Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/XPcbj5lzkv6ldDTAD2nbI6zkXDQ.roa
File: XPcbj5lzkv6ldDTAD2nbI6zkXDQ.roa (raw, json)
Hash identifier: sQlza1Rw9SRlrCQT68oN5suLbSpWf6a+sh11cb3rMNI=
Subject key identifier: 5C:F7:1B:8F:99:73:92:FE:A5:74:34:C0:0F:69:DB:23:AC:E4:5C:34
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4CB5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XPcbj5lzkv6ldDTAD2nbI6zkXDQ.roa
Signing time: Tue 30 Apr 2024 20:53:35 +0000
ROA not before: Tue 30 Apr 2024 20:53:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19637 (0x4cb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 30 20:53:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5CF71B8F997392FEA57434C00F69DB23ACE45C34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:29:54:89:63:da:2e:5f:23:36:a8:9f:b7:6c:
08:d0:18:da:41:91:54:50:4c:53:a9:07:19:74:c5:
11:43:72:8e:79:c4:b7:77:ec:b6:13:30:7d:1f:2f:
c3:20:cf:44:ea:e4:5a:94:70:72:ed:21:d8:f9:38:
a9:4d:ee:0b:22:55:2c:65:2c:02:23:28:4b:c7:cd:
51:0b:c1:f3:92:12:4b:51:e0:fd:7b:73:98:22:43:
0f:18:91:4c:82:54:b4:cc:02:a8:78:67:b2:75:ae:
57:a6:fa:09:7e:7f:d4:2c:a3:0e:bd:65:27:fe:4e:
63:62:f1:a5:16:f4:69:f1:e3:6f:6d:26:1c:0a:27:
2e:48:69:3c:2c:7c:34:4d:8e:2d:10:6c:55:20:60:
bc:6d:0e:f4:d5:91:29:7b:5d:4d:12:17:54:fd:a7:
0d:4c:1b:48:fa:8a:71:96:cb:9d:80:c1:b7:38:c6:
fc:4f:a0:b5:13:7d:63:d9:3b:ee:66:5f:6c:74:14:
6d:d4:4f:d9:68:49:7d:52:3b:23:ea:64:28:58:4d:
5f:74:b0:9e:de:09:87:94:f4:b2:09:8d:a2:38:91:
ac:20:73:e4:b4:13:22:ed:06:38:b5:2b:cb:c2:2f:
08:ec:62:b9:0c:73:19:be:9c:d0:04:b8:e6:df:a0:
1b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F7:1B:8F:99:73:92:FE:A5:74:34:C0:0F:69:DB:23:AC:E4:5C:34
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XPcbj5lzkv6ldDTAD2nbI6zkXDQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5c:04:c0:70:22:fd:2e:48:f0:ea:67:b5:eb:af:39:58:ca:a5:
80:26:be:05:c0:6e:34:69:05:2b:96:7f:ec:d9:d7:ec:86:a9:
98:57:33:cc:6b:6a:11:05:9d:fe:19:eb:cb:13:38:2a:32:1b:
77:81:2e:d6:b0:34:66:c4:69:64:e6:dd:24:3d:26:49:7c:4b:
63:ff:29:81:fd:12:e0:4b:dc:d7:fb:2c:63:bf:a5:70:21:26:
12:ac:07:08:96:38:d1:82:d8:11:db:5b:c5:ef:be:28:04:cb:
0c:99:b1:30:d5:a0:b8:67:04:23:3e:2f:57:be:98:9a:ce:73:
db:91:a1:5f:fa:a4:d8:a0:5b:e1:da:a8:27:fd:c1:a1:cc:bb:
14:ab:7b:87:1c:5d:6d:ab:2e:ed:a0:94:b7:8a:8e:5a:a6:e0:
4b:1e:80:31:45:fc:d1:ef:02:54:39:a2:12:74:d4:e7:86:34:
28:ef:74:d6:9f:de:26:fd:0f:4a:9a:c8:cd:7f:ea:3d:af:8a:
55:1d:9f:ea:db:32:04:96:95:c2:7f:42:6b:ff:2e:3c:ec:cc:
bc:64:d7:ee:45:c5:d2:39:7a:15:62:77:d0:00:23:6f:c7:e1:
e9:ac:68:ec:2e:83:a0:51:e6:a0:fc:ac:9a:e4:4a:00:9b:40:
c7:e7:46:03
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTLUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MzAy
MDUzMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVDRjcxQjhGOTk3Mzky
RkVBNTc0MzRDMDBGNjlEQjIzQUNFNDVDMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPKVSJY9ouXyM2qJ+3bAjQGNpBkVRQTFOpBxl0xRFDco55xLd3
7LYTMH0fL8Mgz0Tq5FqUcHLtIdj5OKlN7gsiVSxlLAIjKEvHzVELwfOSEktR4P17
c5giQw8YkUyCVLTMAqh4Z7J1rlem+gl+f9Qsow69ZSf+TmNi8aUW9Gnx429tJhwK
Jy5IaTwsfDRNji0QbFUgYLxtDvTVkSl7XU0SF1T9pw1MG0j6inGWy52Awbc4xvxP
oLUTfWPZO+5mX2x0FG3UT9loSX1SOyPqZChYTV90sJ7eCYeU9LIJjaI4kawgc+S0
EyLtBji1K8vCLwjsYrkMcxm+nNAEuObfoBtRAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUXPcbj5lzkv6ldDTAD2nbI6zkXDQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1hQY2JqNWx6a3Y2bGRE
VEFEMm5iSTZ6a1hEUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFwEwHAi/S5I8Opn
teuvOVjKpYAmvgXAbjRpBSuWf+zZ1+yGqZhXM8xrahEFnf4Z68sTOCoyG3eBLtaw
NGbEaWTm3SQ9Jkl8S2P/KYH9EuBL3Nf7LGO/pXAhJhKsBwiWONGC2BHbW8XvvigE
ywyZsTDVoLhnBCM+L1e+mJrOc9uRoV/6pNigW+HaqCf9waHMuxSre4ccXW2rLu2g
lLeKjlqm4EsegDFF/NHvAlQ5ohJ01OeGNCjvdNaf3ib9D0qayM1/6j2vilUdn+rb
MgSWlcJ/Qmv/LjzszLxk1+5FxdI5ehVid9AAI2/H4emsaOwug6BR5qD8rJrkSgCb
QMfnRgM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:30 2024 by rpki-client on console-fra.rpki-client.org