Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5KckuiRoEIk4BRB16GhJkxfULbU.roa
File: 5KckuiRoEIk4BRB16GhJkxfULbU.roa (raw, json)
Hash identifier: X2xF3KowAz/PsyP//XnTe3l33mQk0GImXsHBwZgqvlg=
Subject key identifier: E4:A7:24:BA:24:68:10:89:38:05:10:75:E8:68:49:93:17:D4:2D:B5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F1D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5KckuiRoEIk4BRB16GhJkxfULbU.roa
Signing time: Fri 12 Apr 2024 17:52:52 +0000
ROA not before: Fri 12 Apr 2024 17:52:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16157 (0x3f1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 17:52:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E4A724BA2468108938051075E868499317D42DB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1c:a6:9e:41:e9:fc:4b:de:89:78:28:c2:3d:
e4:48:46:28:4f:3e:c1:b0:eb:11:f8:92:8e:bd:7f:
e5:31:28:1b:e1:fd:f4:8c:e6:33:31:c9:b2:23:3e:
08:89:3c:e5:2d:cb:46:2f:3e:6e:67:0d:04:18:bc:
ee:d2:a1:5b:21:4b:c9:a2:c2:a5:5f:d9:f6:dd:9f:
07:d3:0c:cf:b5:9b:95:53:76:ca:01:2a:be:f6:55:
3c:b7:55:7b:53:d9:16:d0:b3:ae:ce:c1:9f:79:31:
2e:59:14:5c:5e:81:65:4f:f6:b9:25:50:06:d6:f0:
fe:6b:39:f1:11:c8:41:a0:5a:fc:9f:b3:93:1a:e6:
a8:7f:a5:2b:bd:3f:56:47:ef:48:a7:d5:f6:49:5e:
b4:82:0a:51:ce:6a:3f:7d:60:75:f2:20:20:4e:5e:
6b:c6:d7:7a:20:bb:bf:66:8a:f9:5c:fe:e2:65:e3:
b0:40:e6:8a:ed:3a:c9:9b:5b:ba:55:1b:7b:e8:41:
03:cb:8d:68:5f:b3:c1:66:0b:bb:dc:c6:b0:09:b3:
c3:85:60:97:02:db:e3:cb:3b:55:d2:6a:06:58:f5:
3a:0e:ed:dd:48:0b:52:1c:72:94:44:f4:b4:30:19:
35:26:c1:2c:17:4a:c6:c7:82:df:ac:06:59:21:29:
03:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:A7:24:BA:24:68:10:89:38:05:10:75:E8:68:49:93:17:D4:2D:B5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5KckuiRoEIk4BRB16GhJkxfULbU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:7e:d4:ac:9d:ee:10:69:03:11:1f:4d:e8:77:b4:52:f1:6f:
f5:cb:5f:59:a0:49:3b:3f:ee:c7:2a:b3:34:dd:fe:e3:9b:5d:
38:0d:39:ab:39:40:bf:05:1c:7a:70:0c:9c:31:ce:f6:28:1a:
e7:8f:de:f0:7f:70:1e:70:ee:75:bc:9c:ef:85:51:35:d4:f2:
15:6a:90:d4:b3:b7:21:70:8b:53:99:2b:d2:07:a7:4f:95:cd:
6e:bf:a3:8e:ac:8c:70:f2:de:e7:ed:c0:6e:77:11:6f:26:07:
06:a5:44:db:ec:ff:89:07:d8:5d:ac:be:11:c5:3a:dc:95:21:
a0:17:b9:52:f0:b2:b4:56:47:9a:54:f1:67:ba:81:45:1b:3a:
56:37:a9:e1:17:85:79:a2:e7:4c:68:cd:4c:bf:ed:fc:2e:b5:
35:32:f3:38:a5:fc:f4:b3:9e:e0:b4:fb:e8:19:1b:05:e0:e8:
5d:be:47:f6:2c:c5:08:6f:66:ec:ff:2d:cf:43:48:ed:a1:8e:
b6:1c:e8:77:2e:f7:22:83:33:26:df:83:a0:46:0b:99:73:ef:
5b:f0:8e:2c:aa:b0:f0:39:11:bc:1a:09:d1:03:94:cf:89:4f:
70:f8:94:aa:b6:54:73:04:82:7f:4b:bb:fc:d8:d9:e9:ef:37:
84:9b:96:e3
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPx0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIx
NzUyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU0QTcyNEJBMjQ2ODEw
ODkzODA1MTA3NUU4Njg0OTkzMTdENDJEQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTHKaeQen8S96JeCjCPeRIRihPPsGw6xH4ko69f+UxKBvh/fSM
5jMxybIjPgiJPOUty0YvPm5nDQQYvO7SoVshS8miwqVf2fbdnwfTDM+1m5VTdsoB
Kr72VTy3VXtT2RbQs67OwZ95MS5ZFFxegWVP9rklUAbW8P5rOfERyEGgWvyfs5Ma
5qh/pSu9P1ZH70in1fZJXrSCClHOaj99YHXyICBOXmvG13ogu79mivlc/uJl47BA
5ortOsmbW7pVG3voQQPLjWhfs8FmC7vcxrAJs8OFYJcC2+PLO1XSagZY9ToO7d1I
C1IccpRE9LQwGTUmwSwXSsbHgt+sBlkhKQPFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU5KckuiRoEIk4BRB16GhJkxfULbUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzVLY2t1aVJvRUlrNEJS
QjE2R2hKa3hmVUxiVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJp+1Kyd7hBpAxEf
Teh3tFLxb/XLX1mgSTs/7scqszTd/uObXTgNOas5QL8FHHpwDJwxzvYoGueP3vB/
cB5w7nW8nO+FUTXU8hVqkNSztyFwi1OZK9IHp0+VzW6/o46sjHDy3uftwG53EW8m
BwalRNvs/4kH2F2svhHFOtyVIaAXuVLwsrRWR5pU8We6gUUbOlY3qeEXhXmi50xo
zUy/7fwutTUy8zil/PSznuC0++gZGwXg6F2+R/YsxQhvZuz/Lc9DSO2hjrYc6Hcu
9yKDMybfg6BGC5lz71vwjiyqsPA5EbwaCdEDlM+JT3D4lKq2VHMEgn9Lu/zY2env
N4SbluM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:46 2025 by rpki-client