2024 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=9AF3FBD5B6FDA44D4117B37FFFC133FE0E88C0B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:18:eb:cd:e3:b3:75:e5:63:61:52:85:c5:03:
2e:f1:8f:cf:be:99:82:3f:4a:36:69:16:1e:3d:ad:
99:8d:88:59:e3:e7:b9:f1:92:86:89:4d:95:f3:5b:
b1:08:38:3d:3a:30:4d:2b:f3:59:31:14:4a:30:c9:
63:e9:4f:08:66:01:72:78:ff:8a:2f:59:70:bf:c1:
d1:38:f5:1a:87:84:64:62:43:92:1c:ae:cb:09:e9:
0d:d0:e2:59:c2:f4:0c:d6:fd:22:07:8d:45:9f:23:
88:b3:88:aa:c2:59:72:63:6d:66:6d:65:7a:1f:57:
d7:63:22:ea:bf:22:f1:37:1e:cb:1d:67:1a:05:45:
67:60:4b:7d:1b:e5:ad:10:d5:df:5d:c8:73:95:98:
30:8a:95:ef:bc:6f:9a:3e:69:37:f9:99:a7:93:b6:
31:4e:c6:7a:aa:60:11:86:aa:08:4e:4d:b5:bd:4b:
55:b0:22:5c:32:3c:30:b6:ae:d9:5e:65:30:f3:35:
07:68:3f:5f:67:f7:e8:af:eb:6e:e4:81:3f:27:17:
f0:3a:e0:4a:7c:10:84:00:1c:82:5e:11:0f:62:37:
29:b5:49:24:5e:82:f9:31:e4:d7:8a:b4:4e:a3:e2:
58:e4:8c:c0:e7:4e:07:d4:b7:84:31:06:bc:bd:b4:
c9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F3:FB:D5:B6:FD:A4:4D:41:17:B3:7F:FF:C1:33:FE:0E:88:C0:B9
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/mvP71bb9pE1BF7N__8Ez_g6IwLk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/24
103.5.192.0/22
103.24.116.0/24
103.24.118.0/23
150.242.238.0/23
202.89.96.0/24
Signature Algorithm: sha256WithRSAEncryption
46:8a:04:43:e6:4c:18:80:cd:d9:d0:12:65:52:71:44:cb:9a:
9b:4e:61:32:ae:4f:f7:ad:22:81:26:ee:f9:77:d3:94:19:c5:
34:75:14:73:db:37:35:7f:09:fd:03:d4:c6:34:90:b7:ee:19:
d4:56:06:6b:a8:5f:b8:d3:74:2a:4a:81:70:40:34:4a:62:66:
ce:cf:af:ca:99:38:e5:cb:61:e6:4d:95:86:c6:4a:ea:be:b1:
a2:b4:e2:83:c3:be:c7:e0:69:00:46:25:6b:e7:4f:76:26:c0:
2c:0e:48:1b:d9:92:2e:49:7e:c1:58:c4:f9:a6:e7:61:83:d9:
b4:15:11:4e:2a:06:e0:46:63:ca:10:97:9a:45:9a:9e:36:aa:
00:fe:bc:df:80:ee:48:95:01:c7:a2:28:07:92:db:d7:3b:6d:
58:49:6e:d6:6f:b6:cc:7f:1c:42:e1:4d:ab:b2:c2:aa:3b:ed:
5d:a9:f2:b9:e0:32:40:8e:00:16:52:21:3b:74:d2:9b:9c:b9:
90:b4:47:22:6b:70:f7:fb:2f:d3:2b:0d:4e:64:b6:46:b6:43:
32:16:42:af:28:66:eb:1b:74:61:c9:86:b6:fb:a2:95:13:3d:
ad:ca:6d:e1:1e:d1:ff:22:84:9a:3c:57:1c:ed:63:ac:50:2f:
0a:f0:88:7b
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgICDNcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDAzMTMw
MTIxNTZaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDlBRjNGQkQ1QjZGREE0
NEQ0MTE3QjM3RkZGQzEzM0ZFMEU4OEMwQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkGOvN47N15WNhUoXFAy7xj8++mYI/SjZpFh49rZmNiFnj57nx
koaJTZXzW7EIOD06ME0r81kxFEowyWPpTwhmAXJ4/4ovWXC/wdE49RqHhGRiQ5Ic
rssJ6Q3Q4lnC9AzW/SIHjUWfI4iziKrCWXJjbWZtZXofV9djIuq/IvE3HssdZxoF
RWdgS30b5a0Q1d9dyHOVmDCKle+8b5o+aTf5maeTtjFOxnqqYBGGqghOTbW9S1Ww
IlwyPDC2rtleZTDzNQdoP19n9+iv627kgT8nF/A64Ep8EIQAHIJeEQ9iNym1SSRe
gvkx5NeKtE6j4ljkjMDnTgfUt4QxBry9tMm7AgMBAAGjggIPMIICCzAdBgNVHQ4E
FgQUmvP71bb9pE1BF7N//8Ez/g6IwLkwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L212UDcxYmI5cEUxQkY3
Tl9fOEV6X2c2SXdMay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQD
BAAr/pgDBAJnBcADBABnGHQDBAFnGHYDBAGW8u4DBADKWWAwDQYJKoZIhvcNAQEL
BQADggEBAEaKBEPmTBiAzdnQEmVScUTLmptOYTKuT/etIoEm7vl305QZxTR1FHPb
NzV/Cf0D1MY0kLfuGdRWBmuoX7jTdCpKgXBANEpiZs7Pr8qZOOXLYeZNlYbGSuq+
saK04oPDvsfgaQBGJWvnT3YmwCwOSBvZki5JfsFYxPmm52GD2bQVEU4qBuBGY8oQ
l5pFmp42qgD+vN+A7kiVAceiKAeS29c7bVhJbtZvtsx/HELhTauywqo77V2p8rng
MkCOABZSITt00pucuZC0RyJrcPf7L9MrDU5ktka2QzIWQq8oZusbdGHJhrb7opUT
Pa3KbeEe0f8ihJo8VxztY6xQLwrwiHs=
-----END CERTIFICATE-----
Generated at Fri Jun 7 04:05:12 2024 by rpki-client on console-ams.rpki-client.org