Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/XtOPjJwDKolwmf33ec1be2TyVuc.roa
File: XtOPjJwDKolwmf33ec1be2TyVuc.roa (raw, json)
Hash identifier: SxlWfUZIVRUW4kacKsY1gecA5w2Vcrr0eZ2GLKZGiQI=
Subject key identifier: 5E:D3:8F:8C:9C:03:2A:89:70:99:FD:F7:79:CD:5B:7B:64:F2:56:E7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41D1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XtOPjJwDKolwmf33ec1be2TyVuc.roa
Signing time: Tue 16 Apr 2024 08:22:57 +0000
ROA not before: Tue 16 Apr 2024 08:22:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16849 (0x41d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 08:22:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5ED38F8C9C032A897099FDF779CD5B7B64F256E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:20:8c:5e:9e:e3:12:e3:04:02:3e:f9:29:9d:
8a:9c:14:b2:bc:70:ac:88:e7:80:24:fb:b6:d1:37:
68:60:97:31:a1:74:9c:99:6f:d1:d3:65:07:38:14:
b2:00:37:8b:e4:7a:26:c5:af:36:e7:f7:f3:0d:c2:
a3:03:24:48:9a:66:fd:0c:ea:ba:98:d5:3b:bb:04:
84:22:33:65:e0:bb:ec:ff:07:a4:bc:45:79:cc:31:
0d:0d:cd:f1:dd:48:c3:d7:3b:95:11:f3:43:74:18:
87:e9:e0:a7:f2:d9:ca:cc:e8:81:c8:2e:f6:f5:e0:
88:c8:7b:4b:a3:ec:cd:0a:47:2f:4f:44:ae:2c:87:
da:5d:01:64:be:4a:4d:c8:66:85:c5:38:c7:ec:47:
da:8a:11:1f:07:b1:91:b6:39:57:7d:3b:e9:ae:15:
2f:74:8f:63:c2:4c:b8:73:67:1a:63:98:58:a3:34:
d5:d9:bb:7c:5f:8a:fb:67:fe:8e:56:15:e0:71:0b:
54:06:a2:9e:09:c1:3b:7a:de:73:69:9f:c5:71:b2:
6d:70:6e:b6:ca:8a:e2:ae:d9:81:14:de:5b:78:92:
96:a4:32:8f:ef:33:6d:d2:44:fd:3a:d9:09:05:87:
0f:1a:69:95:f6:a5:95:d0:c6:5f:59:85:69:17:66:
44:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D3:8F:8C:9C:03:2A:89:70:99:FD:F7:79:CD:5B:7B:64:F2:56:E7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XtOPjJwDKolwmf33ec1be2TyVuc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
95:71:fb:43:ad:32:5c:60:af:54:75:f5:f6:d0:a2:1b:41:26:
e4:69:16:cf:a0:3d:bc:50:1e:69:25:df:93:d7:dc:b6:38:90:
06:78:7e:7b:5e:14:85:69:05:aa:b7:74:fb:99:56:52:5e:48:
e4:7a:37:53:4c:1f:86:c1:ca:06:9f:96:00:32:c1:37:05:69:
8c:5c:c5:44:bb:82:17:f4:46:72:cb:2c:2e:7e:ac:72:02:5a:
9b:3e:d4:3e:7b:cb:46:ff:21:25:dc:00:9f:e5:7d:04:73:ed:
26:81:dd:f5:d0:04:0a:f9:05:79:1f:30:de:2c:4a:d2:bc:c5:
a3:82:50:e1:b3:aa:cd:79:c5:28:90:19:19:4f:d5:8a:1b:d3:
96:a9:ae:65:88:65:83:57:af:38:b6:8d:68:f7:bf:6f:ae:ed:
3c:96:c8:fd:3d:bf:cb:00:dd:ba:55:34:70:2d:77:92:0c:7d:
99:45:a2:8a:18:00:73:63:56:d7:72:34:64:d0:05:95:2e:67:
ba:6a:8c:ce:24:67:c2:1f:21:09:ab:9a:59:f6:20:83:a3:f2:
06:0a:89:f9:cb:f4:e1:a3:11:88:a2:67:91:48:44:c5:b3:d6:
6c:d3:77:f6:52:82:c0:9f:d6:92:01:a3:4a:25:51:2f:67:73:
7c:72:05:3c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQdEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
ODIyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVFRDM4RjhDOUMwMzJB
ODk3MDk5RkRGNzc5Q0Q1QjdCNjRGMjU2RTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9IIxenuMS4wQCPvkpnYqcFLK8cKyI54Ak+7bRN2hglzGhdJyZ
b9HTZQc4FLIAN4vkeibFrzbn9/MNwqMDJEiaZv0M6rqY1Tu7BIQiM2Xgu+z/B6S8
RXnMMQ0NzfHdSMPXO5UR80N0GIfp4Kfy2crM6IHILvb14IjIe0uj7M0KRy9PRK4s
h9pdAWS+Sk3IZoXFOMfsR9qKER8HsZG2OVd9O+muFS90j2PCTLhzZxpjmFijNNXZ
u3xfivtn/o5WFeBxC1QGop4JwTt63nNpn8Vxsm1wbrbKiuKu2YEU3lt4kpakMo/v
M23SRP062QkFhw8aaZX2pZXQxl9ZhWkXZkTbAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUXtOPjJwDKolwmf33ec1be2TyVucwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1h0T1BqSndES29sd21m
MzNlYzFiZTJUeVZ1Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJVx+0OtMlxgr1R1
9fbQohtBJuRpFs+gPbxQHmkl35PX3LY4kAZ4fnteFIVpBaq3dPuZVlJeSOR6N1NM
H4bBygaflgAywTcFaYxcxUS7ghf0RnLLLC5+rHICWps+1D57y0b/ISXcAJ/lfQRz
7SaB3fXQBAr5BXkfMN4sStK8xaOCUOGzqs15xSiQGRlP1Yob05aprmWIZYNXrzi2
jWj3v2+u7TyWyP09v8sA3bpVNHAtd5IMfZlFoooYAHNjVtdyNGTQBZUuZ7pqjM4k
Z8IfIQmrmln2IIOj8gYKifnL9OGjEYiiZ5FIRMWz1mzTd/ZSgsCf1pIBo0olUS9n
c3xyBTw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:31 2024 by rpki-client on console-fra.rpki-client.org