Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Q5uHVqVenE2lHmXRMEyKYtTHhkA.roa
File: Q5uHVqVenE2lHmXRMEyKYtTHhkA.roa (raw, json)
Hash identifier: UCnHdKWz3vXpM7snTvYJ/sL0W+iIfmAZAEHwvSMe/JM=
Subject key identifier: 43:9B:87:56:A5:5E:9C:4D:A5:1E:65:D1:30:4C:8A:62:D4:C7:86:40
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4369
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Q5uHVqVenE2lHmXRMEyKYtTHhkA.roa
Signing time: Thu 18 Apr 2024 11:23:10 +0000
ROA not before: Thu 18 Apr 2024 11:23:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17257 (0x4369)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 11:23:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=439B8756A55E9C4DA51E65D1304C8A62D4C78640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d4:1c:71:4c:2a:91:fd:87:6a:f9:dd:1d:55:
3d:5b:01:6d:ce:b6:70:55:fe:f7:4e:25:ec:3f:65:
31:42:25:76:cb:08:7e:df:c6:b9:4f:7e:64:87:7e:
f7:ed:fb:b3:31:83:bc:b3:15:ac:67:03:34:c9:87:
8b:45:ce:9d:a5:47:b3:f3:76:cf:39:2e:fb:c8:1a:
6b:35:26:0c:83:17:52:33:9a:86:c9:18:de:69:fe:
d0:2b:62:0c:26:b0:3b:f6:b7:40:e2:f6:01:85:4b:
27:cf:98:c4:10:d6:0f:0c:3f:46:35:a1:27:8d:64:
f3:15:c1:3d:c4:ce:0a:b7:e0:b5:81:4f:ef:6c:6a:
71:49:22:44:3e:9b:7b:f5:41:64:17:11:ce:47:2e:
6a:9b:51:39:c9:78:78:e1:29:af:d9:33:31:1f:b9:
c9:47:89:b7:f9:63:f0:3c:8a:b1:8c:20:3e:89:10:
f4:cb:2b:02:d6:e4:f5:18:96:6d:5a:60:a2:1a:5e:
c8:e9:19:7c:76:83:92:72:f3:3f:74:ea:8b:5e:d0:
43:e7:87:3e:cd:fa:a3:63:44:1c:68:5e:8f:20:2c:
2b:78:dd:ad:d3:ed:68:3f:aa:b1:4d:70:cb:c6:41:
20:bf:9b:04:f0:93:93:27:a4:ef:c9:4e:3a:e4:96:
d7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:9B:87:56:A5:5E:9C:4D:A5:1E:65:D1:30:4C:8A:62:D4:C7:86:40
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Q5uHVqVenE2lHmXRMEyKYtTHhkA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b4:44:23:59:ae:da:f4:6c:43:e5:f9:72:a6:d0:63:01:9e:35:
6d:9e:20:d4:df:6e:ef:b0:45:45:f2:bd:5b:c1:0b:32:a1:d9:
03:c1:eb:0d:0b:fa:88:b8:4c:f1:51:83:2b:7f:a2:bd:54:7c:
1c:78:5b:38:3d:f7:83:ac:af:7b:11:a5:d9:db:7c:b3:aa:8f:
b4:25:67:c3:10:c2:ff:e7:c6:92:37:15:77:28:cd:8d:33:af:
36:ad:8e:1c:3a:ad:99:41:9e:2f:0b:c5:19:b5:03:d0:f7:c8:
3d:b9:f8:dd:48:ec:bc:a5:67:36:fb:b5:70:c7:81:3f:62:64:
3d:38:54:d4:45:2d:da:f2:e1:58:0a:85:21:47:08:00:e4:1f:
6d:30:92:ab:b4:df:ca:3d:5d:11:59:89:6f:2d:58:88:31:f5:
32:08:cd:7d:41:c0:ab:14:08:13:76:d8:7a:fe:ca:4b:bd:01:
58:c9:8f:c5:bc:d8:75:47:d7:bd:f8:2c:37:ee:2b:ef:59:92:
25:80:b9:68:d2:57:90:0b:23:7e:df:40:67:2a:6c:65:06:c2:
9b:eb:56:62:c9:31:2c:6f:6b:47:12:04:52:c4:06:ee:f7:23:
f0:d1:54:43:b4:2d:cf:b1:0e:4a:d3:b4:63:53:33:4e:ea:33:
a3:5f:48:d3
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQ2kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
MTIzMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQzOUI4NzU2QTU1RTlD
NERBNTFFNjVEMTMwNEM4QTYyRDRDNzg2NDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZ1BxxTCqR/Ydq+d0dVT1bAW3OtnBV/vdOJew/ZTFCJXbLCH7f
xrlPfmSHfvft+7Mxg7yzFaxnAzTJh4tFzp2lR7Pzds85LvvIGms1JgyDF1IzmobJ
GN5p/tArYgwmsDv2t0Di9gGFSyfPmMQQ1g8MP0Y1oSeNZPMVwT3Ezgq34LWBT+9s
anFJIkQ+m3v1QWQXEc5HLmqbUTnJeHjhKa/ZMzEfuclHibf5Y/A8irGMID6JEPTL
KwLW5PUYlm1aYKIaXsjpGXx2g5Jy8z906ote0EPnhz7N+qNjRBxoXo8gLCt43a3T
7Wg/qrFNcMvGQSC/mwTwk5MnpO/JTjrkltcDAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUQ5uHVqVenE2lHmXRMEyKYtTHhkAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1E1dUhWcVZlbkUybEht
WFJNRXlLWXRUSGhrQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALREI1mu2vRsQ+X5
cqbQYwGeNW2eINTfbu+wRUXyvVvBCzKh2QPB6w0L+oi4TPFRgyt/or1UfBx4Wzg9
94Osr3sRpdnbfLOqj7QlZ8MQwv/nxpI3FXcozY0zrzatjhw6rZlBni8LxRm1A9D3
yD25+N1I7LylZzb7tXDHgT9iZD04VNRFLdry4VgKhSFHCADkH20wkqu038o9XRFZ
iW8tWIgx9TIIzX1BwKsUCBN22Hr+yku9AVjJj8W82HVH1734LDfuK+9ZkiWAuWjS
V5ALI37fQGcqbGUGwpvrVmLJMSxva0cSBFLEBu73I/DRVEO0Lc+xDkrTtGNTM07q
M6NfSNM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:24 2024 by rpki-client on console-fra.rpki-client.org