Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5Id4j0KDQqPIhSeRMbrcilNaEPo.roa
File: 5Id4j0KDQqPIhSeRMbrcilNaEPo.roa (raw, json)
Hash identifier: pej9Xxby5H94iQ6DcpXvYWMDJ1DQgmlOaj8guZtUdWw=
Subject key identifier: E4:87:78:8F:42:83:42:A3:C8:85:27:91:31:BA:DC:8A:53:5A:10:FA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53B1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5Id4j0KDQqPIhSeRMbrcilNaEPo.roa
Signing time: Fri 10 May 2024 04:24:00 +0000
ROA not before: Fri 10 May 2024 04:24:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21425 (0x53b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 04:24:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E487788F428342A3C885279131BADC8A535A10FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b0:25:07:55:d2:20:88:86:b8:f4:8e:74:3b:
67:14:93:19:a9:e5:f9:6d:16:2f:a0:0f:87:be:44:
15:62:bf:cd:40:7f:fd:9e:88:31:5f:06:81:66:c6:
a6:6a:51:61:f4:84:75:00:9b:24:24:78:e5:9e:b7:
15:ee:4f:57:84:a7:b4:28:b4:ef:70:66:bc:e9:02:
f6:b1:8b:00:89:9a:35:9f:9e:ec:df:ec:7f:5a:cb:
db:df:2a:3b:1d:30:fd:92:b5:d6:5f:0f:bb:64:37:
e7:c4:90:12:09:72:57:cd:b8:26:e5:5d:ce:e1:61:
6c:d7:de:2f:43:c9:e7:4c:8f:88:44:90:c9:c4:c9:
a2:a0:5c:c3:41:c1:3a:d4:6d:a1:78:0e:22:15:06:
59:ff:39:95:9e:f2:a7:ed:a7:89:44:09:96:a9:40:
56:57:db:a7:7f:4a:6b:7e:bd:63:43:0d:05:00:de:
c9:91:de:00:0e:63:0b:49:d9:37:06:97:51:6b:4b:
fe:ec:8a:e7:56:8c:d5:67:dd:74:a7:d7:97:99:1c:
ca:73:90:e7:1b:bb:d3:9a:0f:04:34:a8:69:83:ed:
c1:f1:cc:5a:49:e7:58:c4:0e:3c:b2:6b:5a:32:3f:
ab:db:02:84:af:f5:7f:3d:7d:50:ff:c2:2f:07:19:
8c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:87:78:8F:42:83:42:A3:C8:85:27:91:31:BA:DC:8A:53:5A:10:FA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5Id4j0KDQqPIhSeRMbrcilNaEPo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
1d:4a:c5:91:ff:8a:57:b8:d3:75:e1:6d:c0:a0:12:a6:64:62:
93:fd:45:5f:86:2f:e7:ef:fa:14:54:2e:9e:ca:32:db:97:0d:
01:cf:4d:5a:da:34:4b:20:37:45:64:22:e9:39:9f:13:ae:c6:
69:bc:69:ff:f6:c7:e1:7c:7f:7b:92:50:a5:58:45:9c:a0:9d:
fd:42:58:63:56:bd:08:33:21:ad:af:0c:90:dc:ac:28:bc:ff:
a5:bd:a9:35:1e:ca:44:b8:fa:cd:e9:51:a0:85:dc:88:67:45:
2a:b4:f9:3f:7d:a3:9a:48:f2:47:85:4c:b7:61:fb:8e:f9:d6:
b7:2d:6a:c2:03:c3:bb:28:c0:99:3c:76:20:ee:0a:7d:34:2f:
26:ff:13:a6:38:8c:95:c2:41:65:48:b4:0a:45:7c:14:33:68:
32:0f:ab:d1:a9:9a:f9:35:f3:57:60:1b:09:4d:10:95:6a:5c:
b6:ec:47:81:5c:bd:38:6b:9d:c3:a0:b4:62:55:eb:bc:2c:7e:
6e:a2:44:61:3e:74:84:4e:eb:30:f4:7d:4b:91:87:e0:cc:9a:
6a:13:83:77:e6:cb:3f:0a:cd:c8:e7:7c:03:b9:11:52:32:c6:
d0:0b:08:6f:d1:48:b2:13:9a:ad:28:e6:46:9b:84:9e:59:2d:
15:65:fb:7e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICU7EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
NDI0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU0ODc3ODhGNDI4MzQy
QTNDODg1Mjc5MTMxQkFEQzhBNTM1QTEwRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSsCUHVdIgiIa49I50O2cUkxmp5fltFi+gD4e+RBViv81Af/2e
iDFfBoFmxqZqUWH0hHUAmyQkeOWetxXuT1eEp7QotO9wZrzpAvaxiwCJmjWfnuzf
7H9ay9vfKjsdMP2StdZfD7tkN+fEkBIJclfNuCblXc7hYWzX3i9DyedMj4hEkMnE
yaKgXMNBwTrUbaF4DiIVBln/OZWe8qftp4lECZapQFZX26d/Smt+vWNDDQUA3smR
3gAOYwtJ2TcGl1FrS/7siudWjNVn3XSn15eZHMpzkOcbu9OaDwQ0qGmD7cHxzFpJ
51jEDjyya1oyP6vbAoSv9X89fVD/wi8HGYzpAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU5Id4j0KDQqPIhSeRMbrcilNaEPowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzVJZDRqMEtEUXFQSWhT
ZVJNYnJjaWxOYUVQby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAB1KxZH/ile403Xh
bcCgEqZkYpP9RV+GL+fv+hRULp7KMtuXDQHPTVraNEsgN0VkIuk5nxOuxmm8af/2
x+F8f3uSUKVYRZygnf1CWGNWvQgzIa2vDJDcrCi8/6W9qTUeykS4+s3pUaCF3Ihn
RSq0+T99o5pI8keFTLdh+4751rctasIDw7sowJk8diDuCn00Lyb/E6Y4jJXCQWVI
tApFfBQzaDIPq9Gpmvk181dgGwlNEJVqXLbsR4FcvThrncOgtGJV67wsfm6iRGE+
dIRO6zD0fUuRh+DMmmoTg3fmyz8KzcjnfAO5EVIyxtALCG/RSLITmq0o5kabhJ5Z
LRVl+34=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:06 2024 by rpki-client on console-fra.rpki-client.org