Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/SPqxpmkWNpjUl6OMjXJymVROmkY.roa
File: SPqxpmkWNpjUl6OMjXJymVROmkY.roa (raw, json)
Hash identifier: wZ25xP0qU/1StkT0jBLyxBUtt1c51tfBKwxTsL/wQSA=
Subject key identifier: 48:FA:B1:A6:69:16:36:98:D4:97:A3:8C:8D:72:72:99:54:4E:9A:46
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5505
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SPqxpmkWNpjUl6OMjXJymVROmkY.roa
Signing time: Sat 11 May 2024 22:54:24 +0000
ROA not before: Sat 11 May 2024 22:54:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21765 (0x5505)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 22:54:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=48FAB1A669163698D497A38C8D727299544E9A46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4c:fd:5d:82:9e:b0:fd:bc:e0:c2:81:c4:2f:
3e:ae:f9:74:7b:4d:c7:9d:c9:d8:8d:f0:b5:3c:d6:
e4:82:9d:7e:13:a3:0b:a9:ba:11:c1:ae:87:9e:dc:
55:13:27:4b:db:e5:b5:3a:c1:84:c1:35:a9:4c:2f:
41:b9:8a:53:5e:bf:0b:5b:bf:9e:02:85:f9:f1:81:
95:3a:cd:c3:56:a9:2a:03:b4:eb:58:23:b7:97:98:
ec:2d:0c:a1:31:30:9a:16:a6:6a:66:15:f3:74:fe:
00:fb:97:8e:4a:07:8c:64:07:c2:c4:85:b5:47:97:
79:92:f6:51:1d:71:eb:06:ff:d0:3c:39:57:e4:8f:
25:2c:4a:23:79:db:2e:bb:93:3f:9d:f5:43:83:8e:
e1:04:36:e0:96:2f:73:06:5f:8c:5a:4a:01:09:01:
00:9f:99:f9:f1:24:64:ea:f8:db:03:36:d1:bc:ce:
c3:f5:2c:c0:91:49:3e:0a:e1:f1:e3:8c:f4:6e:48:
27:23:c5:b3:89:6f:e5:dc:13:8a:4c:48:ec:08:eb:
3f:09:82:ad:34:1a:a2:00:ad:58:8b:6e:d5:62:13:
db:76:f0:d4:7d:7a:c0:7c:92:6a:c6:78:89:af:e8:
c3:e3:5d:df:ea:82:3e:a6:55:de:d5:86:7f:08:b3:
42:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:FA:B1:A6:69:16:36:98:D4:97:A3:8C:8D:72:72:99:54:4E:9A:46
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SPqxpmkWNpjUl6OMjXJymVROmkY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5b:ae:40:25:fb:e6:ea:a4:9c:84:d0:3a:92:12:f9:45:18:8e:
7a:f7:34:7b:2d:01:4e:eb:54:d7:9e:b3:5f:82:52:c7:8f:ea:
a7:fb:2e:a7:d1:67:4f:99:d9:20:3d:fc:f1:7f:c4:4d:3e:4c:
09:14:df:02:b3:bf:59:18:0b:f5:37:f6:57:15:95:14:d0:29:
ef:ec:5d:a8:ef:73:0e:03:26:91:9b:ef:bf:fd:e6:f8:f8:87:
6d:9d:ea:9d:76:b2:05:0f:5e:7c:4a:58:61:31:a3:ee:27:bc:
58:1a:2d:f7:be:69:98:78:68:80:7f:af:dc:72:5e:f5:7b:64:
6c:6b:e0:76:4f:61:f5:a4:74:87:34:d4:2d:af:b7:ce:39:28:
1a:9c:8a:e3:3c:7a:39:a8:9a:75:e5:c9:d7:a4:f7:9d:b5:9a:
e5:aa:76:a9:16:1e:24:c2:0f:be:2f:67:7c:41:08:57:aa:68:
98:f0:f4:1a:f0:d1:5c:ae:5d:5c:3a:42:49:6f:f1:94:c9:d8:
ca:8e:32:f8:a1:dc:21:04:41:b7:c9:3e:b7:ec:bf:fb:2c:9b:
50:32:3e:d7:02:8d:5d:91:a2:d6:bf:36:68:3d:42:d7:30:3f:
63:57:dd:c0:c0:d9:39:28:0b:2e:6a:b4:26:88:55:a6:80:e6:
db:20:40:2f
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEy
MjU0MjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ4RkFCMUE2NjkxNjM2
OThENDk3QTM4QzhENzI3Mjk5NTQ0RTlBNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNTP1dgp6w/bzgwoHELz6u+XR7TcedydiN8LU81uSCnX4Towup
uhHBroee3FUTJ0vb5bU6wYTBNalML0G5ilNevwtbv54ChfnxgZU6zcNWqSoDtOtY
I7eXmOwtDKExMJoWpmpmFfN0/gD7l45KB4xkB8LEhbVHl3mS9lEdcesG/9A8OVfk
jyUsSiN52y67kz+d9UODjuEENuCWL3MGX4xaSgEJAQCfmfnxJGTq+NsDNtG8zsP1
LMCRST4K4fHjjPRuSCcjxbOJb+XcE4pMSOwI6z8Jgq00GqIArViLbtViE9t28NR9
esB8kmrGeImv6MPjXd/qgj6mVd7Vhn8Is0KJAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUSPqxpmkWNpjUl6OMjXJymVROmkYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NQcXhwbWtXTnBqVWw2
T01qWEp5bVZST21rWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFuuQCX75uqknITQ
OpIS+UUYjnr3NHstAU7rVNees1+CUseP6qf7LqfRZ0+Z2SA9/PF/xE0+TAkU3wKz
v1kYC/U39lcVlRTQKe/sXajvcw4DJpGb77/95vj4h22d6p12sgUPXnxKWGExo+4n
vFgaLfe+aZh4aIB/r9xyXvV7ZGxr4HZPYfWkdIc01C2vt845KBqciuM8ejmomnXl
ydek9521muWqdqkWHiTCD74vZ3xBCFeqaJjw9Brw0VyuXVw6Qklv8ZTJ2MqOMvih
3CEEQbfJPrfsv/ssm1AyPtcCjV2Rota/Nmg9QtcwP2NX3cDA2TkoCy5qtCaIVaaA
5tsgQC8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:43 2024 by rpki-client on console-ams.rpki-client.org