Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/9dneSzcNAg4fYdt_C3XD2OA4sFI.roa
File: 9dneSzcNAg4fYdt_C3XD2OA4sFI.roa (raw, json)
Hash identifier: sxy0TIfJPJnTLOh9e59EaNgce5FdDXMsC1FpMVYT3Bk=
Subject key identifier: F5:D9:DE:4B:37:0D:02:0E:1F:61:DB:7F:0B:75:C3:D8:E0:38:B0:52
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3AE5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9dneSzcNAg4fYdt_C3XD2OA4sFI.roa
Signing time: Sun 07 Apr 2024 02:52:29 +0000
ROA not before: Sun 07 Apr 2024 02:52:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15077 (0x3ae5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 02:52:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F5D9DE4B370D020E1F61DB7F0B75C3D8E038B052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5f:48:f0:54:b6:08:3f:37:12:97:14:8c:26:
3d:59:bf:b6:69:a2:2d:6f:e2:87:41:27:df:73:08:
25:f0:e1:e6:a7:e5:58:9c:b3:b3:e5:1a:5c:ce:6a:
49:61:33:9d:44:78:d6:25:22:bb:60:d9:b1:48:a7:
25:0e:cc:e2:6a:ee:dc:96:4e:a3:e7:5f:57:27:10:
ab:72:d4:1d:0a:a2:0c:3a:2e:5c:9f:a9:0a:a5:55:
cc:96:37:b5:0d:90:31:be:03:d1:0f:6f:91:83:ef:
f5:8d:47:d8:ee:dd:67:2c:bf:6a:11:f2:92:b5:e3:
09:d9:9f:ad:ee:9e:20:2b:50:75:0a:e4:ea:52:7d:
0a:f3:41:77:f2:18:cb:c0:a4:88:45:d8:13:b0:7e:
48:52:cc:82:b8:5a:02:ac:f6:8e:41:6f:de:72:d5:
6a:0b:10:a8:69:f4:48:22:eb:0d:fe:23:0b:dd:81:
fd:25:c1:0e:5f:4c:4f:e2:c8:43:e4:9a:ff:e4:fe:
4d:9a:1f:ce:e4:9d:37:be:8f:92:b0:2f:d4:9d:c4:
44:85:8f:9d:4c:e1:74:ee:a7:92:7a:8f:53:c1:fb:
33:13:bd:5f:d1:63:13:1c:92:b8:2e:d1:38:53:9c:
63:59:23:6e:90:e0:8e:37:c5:f8:7f:18:34:3a:c6:
e3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D9:DE:4B:37:0D:02:0E:1F:61:DB:7F:0B:75:C3:D8:E0:38:B0:52
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9dneSzcNAg4fYdt_C3XD2OA4sFI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
11:f4:05:b6:6e:61:db:6f:db:85:75:5d:a3:ee:56:1a:d0:65:
02:11:39:e1:e3:eb:74:84:82:d1:5f:bd:7e:47:17:09:15:c5:
36:a0:1f:08:c8:d1:5c:96:65:3e:3d:63:1e:20:2c:9b:7e:de:
1d:ae:c2:28:39:fd:aa:f3:85:d7:81:62:ba:9a:e5:d2:a1:9c:
0d:2a:1c:50:a8:13:b7:7d:8f:3e:37:3c:e3:5e:19:66:10:ec:
81:09:21:20:c8:99:5b:19:ce:3f:be:ac:c5:f8:30:0e:f7:b6:
8d:3f:75:6a:e3:85:08:bf:ff:9b:fb:3e:52:80:a9:95:cb:8e:
db:23:59:bc:29:f4:e2:ee:b4:a4:6a:c9:c8:7f:24:36:b2:d6:
65:9a:80:61:03:4d:ea:18:2b:4f:66:93:d9:e2:4e:99:3a:02:
40:fa:bb:ba:0a:17:df:07:d0:7a:90:35:08:d4:d4:08:8d:c1:
14:46:f0:b7:a7:16:c0:e0:6a:1a:02:5e:6a:98:20:d7:6e:81:
60:db:65:86:f3:ad:b0:cf:86:b3:2e:91:6d:16:36:d7:21:d4:
5b:8c:e0:b0:bc:dc:d1:b1:51:55:5f:3a:23:ca:f1:4a:a0:79:
c9:12:8e:8f:32:73:b3:57:b8:2e:a4:fc:ab:b1:0f:2a:37:8c:
51:b0:52:ef
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcw
MjUyMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY1RDlERTRCMzcwRDAy
MEUxRjYxREI3RjBCNzVDM0Q4RTAzOEIwNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7X0jwVLYIPzcSlxSMJj1Zv7Zpoi1v4odBJ99zCCXw4ean5Vic
s7PlGlzOaklhM51EeNYlIrtg2bFIpyUOzOJq7tyWTqPnX1cnEKty1B0Kogw6Llyf
qQqlVcyWN7UNkDG+A9EPb5GD7/WNR9ju3Wcsv2oR8pK14wnZn63uniArUHUK5OpS
fQrzQXfyGMvApIhF2BOwfkhSzIK4WgKs9o5Bb95y1WoLEKhp9Egi6w3+Iwvdgf0l
wQ5fTE/iyEPkmv/k/k2aH87knTe+j5KwL9SdxESFj51M4XTup5J6j1PB+zMTvV/R
YxMckrgu0ThTnGNZI26Q4I43xfh/GDQ6xuOxAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU9dneSzcNAg4fYdt/C3XD2OA4sFIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzlkbmVTemNOQWc0Zllk
dF9DM1hEMk9BNHNGSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABH0BbZuYdtv24V1
XaPuVhrQZQIROeHj63SEgtFfvX5HFwkVxTagHwjI0VyWZT49Yx4gLJt+3h2uwig5
/arzhdeBYrqa5dKhnA0qHFCoE7d9jz43PONeGWYQ7IEJISDImVsZzj++rMX4MA73
to0/dWrjhQi//5v7PlKAqZXLjtsjWbwp9OLutKRqych/JDay1mWagGEDTeoYK09m
k9niTpk6AkD6u7oKF98H0HqQNQjU1AiNwRRG8LenFsDgahoCXmqYINdugWDbZYbz
rbDPhrMukW0WNtch1FuM4LC83NGxUVVfOiPK8UqgeckSjo8yc7NXuC6k/KuxDyo3
jFGwUu8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:20 2024 by rpki-client on console-ams.rpki-client.org