Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/AJevmk_h8SqPieOvKQxucvm_Tbg.roa
File: AJevmk_h8SqPieOvKQxucvm_Tbg.roa (raw, json)
Hash identifier: 7GSUH3Z+AfUFA3tXjJFo/pHeq5PtUe3gtXsbZ8RNwPo=
Subject key identifier: 00:97:AF:9A:4F:E1:F1:2A:8F:89:E3:AF:29:0C:6E:72:F9:BF:4D:B8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5781
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AJevmk_h8SqPieOvKQxucvm_Tbg.roa
Signing time: Wed 15 May 2024 06:24:17 +0000
ROA not before: Wed 15 May 2024 06:24:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22401 (0x5781)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 06:24:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0097AF9A4FE1F12A8F89E3AF290C6E72F9BF4DB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:51:9f:92:da:25:f9:7f:ca:c6:a6:0f:88:be:
b9:79:b4:31:95:d6:76:3a:ac:9c:53:ed:ca:10:39:
88:6f:55:ee:d1:d8:4f:e5:11:ce:d7:18:1b:42:65:
60:11:e1:ce:56:a7:53:71:55:cd:2d:8b:64:17:84:
4a:0f:67:98:d8:53:c9:19:29:b7:ca:11:54:04:fa:
a5:d4:4f:5f:8f:da:39:65:12:20:85:8f:07:da:6d:
c9:6d:2d:70:8e:5e:5a:43:e2:a4:d5:e2:fc:7e:83:
2b:0d:d5:48:6a:43:1d:e4:71:61:2a:47:ad:67:57:
5a:5c:b0:af:36:cb:63:7d:4f:da:9f:38:61:25:26:
97:32:62:07:94:4a:8b:ca:05:20:3b:6f:b3:c2:3b:
06:19:32:a9:0c:aa:ce:50:f9:8a:22:15:24:1e:28:
00:37:0b:0f:52:85:25:4b:ec:8f:3b:2e:16:5b:8d:
bd:f6:a1:c3:83:e1:cd:df:32:c8:4d:8b:7f:60:02:
4b:3c:4f:3b:8a:df:de:5f:20:9b:69:de:34:1f:59:
20:1e:d3:5f:76:67:52:be:26:67:3f:a1:c4:cd:d5:
0c:d7:9e:43:34:48:61:96:90:45:ba:a1:6b:63:6a:
14:fc:4e:7e:20:67:c0:6a:78:b9:eb:86:b0:ba:b9:
c6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:97:AF:9A:4F:E1:F1:2A:8F:89:E3:AF:29:0C:6E:72:F9:BF:4D:B8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AJevmk_h8SqPieOvKQxucvm_Tbg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
0b:c6:e1:37:0b:68:b0:da:60:35:0e:1a:29:80:f9:8b:7d:c3:
3c:6a:45:da:df:a6:00:27:3b:08:a6:a4:af:d5:dd:e3:d9:12:
6a:fc:a6:0c:3e:4c:b3:35:7d:69:a3:64:f3:0b:20:e0:f3:74:
a2:30:25:55:97:47:03:51:42:f7:68:ed:a1:ad:08:14:50:10:
d7:68:04:d2:25:9c:7d:94:04:5b:e3:a5:bb:fd:16:84:0c:0e:
0f:f2:c7:29:ed:7a:d5:f4:49:ca:56:e1:59:30:b7:de:8a:c0:
6c:f2:19:15:5e:2f:fe:eb:92:90:d9:77:6c:0d:03:d3:f3:9d:
09:a0:3a:cb:fe:8e:f2:fe:7b:e7:1b:a3:ea:c5:ed:b0:21:ba:
e2:62:0d:5f:09:07:b3:7c:26:4c:b9:69:1b:94:6d:40:38:b3:
0c:73:15:f8:e0:a2:e3:95:d9:fc:34:28:bb:9c:96:de:21:58:
40:89:54:a7:ac:f4:84:cc:5c:39:ff:b5:a6:f6:17:90:e1:51:
8d:0d:6e:86:a8:b6:5b:72:20:d9:18:2b:4e:07:40:d4:3e:3d:
dd:8a:a3:73:38:f6:16:91:d9:ba:bb:0a:42:6c:ed:5f:1b:49:
35:b6:dd:5c:6f:af:90:ba:0a:66:61:42:ef:20:f8:c1:a7:01:
96:e4:4f:d9
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICV4EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUw
NjI0MTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAwOTdBRjlBNEZFMUYx
MkE4Rjg5RTNBRjI5MEM2RTcyRjlCRjREQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqUZ+S2iX5f8rGpg+Ivrl5tDGV1nY6rJxT7coQOYhvVe7R2E/l
Ec7XGBtCZWAR4c5Wp1NxVc0ti2QXhEoPZ5jYU8kZKbfKEVQE+qXUT1+P2jllEiCF
jwfabcltLXCOXlpD4qTV4vx+gysN1UhqQx3kcWEqR61nV1pcsK82y2N9T9qfOGEl
JpcyYgeUSovKBSA7b7PCOwYZMqkMqs5Q+YoiFSQeKAA3Cw9ShSVL7I87LhZbjb32
ocOD4c3fMshNi39gAks8TzuK395fIJtp3jQfWSAe0192Z1K+Jmc/ocTN1QzXnkM0
SGGWkEW6oWtjahT8Tn4gZ8BqeLnrhrC6ucYXAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUAJevmk/h8SqPieOvKQxucvm/TbgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0FKZXZta19oOFNxUGll
T3ZLUXh1Y3ZtX1RiZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAvG4TcLaLDaYDUO
GimA+Yt9wzxqRdrfpgAnOwimpK/V3ePZEmr8pgw+TLM1fWmjZPMLIODzdKIwJVWX
RwNRQvdo7aGtCBRQENdoBNIlnH2UBFvjpbv9FoQMDg/yxyntetX0ScpW4Vkwt96K
wGzyGRVeL/7rkpDZd2wNA9PznQmgOsv+jvL+e+cbo+rF7bAhuuJiDV8JB7N8Jky5
aRuUbUA4swxzFfjgouOV2fw0KLuclt4hWECJVKes9ITMXDn/tab2F5DhUY0Nboao
tltyINkYK04HQNQ+Pd2Ko3M49haR2bq7CkJs7V8bSTW23Vxvr5C6CmZhQu8g+MGn
AZbkT9k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:21 2024 by rpki-client on console-ams.rpki-client.org