Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Jb5SNY4TvqUbYG77rvL7atC5d2Q.roa
File: Jb5SNY4TvqUbYG77rvL7atC5d2Q.roa (raw, json)
Hash identifier: jZ4tYoTq3vDQ0yfBz4YgyQ4KmO57Eb+mZwIsC++tKaA=
Subject key identifier: 25:BE:52:35:8E:13:BE:A5:1B:60:6E:FB:AE:F2:FB:6A:D0:B9:77:64
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40E1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Jb5SNY4TvqUbYG77rvL7atC5d2Q.roa
Signing time: Mon 15 Apr 2024 02:22:52 +0000
ROA not before: Mon 15 Apr 2024 02:22:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16609 (0x40e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 02:22:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=25BE52358E13BEA51B606EFBAEF2FB6AD0B97764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2f:6a:68:31:ce:a0:c5:ec:9e:66:30:86:0a:
2e:b6:8e:03:ae:05:80:9b:09:73:27:d6:28:bd:7f:
e0:22:19:1d:24:19:d6:b2:95:4d:82:42:60:f4:6b:
b2:1f:d2:33:f7:94:53:7d:b9:02:f9:00:dc:e1:1e:
3d:0c:cd:c9:64:36:d0:e8:c4:1b:76:68:d4:5b:22:
02:83:72:2f:63:3d:98:31:46:bd:d9:9b:1b:2c:52:
55:5a:3a:50:b6:3f:cb:f0:3f:8e:b2:0f:b0:e7:32:
7c:80:a8:b0:6d:16:10:67:e8:81:78:ed:b4:d7:cf:
2d:1b:18:76:1c:e7:58:d6:21:85:0b:04:3d:b5:eb:
64:c1:6a:40:0c:6f:10:82:0b:fa:e3:35:17:64:1b:
e5:35:16:03:89:3f:cd:e5:d6:cb:b8:17:c1:dc:2a:
67:e4:ce:3b:8a:77:24:cf:7b:5c:ea:9f:fd:9e:10:
7b:a3:25:d9:9d:ab:14:b4:7b:d9:30:d3:39:1c:c7:
5d:cb:85:6d:ba:ff:4e:d4:50:ae:52:5f:ba:d9:6f:
b4:58:07:89:59:01:6c:04:d5:98:67:94:8a:46:6d:
bc:d6:80:df:c3:02:f6:37:2c:9e:2c:49:41:12:e9:
c6:5f:89:22:42:c8:2c:0f:cd:64:2e:ff:5b:6c:dc:
7c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BE:52:35:8E:13:BE:A5:1B:60:6E:FB:AE:F2:FB:6A:D0:B9:77:64
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Jb5SNY4TvqUbYG77rvL7atC5d2Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a9:5f:6a:d9:a8:e3:db:7e:1c:50:34:53:61:c4:2d:3d:b8:df:
af:04:85:97:ed:72:95:e4:d7:b5:78:22:0e:8c:d0:84:aa:f4:
53:f1:9d:58:89:8f:72:99:f3:e7:a5:b2:5c:45:8f:5c:a2:ec:
4a:39:67:60:e4:0f:f2:b8:22:2d:db:e8:62:4b:36:0b:af:c5:
c6:9f:1b:97:03:7e:0b:7d:6e:38:94:63:37:ff:30:fa:0b:51:
75:49:7a:d8:fd:c7:8b:c8:e1:c5:ae:e5:26:f0:3f:65:2f:7f:
5b:8d:26:c0:90:8f:91:b3:01:f6:60:31:f0:dc:4d:e2:80:eb:
cc:20:7c:47:be:e2:47:98:4c:9a:75:64:f5:50:05:1c:01:88:
67:c6:d7:d6:23:d4:54:d6:e6:09:c0:17:40:d5:55:c9:1f:4b:
42:7d:83:34:69:49:f0:5e:be:04:8e:ae:a5:ce:01:2f:31:a2:
47:b6:e8:a5:2c:2e:9f:90:6e:d6:b4:34:bd:ea:d0:ee:fb:19:
41:f8:2e:1a:20:90:73:b0:40:ac:65:f5:b7:83:12:88:19:55:
31:55:f8:73:f5:42:4e:40:10:78:7d:e3:06:9d:9c:72:34:20:
37:60:53:fb:cb:65:c5:68:a4:39:aa:fa:b9:5e:c9:91:ed:07:
ea:b8:be:58
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQOEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUw
MjIyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI1QkU1MjM1OEUxM0JF
QTUxQjYwNkVGQkFFRjJGQjZBRDBCOTc3NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOL2poMc6gxeyeZjCGCi62jgOuBYCbCXMn1ii9f+AiGR0kGday
lU2CQmD0a7If0jP3lFN9uQL5ANzhHj0MzclkNtDoxBt2aNRbIgKDci9jPZgxRr3Z
mxssUlVaOlC2P8vwP46yD7DnMnyAqLBtFhBn6IF47bTXzy0bGHYc51jWIYULBD21
62TBakAMbxCCC/rjNRdkG+U1FgOJP83l1su4F8HcKmfkzjuKdyTPe1zqn/2eEHuj
JdmdqxS0e9kw0zkcx13LhW26/07UUK5SX7rZb7RYB4lZAWwE1ZhnlIpGbbzWgN/D
AvY3LJ4sSUES6cZfiSJCyCwPzWQu/1ts3Hz/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUJb5SNY4TvqUbYG77rvL7atC5d2QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0piNVNOWTRUdnFVYllH
Nzdydkw3YXRDNWQyUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKlfatmo49t+HFA0
U2HELT24368EhZftcpXk17V4Ig6M0ISq9FPxnViJj3KZ8+elslxFj1yi7Eo5Z2Dk
D/K4Ii3b6GJLNguvxcafG5cDfgt9bjiUYzf/MPoLUXVJetj9x4vI4cWu5SbwP2Uv
f1uNJsCQj5GzAfZgMfDcTeKA68wgfEe+4keYTJp1ZPVQBRwBiGfG19Yj1FTW5gnA
F0DVVckfS0J9gzRpSfBevgSOrqXOAS8xoke26KUsLp+Qbta0NL3q0O77GUH4Lhog
kHOwQKxl9beDEogZVTFV+HP1Qk5AEHh94wadnHI0IDdgU/vLZcVopDmq+rleyZHt
B+q4vlg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:18 2024 by rpki-client on console-fra.rpki-client.org