Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Xtw9cw-2-osyRhIt14Z9r-VIhn0.roa
File: Xtw9cw-2-osyRhIt14Z9r-VIhn0.roa (raw, json)
Hash identifier: /vbg82Mbq7y3Kv+EfSSNKNFtU2VLlX60AmRTjRNsFmI=
Subject key identifier: 5E:DC:3D:73:0F:B6:FA:8B:32:46:12:2D:D7:86:7D:AF:E5:48:86:7D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35AD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Xtw9cw-2-osyRhIt14Z9r-VIhn0.roa
Signing time: Sun 31 Mar 2024 03:52:15 +0000
ROA not before: Sun 31 Mar 2024 03:52:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13741 (0x35ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 03:52:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5EDC3D730FB6FA8B3246122DD7867DAFE548867D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a9:50:d4:68:a8:23:9c:76:f7:02:cf:4a:72:
b3:57:da:63:44:4c:2c:50:1d:ae:08:0b:d4:11:f0:
e4:2f:59:09:7d:64:64:43:08:ea:9e:27:a1:46:24:
6e:94:e5:37:67:5b:63:99:db:7e:ba:af:67:ef:17:
15:e4:7c:9b:13:48:e7:da:be:67:d2:45:fa:12:d2:
93:22:ed:70:e2:1e:a7:e5:91:b6:4e:e0:65:1a:f1:
ee:9b:61:78:a2:82:fe:46:b3:8c:71:cb:42:99:2b:
17:15:8f:87:a9:7e:2d:b8:eb:10:54:98:30:99:fb:
a2:b1:8a:aa:00:71:0c:43:d0:f2:ed:cd:bd:bb:2a:
dd:ff:d6:7c:b6:de:76:de:81:f4:1e:34:8a:b6:b4:
9d:62:ce:6e:32:9a:b0:ce:73:1a:2e:2e:e9:c3:4e:
7a:e1:28:13:cc:d8:b5:ec:ea:ee:a1:c6:84:d3:90:
e4:43:7e:3f:64:1c:a2:7f:b5:78:db:1f:33:1f:31:
c5:90:20:13:75:69:1a:d6:db:6d:45:67:df:c5:4c:
ad:7a:66:62:1f:4b:e2:72:c5:9f:f7:fa:c4:1a:8a:
54:b2:5b:ee:18:50:dc:9e:08:a0:06:fa:80:a0:36:
60:f8:1f:6f:49:6a:a6:97:54:7a:61:90:70:a9:fa:
50:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:DC:3D:73:0F:B6:FA:8B:32:46:12:2D:D7:86:7D:AF:E5:48:86:7D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Xtw9cw-2-osyRhIt14Z9r-VIhn0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
bb:22:91:1b:a4:f4:21:9d:c2:16:51:04:30:00:40:ca:1b:bd:
90:fd:df:9d:8b:9b:0a:cb:5e:16:e1:f2:31:16:87:1f:60:6f:
f7:5a:5d:6f:52:f3:13:63:c5:49:46:1b:73:fe:c6:e8:09:dd:
e4:5f:d1:e1:e8:31:90:28:c3:f9:68:17:c8:e3:90:9a:de:3f:
79:4c:a9:5f:92:6d:04:b7:9e:07:5b:0f:3c:43:ec:9f:cc:8c:
67:8d:72:6b:4d:91:87:cf:9b:3a:73:52:1a:dd:42:d8:7e:67:
37:56:eb:10:0f:65:59:21:e2:d9:66:46:39:0c:d4:f1:ee:e2:
9e:b1:7a:a3:9c:1d:03:3f:a8:5d:b1:69:c6:de:e1:c6:cc:f7:
22:68:ff:5f:15:80:b5:46:21:31:fc:a0:84:8e:21:72:f3:a9:
76:86:c8:30:c1:87:5a:32:a3:de:b6:e4:05:46:e7:48:1f:1c:
38:54:d3:3a:5c:bd:0d:ad:8f:4a:64:23:10:3c:0f:1e:41:92:
68:1a:1b:0f:b6:a8:81:05:e8:6a:be:c7:e1:83:44:a1:a7:cf:
ce:29:08:44:68:76:5b:d1:e7:fd:6a:55:30:a9:c6:0b:4a:af:
bc:74:35:f0:c4:c8:bb:51:c7:c5:3c:a1:77:3b:60:cc:5c:52:
34:95:e0:d8
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNa0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
MzUyMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVFREMzRDczMEZCNkZB
OEIzMjQ2MTIyREQ3ODY3REFGRTU0ODg2N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmqVDUaKgjnHb3As9KcrNX2mNETCxQHa4IC9QR8OQvWQl9ZGRD
COqeJ6FGJG6U5TdnW2OZ2366r2fvFxXkfJsTSOfavmfSRfoS0pMi7XDiHqflkbZO
4GUa8e6bYXiigv5Gs4xxy0KZKxcVj4epfi246xBUmDCZ+6KxiqoAcQxD0PLtzb27
Kt3/1ny23nbegfQeNIq2tJ1izm4ymrDOcxouLunDTnrhKBPM2LXs6u6hxoTTkORD
fj9kHKJ/tXjbHzMfMcWQIBN1aRrW221FZ9/FTK16ZmIfS+JyxZ/3+sQailSyW+4Y
UNyeCKAG+oCgNmD4H29JaqaXVHphkHCp+lA3AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUXtw9cw+2+osyRhIt14Z9r+VIhn0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1h0dzljdy0yLW9zeVJo
SXQxNFo5ci1WSWhuMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALsikRuk9CGdwhZR
BDAAQMobvZD9352LmwrLXhbh8jEWhx9gb/daXW9S8xNjxUlGG3P+xugJ3eRf0eHo
MZAow/loF8jjkJreP3lMqV+SbQS3ngdbDzxD7J/MjGeNcmtNkYfPmzpzUhrdQth+
ZzdW6xAPZVkh4tlmRjkM1PHu4p6xeqOcHQM/qF2xacbe4cbM9yJo/18VgLVGITH8
oISOIXLzqXaGyDDBh1oyo9625AVG50gfHDhU0zpcvQ2tj0pkIxA8Dx5BkmgaGw+2
qIEF6Gq+x+GDRKGnz84pCERodlvR5/1qVTCpxgtKr7x0NfDEyLtRx8U8oXc7YMxc
UjSV4Ng=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:31 2024 by rpki-client on console-fra.rpki-client.org