Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/EymNsAUgjErGHi4MorYKDzi--yE.roa
File: EymNsAUgjErGHi4MorYKDzi--yE.roa (raw, json)
Hash identifier: 1txFBe3JHGWNLW5yGodvfJD7nDNgiuNrszIhrBbv1Yw=
Subject key identifier: 13:29:8D:B0:05:20:8C:4A:C6:1E:2E:0C:A2:B6:0A:0F:38:BE:FB:21
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5605
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EymNsAUgjErGHi4MorYKDzi--yE.roa
Signing time: Mon 13 May 2024 06:54:10 +0000
ROA not before: Mon 13 May 2024 06:54:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22021 (0x5605)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 06:54:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=13298DB005208C4AC61E2E0CA2B60A0F38BEFB21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2f:8b:06:e9:38:d9:06:7d:23:c8:f2:eb:8f:
b6:66:a6:d6:cf:a3:68:37:26:31:a0:39:30:d7:24:
e0:17:01:23:ed:a4:aa:23:c7:c4:9e:d1:f9:09:ee:
4d:05:cd:cf:dd:a1:ad:d9:f8:98:f3:2a:84:7c:21:
d3:a8:b5:5a:4d:b6:e3:ed:a9:af:e3:f1:43:60:ae:
6f:6c:ea:e9:ce:b3:45:aa:19:e6:67:52:07:df:6b:
2b:4a:aa:59:55:f9:f6:35:f8:e4:e4:62:96:71:ea:
63:7a:f2:a0:8c:19:97:00:a9:74:32:8c:54:e4:03:
2d:8a:d7:59:75:a2:cb:b5:07:90:5d:73:f8:86:a4:
57:a1:c9:e6:6b:db:dc:28:21:ea:e6:94:c7:16:1a:
0e:cb:ba:c0:f1:97:ba:cf:cd:e9:e7:c6:06:db:d4:
09:aa:af:15:ab:75:d8:cf:7a:5a:b2:4c:a3:4f:a3:
8d:cf:5f:3e:c0:1e:fc:46:d2:b6:f5:0c:ba:82:9a:
0a:18:6f:7f:15:40:f9:89:3f:66:62:43:5f:00:59:
ae:59:92:6b:b4:77:c8:b1:a3:22:6c:56:33:a1:91:
7f:61:00:e7:d2:c1:c4:a5:56:4c:20:be:7e:84:6d:
7a:15:de:d9:df:47:0e:cb:17:e5:db:a0:9d:0e:ab:
13:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:29:8D:B0:05:20:8C:4A:C6:1E:2E:0C:A2:B6:0A:0F:38:BE:FB:21
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EymNsAUgjErGHi4MorYKDzi--yE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
72:00:10:d0:d8:e3:17:3a:ea:db:10:3a:14:fc:30:b5:1f:5b:
93:53:33:71:d5:c8:7b:8f:06:9c:a5:d3:8d:28:99:91:ec:5c:
e9:a7:c7:c3:ca:01:f9:af:b5:bd:6a:0e:a7:d1:72:03:b1:6b:
fe:fd:f9:b0:e2:9a:f1:f6:a3:41:93:dc:0b:48:59:c7:4d:a5:
3e:a1:bf:d8:68:2b:47:1b:9c:95:48:e3:7e:fe:c6:51:ec:70:
a9:b5:db:b2:1c:a9:d4:3d:1c:b1:e6:0d:42:83:3e:f4:90:97:
b6:8a:c3:62:bd:5d:26:b0:04:cf:17:fd:c9:5d:23:10:6d:bc:
32:74:4e:57:f5:69:95:3e:f2:03:5c:58:74:12:02:04:32:a4:
0c:5c:92:9c:25:b2:3a:de:d7:8b:85:7e:da:94:dd:a8:f2:81:
eb:da:79:d1:88:be:52:14:bc:72:1d:01:aa:5a:6f:18:2f:69:
78:00:7d:e4:40:63:6b:56:ef:26:92:e1:39:e1:bc:50:3a:22:
ed:e8:00:a5:30:8c:8d:7e:98:47:84:ee:50:d9:02:cc:2d:dc:
9b:ed:13:d1:f2:65:d2:7e:e5:95:e1:29:66:87:15:11:7d:d0:
8d:1f:b6:1a:24:55:e5:87:b4:bd:ce:76:15:29:36:12:46:29:
7c:bc:24:3a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVgUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMw
NjU0MTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEzMjk4REIwMDUyMDhD
NEFDNjFFMkUwQ0EyQjYwQTBGMzhCRUZCMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmL4sG6TjZBn0jyPLrj7ZmptbPo2g3JjGgOTDXJOAXASPtpKoj
x8Se0fkJ7k0Fzc/doa3Z+JjzKoR8IdOotVpNtuPtqa/j8UNgrm9s6unOs0WqGeZn
UgffaytKqllV+fY1+OTkYpZx6mN68qCMGZcAqXQyjFTkAy2K11l1osu1B5Bdc/iG
pFehyeZr29woIermlMcWGg7LusDxl7rPzennxgbb1AmqrxWrddjPelqyTKNPo43P
Xz7AHvxG0rb1DLqCmgoYb38VQPmJP2ZiQ18AWa5Zkmu0d8ixoyJsVjOhkX9hAOfS
wcSlVkwgvn6EbXoV3tnfRw7LF+XboJ0OqxNHAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUEymNsAUgjErGHi4MorYKDzi++yEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0V5bU5zQVVnakVyR0hp
NE1vcllLRHppLS15RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHIAENDY4xc66tsQ
OhT8MLUfW5NTM3HVyHuPBpyl040omZHsXOmnx8PKAfmvtb1qDqfRcgOxa/79+bDi
mvH2o0GT3AtIWcdNpT6hv9hoK0cbnJVI437+xlHscKm127IcqdQ9HLHmDUKDPvSQ
l7aKw2K9XSawBM8X/cldIxBtvDJ0Tlf1aZU+8gNcWHQSAgQypAxckpwlsjre14uF
ftqU3ajygevaedGIvlIUvHIdAapabxgvaXgAfeRAY2tW7yaS4TnhvFA6Iu3oAKUw
jI1+mEeE7lDZAswt3JvtE9HyZdJ+5ZXhKWaHFRF90I0fthokVeWHtL3OdhUpNhJG
KXy8JDo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:14 2024 by rpki-client on console-fra.rpki-client.org