Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/cHVsvqKugMUJXoWk4_cs3FIxDRs.roa
File: cHVsvqKugMUJXoWk4_cs3FIxDRs.roa (raw, json)
Hash identifier: jJs6jW9mBryPcnzRLOAXKZtthQRlMkM1sQANOoBYSuo=
Subject key identifier: 70:75:6C:BE:A2:AE:80:C5:09:5E:85:A4:E3:F7:2C:DC:52:31:0D:1B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 52D5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cHVsvqKugMUJXoWk4_cs3FIxDRs.roa
Signing time: Thu 09 May 2024 00:54:07 +0000
ROA not before: Thu 09 May 2024 00:54:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21205 (0x52d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 00:54:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=70756CBEA2AE80C5095E85A4E3F72CDC52310D1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:79:3a:30:b4:0a:e7:d5:78:51:ed:50:9d:23:
ea:5b:5b:b6:fc:5d:2e:2f:a4:f5:98:6d:3e:38:04:
49:be:75:ed:e7:65:f3:e5:b6:88:8a:da:e3:f2:ba:
e0:f5:34:13:54:6b:6e:13:66:b4:83:60:29:9c:e7:
ad:39:e2:aa:a0:86:5a:6e:48:eb:4b:d3:29:b9:37:
fd:ea:67:9e:76:7d:31:3c:97:f3:da:84:ff:1e:0b:
d4:02:4f:f6:98:59:c7:fe:60:7a:bb:c4:27:e1:21:
e4:7c:2e:85:1d:27:8c:e0:f4:7d:e3:12:7e:3d:d3:
82:6f:c5:c8:c4:a1:2d:01:11:60:6b:00:05:45:4e:
20:8b:5b:08:e1:1a:0f:04:91:05:f0:f9:fd:15:57:
49:41:be:67:97:39:75:af:e8:71:be:59:a6:13:46:
5a:d3:b9:2b:93:79:da:5d:74:88:58:c2:a2:7e:88:
6a:13:71:e3:7e:8a:ab:c9:ee:f8:39:de:9a:b6:55:
35:3e:76:ef:31:10:9d:f2:33:a2:ca:e9:4a:c1:6c:
9d:bd:82:6f:41:69:f5:d7:f7:1c:61:d4:9a:b3:1a:
be:55:96:0c:24:52:71:0e:0c:d2:ec:51:62:ec:71:
88:6d:5f:99:c4:54:fd:02:5d:98:c9:3d:fb:5d:3b:
9b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:75:6C:BE:A2:AE:80:C5:09:5E:85:A4:E3:F7:2C:DC:52:31:0D:1B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cHVsvqKugMUJXoWk4_cs3FIxDRs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
49:6f:8b:ad:ff:2e:ab:d4:c2:16:1a:1c:2d:cc:bb:c1:cb:a8:
ce:d5:dc:08:43:a8:4b:20:8e:16:e6:36:d6:b5:e5:04:66:ff:
50:6a:bb:9b:3b:b7:24:01:f9:89:4d:b6:2e:12:4a:ca:d6:7a:
a1:e4:90:ab:f1:5b:da:88:39:ba:d2:7d:b5:82:55:10:04:79:
99:0a:16:29:c7:66:03:77:8e:63:1d:27:10:c2:5b:63:6e:1c:
97:cc:aa:71:53:5a:6f:34:51:20:2e:a4:ec:c3:24:c7:d1:a4:
36:9b:44:87:28:7d:c0:9b:87:5f:dd:1c:cb:88:c0:ab:80:c3:
4a:5c:37:1b:89:e5:ac:f4:48:14:2f:d3:45:94:3f:4d:58:43:
f7:02:53:61:38:43:bc:48:ea:07:0b:14:d6:7a:3b:c0:62:84:
49:5e:c0:33:69:c2:22:75:2b:50:c3:82:b9:29:dc:d1:1f:50:
12:f7:f0:8f:b0:95:22:66:75:72:ef:bd:69:84:f1:e0:90:7b:
11:04:21:5d:8a:c5:08:7a:59:0a:25:8d:25:c7:fd:1a:f7:35:
e5:16:e5:4a:93:b3:38:cd:bb:56:df:0e:7a:56:2e:1e:d3:d8:
a3:92:08:0f:32:10:d0:77:7a:27:00:9c:41:33:83:70:e3:59:
34:88:c4:5f
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUtUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkw
MDU0MDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcwNzU2Q0JFQTJBRTgw
QzUwOTVFODVBNEUzRjcyQ0RDNTIzMTBEMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpeTowtArn1XhR7VCdI+pbW7b8XS4vpPWYbT44BEm+de3nZfPl
toiK2uPyuuD1NBNUa24TZrSDYCmc56054qqghlpuSOtL0ym5N/3qZ552fTE8l/Pa
hP8eC9QCT/aYWcf+YHq7xCfhIeR8LoUdJ4zg9H3jEn4904JvxcjEoS0BEWBrAAVF
TiCLWwjhGg8EkQXw+f0VV0lBvmeXOXWv6HG+WaYTRlrTuSuTedpddIhYwqJ+iGoT
ceN+iqvJ7vg53pq2VTU+du8xEJ3yM6LK6UrBbJ29gm9BafXX9xxh1JqzGr5Vlgwk
UnEODNLsUWLscYhtX5nEVP0CXZjJPftdO5u1AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUcHVsvqKugMUJXoWk4/cs3FIxDRswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NIVnN2cUt1Z01VSlhv
V2s0X2NzM0ZJeERScy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAElvi63/LqvUwhYa
HC3Mu8HLqM7V3AhDqEsgjhbmNta15QRm/1Bqu5s7tyQB+YlNti4SSsrWeqHkkKvx
W9qIObrSfbWCVRAEeZkKFinHZgN3jmMdJxDCW2NuHJfMqnFTWm80USAupOzDJMfR
pDabRIcofcCbh1/dHMuIwKuAw0pcNxuJ5az0SBQv00WUP01YQ/cCU2E4Q7xI6gcL
FNZ6O8BihElewDNpwiJ1K1DDgrkp3NEfUBL38I+wlSJmdXLvvWmE8eCQexEEIV2K
xQh6WQoljSXH/Rr3NeUW5UqTszjNu1bfDnpWLh7T2KOSCA8yENB3eicAnEEzg3Dj
WTSIxF8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:55 2024 by rpki-client on console-ams.rpki-client.org