Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/5T9XuhdtEYACvHA33aOcLYiZlUM.roa
File: 5T9XuhdtEYACvHA33aOcLYiZlUM.roa (raw, json)
Hash identifier: jdAuE9/wwK0NN4MF4Lg83CQ560snESalA8PKsJmWE0w=
Subject key identifier: E5:3F:57:BA:17:6D:11:80:02:BC:70:37:DD:A3:9C:2D:88:99:95:43
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B91
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5T9XuhdtEYACvHA33aOcLYiZlUM.roa
Signing time: Mon 29 Apr 2024 08:23:29 +0000
ROA not before: Mon 29 Apr 2024 08:23:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19345 (0x4b91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 08:23:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E53F57BA176D118002BC7037DDA39C2D88999543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:2d:ed:48:cf:37:95:1e:5d:ea:31:84:73:88:
63:ce:63:9a:90:72:35:c7:7a:6d:a9:fe:92:b9:68:
ca:08:d1:4a:70:67:44:f4:03:e4:d3:bd:05:8c:09:
f1:e2:c0:e8:2b:eb:96:1e:07:77:5e:74:95:8a:3f:
56:4a:32:f8:56:e0:a2:f7:b0:a1:ef:6c:ee:60:6b:
9c:7e:bf:d4:da:9c:ab:98:aa:8e:33:36:c8:95:51:
21:ba:39:6e:c9:84:31:43:e9:4a:2a:94:be:2f:b3:
49:79:b3:86:9b:95:96:a7:40:83:f8:9d:1f:60:c3:
aa:06:d3:33:8c:ee:0c:35:4a:d6:f3:19:4c:8d:08:
c2:02:81:19:fe:92:90:33:2e:10:81:4a:2e:31:d5:
29:13:e8:bf:ab:34:4e:fc:6a:7b:7d:0b:f1:bd:c8:
ab:c8:1b:11:c2:55:c3:ae:0f:91:f5:83:ed:e8:09:
0c:ab:aa:6b:35:b8:16:61:fe:de:39:59:5b:43:81:
ed:02:c6:ed:e2:2c:f6:ec:22:cf:f7:a1:e6:90:3b:
50:5b:b0:c0:e1:8b:2f:f8:6a:9c:72:87:e8:3d:39:
b5:56:fc:c4:5f:fe:ab:27:13:ab:88:b2:4e:88:ff:
6f:75:02:45:87:c9:a2:7a:e3:bc:f2:27:df:b6:c4:
89:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:3F:57:BA:17:6D:11:80:02:BC:70:37:DD:A3:9C:2D:88:99:95:43
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/5T9XuhdtEYACvHA33aOcLYiZlUM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
94:f4:e2:03:67:21:f1:05:4e:f0:fd:01:85:04:5b:22:b5:9d:
76:ec:e1:e9:48:8d:f6:36:7e:16:5d:0a:43:e0:f4:db:24:e9:
3a:b8:84:ed:46:cc:41:18:6b:cd:9e:57:13:4a:e3:69:12:e6:
3a:36:50:c8:4c:33:f5:91:1b:9b:f9:0e:a1:2b:83:b8:a8:74:
d1:ec:e8:a9:f5:3f:fe:74:5c:ec:fe:eb:1c:21:c2:a5:59:67:
a8:f8:96:39:8f:0d:cc:be:31:7f:8f:ec:28:89:75:6e:18:96:
9b:a5:aa:b8:47:50:bd:ff:cd:67:af:f3:a8:63:5d:86:3f:34:
96:95:38:9d:35:74:a0:f7:0d:2c:8e:9b:99:e4:5f:dc:b2:9b:
5b:b1:50:25:4d:3d:99:44:42:2f:13:86:fa:fa:38:04:4a:f6:
d7:d9:c0:d2:ec:69:64:9d:31:ff:0f:4d:bc:85:1f:8e:60:4c:
cb:74:3f:aa:51:32:1e:e0:5c:75:af:0c:c2:c5:df:54:80:22:
50:36:3e:f9:78:5a:6f:eb:a4:4b:48:a4:ac:50:8d:e4:6a:98:
30:e5:32:fe:70:ff:7c:c0:9b:53:8a:14:74:e7:7d:b3:07:d7:
99:1a:cb:bf:14:93:29:3f:ec:20:2b:e6:d5:79:d2:83:8c:17:
f7:62:d4:23
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICS5EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjkw
ODIzMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU1M0Y1N0JBMTc2RDEx
ODAwMkJDNzAzN0REQTM5QzJEODg5OTk1NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcLe1IzzeVHl3qMYRziGPOY5qQcjXHem2p/pK5aMoI0UpwZ0T0
A+TTvQWMCfHiwOgr65YeB3dedJWKP1ZKMvhW4KL3sKHvbO5ga5x+v9TanKuYqo4z
NsiVUSG6OW7JhDFD6UoqlL4vs0l5s4ablZanQIP4nR9gw6oG0zOM7gw1StbzGUyN
CMICgRn+kpAzLhCBSi4x1SkT6L+rNE78ant9C/G9yKvIGxHCVcOuD5H1g+3oCQyr
qms1uBZh/t45WVtDge0Cxu3iLPbsIs/3oeaQO1BbsMDhiy/4apxyh+g9ObVW/MRf
/qsnE6uIsk6I/291AkWHyaJ647zyJ9+2xIm/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU5T9XuhdtEYACvHA33aOcLYiZlUMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzVUOVh1aGR0RVlBQ3ZI
QTMzYU9jTFlpWmxVTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJT04gNnIfEFTvD9
AYUEWyK1nXbs4elIjfY2fhZdCkPg9Nsk6Tq4hO1GzEEYa82eVxNK42kS5jo2UMhM
M/WRG5v5DqErg7iodNHs6Kn1P/50XOz+6xwhwqVZZ6j4ljmPDcy+MX+P7CiJdW4Y
lpulqrhHUL3/zWev86hjXYY/NJaVOJ01dKD3DSyOm5nkX9yym1uxUCVNPZlEQi8T
hvr6OARK9tfZwNLsaWSdMf8PTbyFH45gTMt0P6pRMh7gXHWvDMLF31SAIlA2Pvl4
Wm/rpEtIpKxQjeRqmDDlMv5w/3zAm1OKFHTnfbMH15kay78Ukyk/7CAr5tV50oOM
F/di1CM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:06 2024 by rpki-client on console-fra.rpki-client.org