Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Ssm5HSqo5OkJiPcIhFYKFs-haes.roa
File: Ssm5HSqo5OkJiPcIhFYKFs-haes.roa (raw, json)
Hash identifier: Mu+NNHPVs8iIFoUi4uUiFiL+47YV1gs84Z5Dbsefu6c=
Subject key identifier: 4A:C9:B9:1D:2A:A8:E4:E9:09:88:F7:08:84:56:0A:16:CF:A1:69:EB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5019
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ssm5HSqo5OkJiPcIhFYKFs-haes.roa
Signing time: Sun 05 May 2024 09:23:49 +0000
ROA not before: Sun 05 May 2024 09:23:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20505 (0x5019)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 09:23:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4AC9B91D2AA8E4E90988F70884560A16CFA169EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f7:d1:e8:ec:24:7c:14:15:af:57:5f:59:a3:
92:e0:d8:54:c4:d6:8f:af:8b:23:05:6f:02:4f:e7:
3f:a5:c8:75:68:13:ce:6b:d9:e9:c0:d4:97:0f:8c:
c3:39:93:d4:8d:dc:1e:40:8d:cc:34:14:38:b9:5a:
b0:f1:61:55:6a:a9:9e:85:b5:ea:e3:8e:81:15:61:
95:77:73:c3:2d:70:a2:8c:28:5f:62:ee:15:7c:d6:
43:2d:df:eb:0a:47:4e:48:01:42:c6:16:ac:16:a1:
6e:39:8c:01:0b:a1:32:90:56:dc:90:48:b5:ed:bd:
9d:39:73:75:ad:23:b6:23:40:8a:6d:30:e1:02:4b:
e6:e8:88:0a:7d:93:fb:5b:81:22:21:59:5e:a8:4e:
8e:6a:94:c4:4e:10:79:d7:4a:ae:38:58:26:99:cd:
57:6a:5c:a8:f7:26:d1:e2:d8:3a:54:24:bf:1b:4a:
be:f2:52:35:6a:8e:c7:b0:51:b7:54:cd:02:5b:72:
c1:21:7b:b0:55:f6:3a:52:e1:3c:37:41:2f:cf:c9:
85:8d:a9:b6:4c:12:2f:e4:32:9a:80:ab:57:21:3d:
8e:a7:85:f0:8c:b1:44:17:40:b8:bb:12:c9:ff:d0:
8a:66:56:c5:c1:a1:d6:0a:f8:32:1c:03:52:4d:0d:
cf:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C9:B9:1D:2A:A8:E4:E9:09:88:F7:08:84:56:0A:16:CF:A1:69:EB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ssm5HSqo5OkJiPcIhFYKFs-haes.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4c:86:cb:19:94:c2:2f:f0:f7:67:a7:25:0f:97:7f:27:7c:35:
60:d2:9d:d1:8e:4f:26:cb:3f:7e:5a:63:0d:46:00:95:2b:ff:
b3:3d:91:5d:16:0a:99:fe:03:c6:98:ff:fb:95:91:fe:b4:0d:
5c:36:b6:f2:31:ad:45:96:d9:81:15:0e:5e:13:2b:de:da:1f:
c0:82:6d:8a:05:25:56:22:03:3f:92:28:be:88:0d:30:8b:36:
9d:cf:55:0f:0d:74:31:62:fc:59:b3:73:bc:dd:7d:20:3d:40:
d8:69:6a:52:3a:54:21:9b:ba:8d:53:31:09:da:f8:8a:bb:dc:
6e:66:2a:51:67:50:5d:7e:14:e1:ca:eb:8f:ea:ac:20:eb:f8:
73:a8:43:ab:24:a2:05:24:ce:d7:ed:3d:ef:27:9e:35:60:45:
98:4f:03:f7:13:f0:76:7c:44:f2:30:13:bc:e6:00:ee:4e:ac:
47:a8:36:b5:4f:d6:21:c8:05:0f:2c:97:57:4f:7b:81:93:58:
b9:9a:59:cb:1a:e8:a9:68:69:8d:ac:79:1b:b0:73:59:28:19:
00:a2:4f:bb:e4:bf:0d:51:0d:7f:53:8a:5b:ee:dd:68:3b:ce:
11:a2:44:06:db:31:e7:3e:b6:4f:e7:23:c3:5a:62:c3:47:c5:
99:fd:0c:89
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUBkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUw
OTIzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRBQzlCOTFEMkFBOEU0
RTkwOTg4RjcwODg0NTYwQTE2Q0ZBMTY5RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp99Ho7CR8FBWvV19Zo5Lg2FTE1o+viyMFbwJP5z+lyHVoE85r
2enA1JcPjMM5k9SN3B5Ajcw0FDi5WrDxYVVqqZ6FterjjoEVYZV3c8MtcKKMKF9i
7hV81kMt3+sKR05IAULGFqwWoW45jAELoTKQVtyQSLXtvZ05c3WtI7YjQIptMOEC
S+boiAp9k/tbgSIhWV6oTo5qlMROEHnXSq44WCaZzVdqXKj3JtHi2DpUJL8bSr7y
UjVqjsewUbdUzQJbcsEhe7BV9jpS4Tw3QS/PyYWNqbZMEi/kMpqAq1chPY6nhfCM
sUQXQLi7Esn/0IpmVsXBodYK+DIcA1JNDc/7AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUSsm5HSqo5OkJiPcIhFYKFs+haeswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NzbTVIU3FvNU9rSmlQ
Y0loRllLRnMtaGFlcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEyGyxmUwi/w92en
JQ+Xfyd8NWDSndGOTybLP35aYw1GAJUr/7M9kV0WCpn+A8aY//uVkf60DVw2tvIx
rUWW2YEVDl4TK97aH8CCbYoFJVYiAz+SKL6IDTCLNp3PVQ8NdDFi/Fmzc7zdfSA9
QNhpalI6VCGbuo1TMQna+Iq73G5mKlFnUF1+FOHK64/qrCDr+HOoQ6skogUkztft
Pe8nnjVgRZhPA/cT8HZ8RPIwE7zmAO5OrEeoNrVP1iHIBQ8sl1dPe4GTWLmaWcsa
6KloaY2seRuwc1koGQCiT7vkvw1RDX9Tilvu3Wg7zhGiRAbbMec+tk/nI8NaYsNH
xZn9DIk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:26 2024 by rpki-client on console-fra.rpki-client.org