Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Sc7nQYMFcG2GPjVE9R4TlLbX4eM.roa
File: Sc7nQYMFcG2GPjVE9R4TlLbX4eM.roa (raw, json)
Hash identifier: AuxAJ6L0CS67FBZD7q2HIGnvXQclKxEID7yWy/Jpji0=
Subject key identifier: 49:CE:E7:41:83:05:70:6D:86:3E:35:44:F5:1E:13:94:B6:D7:E1:E3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5689
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Sc7nQYMFcG2GPjVE9R4TlLbX4eM.roa
Signing time: Mon 13 May 2024 23:24:06 +0000
ROA not before: Mon 13 May 2024 23:24:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22153 (0x5689)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 23:24:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=49CEE7418305706D863E3544F51E1394B6D7E1E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5b:07:3e:86:3f:ea:4d:cb:63:70:0d:e4:3b:
57:9a:7c:6b:83:e4:18:b9:10:67:6a:07:f6:a6:74:
0a:02:b3:4f:4b:49:14:b9:78:f4:7c:54:f0:5a:f2:
86:b5:1e:73:7f:e9:56:cf:74:05:fc:70:c6:ba:dc:
c5:fc:34:ee:4c:35:cb:2a:d1:60:03:f0:5c:c9:5e:
3f:d5:5a:66:ea:fb:d3:b6:61:24:4a:7c:17:02:f5:
28:88:13:cc:04:41:73:25:7c:65:f4:e6:57:d7:c3:
d9:c1:c6:b6:d8:b3:b5:e0:e3:a4:ae:31:83:b5:44:
b7:77:14:11:82:38:37:70:35:2a:22:7d:50:90:c9:
fb:c8:d7:a5:d2:f0:2b:6b:e0:cc:99:c4:6c:92:e8:
a2:85:b2:b4:4c:a3:a4:e8:5e:67:d6:a9:c0:99:89:
8a:39:a8:89:31:03:5e:a8:a9:1b:a6:f9:9d:21:e7:
3c:ab:0c:0d:29:89:f9:03:80:39:00:b5:9a:ef:5e:
3f:b0:2f:5e:a3:e8:84:d6:be:86:32:f4:e0:ac:a6:
56:ef:7c:9b:21:ce:21:30:4f:58:77:10:c7:20:03:
e8:e1:c2:68:25:5d:e7:c8:ea:44:91:9f:4f:bb:2f:
60:01:a4:f7:c3:f5:1e:bc:3e:4f:4e:d9:70:b4:43:
de:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:CE:E7:41:83:05:70:6D:86:3E:35:44:F5:1E:13:94:B6:D7:E1:E3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Sc7nQYMFcG2GPjVE9R4TlLbX4eM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
37:ed:b6:70:6f:29:f2:4d:55:99:95:e9:09:a0:b9:90:e2:35:
ec:db:21:a2:7e:88:e3:d7:eb:64:7d:72:a9:3e:d9:9b:cb:ea:
a0:01:8a:2d:be:3f:53:53:79:1a:c5:05:4f:ee:08:7b:c9:83:
b6:07:d1:5e:9c:f5:5e:08:3b:d1:1f:af:cb:40:c0:b7:43:20:
8a:4d:da:72:d8:bc:51:47:db:91:e0:bb:b4:c0:29:15:fe:41:
ba:08:72:40:23:e2:99:29:98:bb:13:ab:66:d2:c3:4b:fd:50:
23:e8:1c:47:f7:d4:64:aa:b9:a7:35:f2:af:3e:5b:ab:40:10:
b8:ae:22:d7:11:45:d5:91:9d:48:01:a2:aa:96:dd:3d:95:43:
e8:b3:3e:47:a7:f6:4c:d9:0d:fe:ed:0b:4f:9a:fb:55:ad:de:
cd:66:91:0b:9e:da:e2:c3:e7:6b:c2:f6:82:71:c5:15:06:f1:
d1:d4:5b:c3:fc:80:64:34:6b:ac:6a:cc:2f:78:6c:72:cc:54:
43:34:e1:f8:1c:8d:7e:44:b2:5f:47:ea:25:58:2b:2d:2f:fc:
03:5b:96:29:70:c8:4a:39:91:3f:67:9c:9f:3e:b4:d9:75:3f:
84:7a:da:b7:ed:9d:cd:ea:e1:59:78:b4:40:c3:d5:a6:34:2a:
d2:99:b8:84
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVokwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMy
MzI0MDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ5Q0VFNzQxODMwNTcw
NkQ4NjNFMzU0NEY1MUUxMzk0QjZEN0UxRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3Wwc+hj/qTctjcA3kO1eafGuD5Bi5EGdqB/amdAoCs09LSRS5
ePR8VPBa8oa1HnN/6VbPdAX8cMa63MX8NO5MNcsq0WAD8FzJXj/VWmbq+9O2YSRK
fBcC9SiIE8wEQXMlfGX05lfXw9nBxrbYs7Xg46SuMYO1RLd3FBGCODdwNSoifVCQ
yfvI16XS8Ctr4MyZxGyS6KKFsrRMo6ToXmfWqcCZiYo5qIkxA16oqRum+Z0h5zyr
DA0pifkDgDkAtZrvXj+wL16j6ITWvoYy9OCsplbvfJshziEwT1h3EMcgA+jhwmgl
XefI6kSRn0+7L2ABpPfD9R68Pk9O2XC0Q94TAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUSc7nQYMFcG2GPjVE9R4TlLbX4eMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NjN25RWU1GY0cyR1Bq
VkU5UjRUbExiWDRlTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADfttnBvKfJNVZmV
6QmguZDiNezbIaJ+iOPX62R9cqk+2ZvL6qABii2+P1NTeRrFBU/uCHvJg7YH0V6c
9V4IO9Efr8tAwLdDIIpN2nLYvFFH25Hgu7TAKRX+QboIckAj4pkpmLsTq2bSw0v9
UCPoHEf31GSquac18q8+W6tAELiuItcRRdWRnUgBoqqW3T2VQ+izPken9kzZDf7t
C0+a+1Wt3s1mkQue2uLD52vC9oJxxRUG8dHUW8P8gGQ0a6xqzC94bHLMVEM04fgc
jX5Esl9H6iVYKy0v/ANblilwyEo5kT9nnJ8+tNl1P4R62rftnc3q4Vl4tEDD1aY0
KtKZuIQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:26 2024 by rpki-client on console-fra.rpki-client.org