Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-nEzJsPpcSK2g6MIRpziH4lr0-k.roa
File: -nEzJsPpcSK2g6MIRpziH4lr0-k.roa (raw, json)
Hash identifier: cuFwLWymMn9C15mbOSBUOdQ/L1sIuRr295RsG5vvKBU=
Subject key identifier: FA:71:33:26:C3:E9:71:22:B6:83:A3:08:46:9C:E2:1F:89:6B:D3:E9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5741
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-nEzJsPpcSK2g6MIRpziH4lr0-k.roa
Signing time: Tue 14 May 2024 22:24:34 +0000
ROA not before: Tue 14 May 2024 22:24:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22337 (0x5741)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 22:24:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FA713326C3E97122B683A308469CE21F896BD3E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:84:8a:6f:79:77:b9:25:06:72:13:c1:1e:9d:
3c:3b:7e:0b:78:ab:2e:ab:19:e6:c9:53:bc:28:be:
15:f0:f9:e2:f9:4e:80:52:59:9c:3a:6d:62:bd:db:
21:f8:9d:da:a5:49:8f:5c:8f:bb:74:56:33:00:ac:
20:a1:de:a3:91:96:7a:e3:f5:5b:f4:33:d8:90:47:
30:9a:aa:ab:3a:5b:ec:02:c0:72:c1:e2:2a:26:4b:
89:a8:90:97:8b:15:8f:6d:d7:cb:3e:fa:86:de:5b:
a1:9c:50:f9:b3:18:dd:71:a9:8e:9f:94:ed:df:c7:
f4:78:2e:40:f4:63:41:41:43:33:4e:b9:dc:43:c1:
55:70:c5:ea:e1:e4:3e:69:29:b8:bc:66:96:54:88:
6c:c7:c8:14:f2:37:52:24:f2:a8:0f:95:d9:7e:a8:
6f:ba:be:14:cb:c2:c6:49:71:5e:bb:d8:f1:61:27:
68:42:be:25:7c:88:04:bb:89:21:a6:c1:8a:b8:40:
a3:d0:6b:ce:40:74:69:61:31:28:fc:bc:4b:b5:48:
68:99:76:88:42:d8:e4:f0:6c:2d:5d:81:a5:41:af:
ab:5c:91:ae:48:b6:a9:2f:ce:e3:2f:89:b4:6f:b6:
ad:51:8d:7f:83:50:49:46:97:4b:10:89:ea:56:c4:
e5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:71:33:26:C3:E9:71:22:B6:83:A3:08:46:9C:E2:1F:89:6B:D3:E9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-nEzJsPpcSK2g6MIRpziH4lr0-k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
72:97:21:69:2b:46:ab:80:23:97:ee:ff:5e:23:d7:67:63:49:
ab:84:4f:61:c3:03:b4:b3:12:17:bb:7e:06:20:f0:c7:88:f3:
2c:88:56:76:75:c7:cc:9a:15:3d:9c:4c:d9:43:3f:1b:1e:b4:
f0:ed:77:a7:b8:7f:f6:7f:9c:f5:26:f4:b3:bf:d2:c9:ae:95:
77:1b:a5:8d:c2:c4:ca:df:e1:ba:3b:c1:48:9d:e3:c4:8a:2e:
e7:c7:5d:e7:c0:f4:d4:df:26:35:15:58:b8:53:ec:d2:0d:07:
98:95:13:6e:de:78:25:61:4b:e2:81:67:f5:a1:8a:77:c3:99:
79:bb:9d:9b:c7:3a:50:73:0c:45:26:e2:69:0e:3f:db:9e:1f:
98:2f:bc:cb:fc:2c:be:c6:f8:50:11:cd:4e:8d:dc:b2:e0:8a:
87:09:df:5d:e8:c7:d8:e6:b6:b3:7e:89:5b:ec:cd:5f:0c:af:
1e:3d:83:12:1c:04:73:d7:82:48:4e:12:ea:59:3a:93:fe:ce:
7c:6a:01:07:42:66:f2:6c:51:f4:6d:e5:54:e0:69:53:02:93:
fb:0f:4d:68:59:ea:63:3d:43:a6:c6:6f:c6:d0:67:98:ef:83:
5d:eb:c8:13:d1:2d:a3:29:51:84:92:51:ec:2a:68:3d:f8:fa:
02:60:a3:49
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICV0EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQy
MjI0MzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZBNzEzMzI2QzNFOTcx
MjJCNjgzQTMwODQ2OUNFMjFGODk2QkQzRTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3hIpveXe5JQZyE8EenTw7fgt4qy6rGebJU7wovhXw+eL5ToBS
WZw6bWK92yH4ndqlSY9cj7t0VjMArCCh3qORlnrj9Vv0M9iQRzCaqqs6W+wCwHLB
4iomS4mokJeLFY9t18s++obeW6GcUPmzGN1xqY6flO3fx/R4LkD0Y0FBQzNOudxD
wVVwxerh5D5pKbi8ZpZUiGzHyBTyN1Ik8qgPldl+qG+6vhTLwsZJcV672PFhJ2hC
viV8iAS7iSGmwYq4QKPQa85AdGlhMSj8vEu1SGiZdohC2OTwbC1dgaVBr6tcka5I
tqkvzuMvibRvtq1RjX+DUElGl0sQiepWxOU3AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU+nEzJsPpcSK2g6MIRpziH4lr0+kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly1uRXpKc1BwY1NLMmc2
TUlScHppSDRscjAtay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHKXIWkrRquAI5fu
/14j12djSauET2HDA7SzEhe7fgYg8MeI8yyIVnZ1x8yaFT2cTNlDPxsetPDtd6e4
f/Z/nPUm9LO/0smulXcbpY3CxMrf4bo7wUid48SKLufHXefA9NTfJjUVWLhT7NIN
B5iVE27eeCVhS+KBZ/WhinfDmXm7nZvHOlBzDEUm4mkOP9ueH5gvvMv8LL7G+FAR
zU6N3LLgiocJ313ox9jmtrN+iVvszV8Mrx49gxIcBHPXgkhOEupZOpP+znxqAQdC
ZvJsUfRt5VTgaVMCk/sPTWhZ6mM9Q6bGb8bQZ5jvg13ryBPRLaMpUYSSUewqaD34
+gJgo0k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:01 2024 by rpki-client on console-fra.rpki-client.org