Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ctBI5Aqkw34-kVfkJwucHtXK8sU.roa
File: ctBI5Aqkw34-kVfkJwucHtXK8sU.roa (raw, json)
Hash identifier: LNmZ1C1pOo3K0AQirxChoHx0zSvSY9DO7VMB8CyB6TI=
Subject key identifier: 72:D0:48:E4:0A:A4:C3:7E:3E:91:57:E4:27:0B:9C:1E:D5:CA:F2:C5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5389
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ctBI5Aqkw34-kVfkJwucHtXK8sU.roa
Signing time: Thu 09 May 2024 23:23:58 +0000
ROA not before: Thu 09 May 2024 23:23:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21385 (0x5389)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 23:23:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=72D048E40AA4C37E3E9157E4270B9C1ED5CAF2C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3f:0f:44:9f:e5:4c:c6:14:58:ac:30:f4:06:
f3:9d:b3:7a:8f:06:16:30:37:85:a9:0d:97:eb:68:
06:4c:86:ee:f3:8c:ee:f2:b5:98:78:27:a0:05:81:
20:1c:f9:f0:f9:2d:00:d5:48:59:5c:26:83:5e:41:
ee:3b:c4:d6:ed:9e:49:e1:56:89:4e:1e:a8:64:cb:
54:a1:54:5e:44:43:41:e8:2d:bb:45:c8:f1:c1:72:
2e:c7:f8:af:4b:87:86:f9:3d:7e:2d:04:34:2c:27:
16:bf:57:90:cf:f6:37:d8:c2:da:e9:a4:13:dd:7a:
fc:c2:36:fe:80:76:ef:65:be:c0:7a:05:c9:0b:9b:
a6:1e:e3:b1:6b:7e:0d:6d:aa:e8:af:fb:0d:f9:29:
65:cb:21:1e:cf:18:bf:3e:b9:73:43:55:62:c8:11:
5a:1a:13:da:8b:60:17:8e:7c:1e:de:c9:32:61:1b:
e6:42:95:72:12:6c:a0:43:ac:bf:53:0b:7f:af:2c:
87:cc:63:cc:3c:f0:37:4a:eb:7d:83:f1:25:25:c4:
11:18:64:c1:e6:93:b0:8c:73:ed:e8:aa:1c:49:ce:
53:20:c9:db:d3:37:32:56:fc:07:c9:cd:8b:fd:92:
03:ba:c6:cc:d1:db:fb:db:db:35:ef:21:e1:3b:da:
e7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D0:48:E4:0A:A4:C3:7E:3E:91:57:E4:27:0B:9C:1E:D5:CA:F2:C5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ctBI5Aqkw34-kVfkJwucHtXK8sU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
00:67:2a:78:02:a3:f2:d5:6d:b5:e6:96:0c:e1:fd:f6:a1:01:
ca:b6:e5:3f:cf:15:cf:d0:93:52:d7:b7:9a:2f:1c:22:5c:0b:
66:52:5b:bc:6e:04:af:e6:c8:48:2d:c6:92:05:e6:d8:83:82:
65:7a:98:ae:fa:e2:0e:70:88:0a:7b:7c:7f:2d:11:7c:fa:7b:
8f:ed:86:d8:d8:a4:1c:48:53:f9:5a:f9:ea:06:99:68:67:59:
76:e9:26:6a:dd:9b:10:e0:47:c0:2e:b3:f5:ec:7e:4d:8b:36:
72:8e:47:85:18:20:e3:d9:32:35:39:95:5e:8d:69:1a:07:5d:
d3:b2:f5:65:70:31:05:62:7b:1f:c7:d5:4c:5b:88:63:e5:ba:
06:7d:45:50:5d:d3:2d:69:32:91:2d:88:3c:6a:2e:b4:f0:2b:
9e:df:d1:21:4f:46:55:58:7c:ed:f1:56:c5:e7:a5:b4:ed:3f:
b5:38:c1:51:f5:70:90:90:3b:8f:b1:0a:d2:97:07:b1:55:a9:
c3:4f:d6:6d:b4:64:33:4c:47:f3:b7:1a:61:6a:92:b6:a7:da:
3b:b8:60:ea:43:d1:da:e1:08:c2:80:91:44:4f:5c:9e:5f:96:
bb:39:d1:85:52:b1:00:a5:e3:72:27:e7:55:a4:26:c1:03:9e:
af:eb:d2:c0
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICU4kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDky
MzIzNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcyRDA0OEU0MEFBNEMz
N0UzRTkxNTdFNDI3MEI5QzFFRDVDQUYyQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxPw9En+VMxhRYrDD0BvOds3qPBhYwN4WpDZfraAZMhu7zjO7y
tZh4J6AFgSAc+fD5LQDVSFlcJoNeQe47xNbtnknhVolOHqhky1ShVF5EQ0HoLbtF
yPHBci7H+K9Lh4b5PX4tBDQsJxa/V5DP9jfYwtrppBPdevzCNv6Adu9lvsB6BckL
m6Ye47Frfg1tquiv+w35KWXLIR7PGL8+uXNDVWLIEVoaE9qLYBeOfB7eyTJhG+ZC
lXISbKBDrL9TC3+vLIfMY8w88DdK632D8SUlxBEYZMHmk7CMc+3oqhxJzlMgydvT
NzJW/AfJzYv9kgO6xszR2/vb2zXvIeE72ucZAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUctBI5Aqkw34+kVfkJwucHtXK8sUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2N0Qkk1QXFrdzM0LWtW
ZmtKd3VjSHRYSzhzVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAABnKngCo/LVbbXm
lgzh/fahAcq25T/PFc/Qk1LXt5ovHCJcC2ZSW7xuBK/myEgtxpIF5tiDgmV6mK76
4g5wiAp7fH8tEXz6e4/thtjYpBxIU/la+eoGmWhnWXbpJmrdmxDgR8Aus/Xsfk2L
NnKOR4UYIOPZMjU5lV6NaRoHXdOy9WVwMQViex/H1UxbiGPlugZ9RVBd0y1pMpEt
iDxqLrTwK57f0SFPRlVYfO3xVsXnpbTtP7U4wVH1cJCQO4+xCtKXB7FVqcNP1m20
ZDNMR/O3GmFqkran2ju4YOpD0drhCMKAkURPXJ5flrs50YVSsQCl43In51WkJsED
nq/r0sA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:36 2024 by rpki-client on console-fra.rpki-client.org