Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/F5N8O6FjG45ulE1iwCT2RF3jR_Q.roa
File: F5N8O6FjG45ulE1iwCT2RF3jR_Q.roa (raw, json)
Hash identifier: MYCS24eD1gT3P4Ej1ekC1fvYmkY6MLn+E2pXci4i5zc=
Subject key identifier: 17:93:7C:3B:A1:63:1B:8E:6E:94:4D:62:C0:24:F6:44:5D:E3:47:F4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4501
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F5N8O6FjG45ulE1iwCT2RF3jR_Q.roa
Signing time: Sat 20 Apr 2024 14:23:26 +0000
ROA not before: Sat 20 Apr 2024 14:23:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17665 (0x4501)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 14:23:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=17937C3BA1631B8E6E944D62C024F6445DE347F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e6:e5:da:35:43:6d:44:08:52:df:34:9a:ed:
eb:c0:aa:95:e3:6e:ed:c1:91:5f:4c:22:0b:28:b8:
cc:78:30:54:ab:6b:f0:04:7c:a7:61:a1:2f:e7:3c:
57:b6:a3:aa:5c:b5:4d:31:a3:ce:6b:5f:ad:47:50:
d4:be:a3:88:97:00:8d:13:38:3b:37:8c:45:a8:03:
ef:85:de:29:00:d6:2e:ed:64:ed:6e:97:ec:3e:8a:
a1:89:61:f4:d9:2a:4a:a8:bf:62:03:f1:f0:ba:66:
b9:2c:86:ae:e2:46:55:dd:ae:7e:f1:28:8b:43:06:
8b:e4:80:e4:05:0e:61:af:58:89:5a:fb:86:09:4e:
c1:6b:68:91:be:08:67:9d:d5:06:cc:28:0e:55:97:
8d:10:28:55:ed:32:f9:ab:ca:5d:68:41:75:05:9f:
ff:32:db:91:99:10:f6:7a:9b:c9:f8:34:63:b8:1b:
c5:d0:5e:d9:fa:b3:1d:b5:24:f3:bc:7d:ab:b0:5d:
0d:d9:85:af:93:9c:89:74:cf:82:66:f8:34:25:72:
37:4c:da:b1:48:b5:4b:03:00:2c:d6:c7:82:c4:d5:
f1:d1:81:7c:e7:4c:f3:d1:cb:ec:75:58:03:2f:8e:
cb:9d:27:78:00:31:13:a7:56:bd:e9:aa:66:2e:af:
8c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:93:7C:3B:A1:63:1B:8E:6E:94:4D:62:C0:24:F6:44:5D:E3:47:F4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F5N8O6FjG45ulE1iwCT2RF3jR_Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b3:9b:55:fa:8a:20:a4:d5:0c:0b:02:45:dd:3f:e8:94:77:1e:
a0:cf:09:da:81:36:7c:11:b4:7e:74:a7:37:95:84:b8:d0:24:
52:0b:b6:06:ae:a6:fa:82:80:05:4d:26:c9:80:04:78:fc:39:
1d:cb:3d:40:7e:e3:93:47:ef:74:4a:13:77:96:b2:4a:8a:49:
03:77:33:e3:d6:8c:ff:1e:41:9d:be:1e:39:6b:c2:9b:d7:be:
40:1c:cb:ac:84:1d:95:75:0b:2c:97:de:3a:2a:5e:44:ef:f0:
ba:a3:aa:d1:b7:34:ea:26:c0:af:8f:38:e2:a4:9c:d1:3d:a0:
f3:fd:f3:32:89:0a:c5:36:2b:ef:1a:57:c0:9a:fa:8c:a4:4a:
e5:bb:ec:f2:d9:c7:11:a3:1c:65:6e:5b:1f:bc:b7:5d:d1:c3:
c4:aa:61:85:d0:a6:c5:c0:15:73:17:de:df:34:d6:9a:ee:c5:
11:2d:4c:7a:6f:00:00:aa:a1:dc:74:16:13:bd:92:c2:e0:7a:
9b:0c:e7:58:41:76:13:98:66:89:f9:00:d4:0e:f5:74:ee:9d:
7a:91:63:d6:69:64:a9:59:3b:6d:92:29:44:02:48:84:1d:32:
d6:bb:09:22:00:32:9d:23:7f:08:43:6b:22:5b:b7:90:37:0c:
80:ae:cd:6c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRQEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
NDIzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE3OTM3QzNCQTE2MzFC
OEU2RTk0NEQ2MkMwMjRGNjQ0NURFMzQ3RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA5uXaNUNtRAhS3zSa7evAqpXjbu3BkV9MIgsouMx4MFSra/AE
fKdhoS/nPFe2o6pctU0xo85rX61HUNS+o4iXAI0TODs3jEWoA++F3ikA1i7tZO1u
l+w+iqGJYfTZKkqov2ID8fC6Zrkshq7iRlXdrn7xKItDBovkgOQFDmGvWIla+4YJ
TsFraJG+CGed1QbMKA5Vl40QKFXtMvmryl1oQXUFn/8y25GZEPZ6m8n4NGO4G8XQ
Xtn6sx21JPO8fauwXQ3Zha+TnIl0z4Jm+DQlcjdM2rFItUsDACzWx4LE1fHRgXzn
TPPRy+x1WAMvjsudJ3gAMROnVr3pqmYur4wZAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUF5N8O6FjG45ulE1iwCT2RF3jR/QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Y1TjhPNkZqRzQ1dWxF
MWl3Q1QyUkYzalJfUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALObVfqKIKTVDAsC
Rd0/6JR3HqDPCdqBNnwRtH50pzeVhLjQJFILtgaupvqCgAVNJsmABHj8OR3LPUB+
45NH73RKE3eWskqKSQN3M+PWjP8eQZ2+HjlrwpvXvkAcy6yEHZV1CyyX3joqXkTv
8LqjqtG3NOomwK+POOKknNE9oPP98zKJCsU2K+8aV8Ca+oykSuW77PLZxxGjHGVu
Wx+8t13Rw8SqYYXQpsXAFXMX3t801pruxREtTHpvAACqodx0FhO9ksLgepsM51hB
dhOYZon5ANQO9XTunXqRY9ZpZKlZO22SKUQCSIQdMta7CSIAMp0jfwhDayJbt5A3
DICuzWw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:15 2024 by rpki-client on console-fra.rpki-client.org