Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5NAUXmUmnFqmTfqiJnMiyAGYLRM.roa
File: 5NAUXmUmnFqmTfqiJnMiyAGYLRM.roa (raw, json)
Hash identifier: DBTfcq8hS3wy5yZYafEtMOJc1YQiY1tBRH9GXIxq/J8=
Subject key identifier: E4:D0:14:5E:65:26:9C:5A:A6:4D:FA:A2:26:73:22:C8:01:98:2D:13
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5755
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5NAUXmUmnFqmTfqiJnMiyAGYLRM.roa
Signing time: Wed 15 May 2024 00:54:10 +0000
ROA not before: Wed 15 May 2024 00:54:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22357 (0x5755)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 00:54:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E4D0145E65269C5AA64DFAA2267322C801982D13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:27:cc:07:78:5a:dd:e2:f5:24:5e:1f:06:73:
83:53:37:44:c7:58:96:a6:91:67:d5:73:97:5b:01:
83:04:d0:4f:8f:7e:dc:28:cb:79:1b:1f:12:06:0a:
48:75:7d:4e:6a:40:12:c1:05:33:e4:ec:01:56:61:
a7:82:c3:c4:58:02:d4:19:ae:1d:0c:e3:1c:38:5f:
3e:56:ab:9f:bd:f2:73:ce:7e:65:d1:91:f9:8d:99:
47:60:29:ff:85:c7:cf:88:d5:9c:68:cb:65:35:12:
3b:6a:d3:8e:af:8e:73:2c:2a:29:2a:c0:28:47:d0:
e0:20:fe:01:46:18:19:61:a1:39:8b:20:5d:fc:af:
7e:0e:8f:e9:e4:a6:a4:e7:2d:da:6d:6c:df:63:6c:
7f:1e:5d:8b:b4:b6:58:fb:6b:49:b9:71:2a:89:f2:
81:b9:10:97:7c:cf:bf:78:b8:58:22:8c:cb:10:68:
05:06:0c:6a:df:83:d5:28:d6:df:ba:41:a8:da:3e:
fa:0c:01:67:30:c0:41:d2:c7:51:95:2b:9d:6c:57:
58:84:10:37:d5:f8:28:e6:c0:94:a2:a1:71:cf:ad:
9e:db:3b:25:22:80:bd:52:cd:17:ea:c4:43:a8:02:
7e:3a:64:61:61:73:9a:07:1d:6c:5f:7f:d1:2f:69:
c1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D0:14:5E:65:26:9C:5A:A6:4D:FA:A2:26:73:22:C8:01:98:2D:13
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5NAUXmUmnFqmTfqiJnMiyAGYLRM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b7:b7:e4:95:a7:9a:b3:6e:4d:01:8a:eb:d1:97:e1:7e:e5:4d:
0e:6e:2b:73:00:5f:19:b0:1c:28:e8:cc:74:63:66:57:fd:61:
5f:58:7d:05:9c:4c:46:ac:5c:d8:f3:30:79:26:b0:22:06:9b:
e1:19:e7:25:51:20:dd:5a:78:52:15:fa:9f:10:33:7d:17:0c:
97:95:3e:66:63:31:f8:d5:5d:bc:d2:b1:40:48:73:7b:1a:28:
c1:ea:75:99:0f:bd:1c:b1:08:09:63:54:f5:96:68:cb:43:20:
d6:38:71:7f:b8:1e:57:4a:8b:52:42:d2:87:81:cb:4b:9a:3c:
db:80:ac:b3:b5:d8:ec:ca:d9:53:7f:0c:7a:f4:1e:85:44:9c:
63:55:20:74:f8:8e:df:56:1a:63:1d:2e:d7:56:69:a7:51:5c:
c0:66:fc:8a:51:38:9c:48:80:98:2d:e6:df:40:36:df:79:e5:
99:30:1c:23:2f:9f:1a:c0:17:02:37:97:f4:60:9d:d0:9b:4e:
a0:a7:dd:35:53:13:82:07:d0:8c:86:88:cc:1c:d3:e8:7a:e0:
4d:ea:2b:bd:9f:dd:04:f4:7c:73:72:11:1b:54:85:c7:cf:55:
0c:cf:e0:0f:51:0e:85:4e:ac:c0:4e:7c:49:7b:ec:eb:2a:69:
21:83:cc:1f
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICV1UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUw
MDU0MTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU0RDAxNDVFNjUyNjlD
NUFBNjRERkFBMjI2NzMyMkM4MDE5ODJEMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsJ8wHeFrd4vUkXh8Gc4NTN0THWJamkWfVc5dbAYME0E+Pftwo
y3kbHxIGCkh1fU5qQBLBBTPk7AFWYaeCw8RYAtQZrh0M4xw4Xz5Wq5+98nPOfmXR
kfmNmUdgKf+Fx8+I1Zxoy2U1Ejtq046vjnMsKikqwChH0OAg/gFGGBlhoTmLIF38
r34Oj+nkpqTnLdptbN9jbH8eXYu0tlj7a0m5cSqJ8oG5EJd8z794uFgijMsQaAUG
DGrfg9Uo1t+6QajaPvoMAWcwwEHSx1GVK51sV1iEEDfV+CjmwJSioXHPrZ7bOyUi
gL1SzRfqxEOoAn46ZGFhc5oHHWxff9EvacHLAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU5NAUXmUmnFqmTfqiJnMiyAGYLRMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzVOQVVYbVVtbkZxbVRm
cWlKbk1peUFHWUxSTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALe35JWnmrNuTQGK
69GX4X7lTQ5uK3MAXxmwHCjozHRjZlf9YV9YfQWcTEasXNjzMHkmsCIGm+EZ5yVR
IN1aeFIV+p8QM30XDJeVPmZjMfjVXbzSsUBIc3saKMHqdZkPvRyxCAljVPWWaMtD
INY4cX+4HldKi1JC0oeBy0uaPNuArLO12OzK2VN/DHr0HoVEnGNVIHT4jt9WGmMd
LtdWaadRXMBm/IpROJxIgJgt5t9ANt955ZkwHCMvnxrAFwI3l/RgndCbTqCn3TVT
E4IH0IyGiMwc0+h64E3qK72f3QT0fHNyERtUhcfPVQzP4A9RDoVOrMBOfEl77Osq
aSGDzB8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:34 2025 by rpki-client