Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/h-IxedyYHkXj29V_BBY5swKy4uc.roa
File: h-IxedyYHkXj29V_BBY5swKy4uc.roa (raw, json)
Hash identifier: mhSmSzLh1hj/XnBSWSqX2MDq167jTGT0zF34+jJwavU=
Subject key identifier: 87:E2:31:79:DC:98:1E:45:E3:DB:D5:7F:04:16:39:B3:02:B2:E2:E7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5699
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/h-IxedyYHkXj29V_BBY5swKy4uc.roa
Signing time: Tue 14 May 2024 01:24:13 +0000
ROA not before: Tue 14 May 2024 01:24:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22169 (0x5699)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 01:24:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=87E23179DC981E45E3DBD57F041639B302B2E2E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a1:17:67:de:07:be:a6:e5:a0:c9:b8:7f:e6:
8c:18:ad:08:d2:0d:53:db:92:5e:b9:74:a6:99:81:
5d:c2:f1:a4:0b:45:42:4e:d7:c5:56:3e:38:74:92:
a0:6e:b8:51:80:4a:ac:ce:9c:e7:29:f5:f7:10:e8:
39:67:ef:47:88:f4:2a:9e:37:1f:b5:c0:e9:37:ea:
2a:5c:a8:1d:36:41:3c:68:2e:3c:e4:f5:99:c2:c5:
9a:25:e9:71:fd:a3:cd:11:7b:75:41:69:1a:b2:9b:
af:1c:d3:c3:ab:83:74:35:6f:57:71:36:56:b5:4a:
19:b6:df:e3:54:f2:19:a5:ac:19:d4:94:f8:03:45:
0c:5a:e1:57:50:da:a7:ff:59:8d:12:07:eb:fa:4c:
92:01:09:8d:d3:4e:f5:f8:d1:31:41:14:8b:ab:3f:
1d:91:da:99:1d:55:ca:de:5f:7b:60:ba:9e:a3:b8:
4b:de:99:c8:e7:40:86:c0:97:c2:b8:e9:b0:17:46:
73:16:8d:ec:c3:89:11:4f:7f:c1:c4:3c:fe:b1:76:
d4:5a:0b:cc:4c:2a:28:0a:ed:40:15:7f:68:9c:03:
9a:34:f3:47:bc:68:b9:a4:42:26:9f:31:df:de:14:
43:73:ed:9f:a7:15:26:61:64:5f:82:a8:43:f4:03:
4f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E2:31:79:DC:98:1E:45:E3:DB:D5:7F:04:16:39:B3:02:B2:E2:E7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/h-IxedyYHkXj29V_BBY5swKy4uc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
51:99:bc:95:4d:ef:bc:2f:39:7a:98:de:6d:d9:e0:8c:53:27:
09:0e:99:29:b0:90:b1:a4:9c:08:41:c1:42:8b:b7:ae:dc:87:
1b:5e:ec:aa:3b:66:7a:b5:49:30:ff:9a:f5:71:fa:a4:e2:45:
83:b4:fa:0c:ad:ef:35:01:a9:34:fb:55:25:51:1c:c1:e0:ff:
63:d1:7c:9c:e8:e6:62:ec:24:58:f3:99:4f:26:21:70:f3:89:
47:d0:e5:57:41:83:50:9f:33:b2:eb:9c:05:a3:5f:5d:24:60:
02:a6:a5:a6:1c:ca:ed:f7:e4:1b:f9:a2:56:a0:67:4f:c0:b9:
10:f0:74:3a:83:d0:88:db:fd:63:2c:4a:34:1b:99:f7:40:75:
1b:df:50:43:e8:3c:6d:47:4b:a8:7a:86:48:c4:65:e9:f9:dc:
71:f5:52:54:c3:86:18:41:c6:bf:48:5e:b0:be:02:8c:fe:0a:
76:83:26:3a:2c:c0:17:90:5d:a7:85:bf:83:81:27:1e:8e:32:
b2:0c:b4:65:1b:78:f0:f2:5d:a3:0d:22:d4:ba:0a:25:04:97:
1e:5e:8f:76:76:4b:1a:11:eb:43:61:95:85:08:06:19:03:53:
37:93:a0:1f:80:54:0e:a8:73:b5:81:d1:5b:5b:5c:da:77:c2:
d9:63:6e:e3
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVpkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQw
MTI0MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg3RTIzMTc5REM5ODFF
NDVFM0RCRDU3RjA0MTYzOUIzMDJCMkUyRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOoRdn3ge+puWgybh/5owYrQjSDVPbkl65dKaZgV3C8aQLRUJO
18VWPjh0kqBuuFGASqzOnOcp9fcQ6Dln70eI9CqeNx+1wOk36ipcqB02QTxoLjzk
9ZnCxZol6XH9o80Re3VBaRqym68c08Org3Q1b1dxNla1Shm23+NU8hmlrBnUlPgD
RQxa4VdQ2qf/WY0SB+v6TJIBCY3TTvX40TFBFIurPx2R2pkdVcreX3tgup6juEve
mcjnQIbAl8K46bAXRnMWjezDiRFPf8HEPP6xdtRaC8xMKigK7UAVf2icA5o080e8
aLmkQiafMd/eFENz7Z+nFSZhZF+CqEP0A0/jAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUh+IxedyYHkXj29V/BBY5swKy4ucwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2gtSXhlZHlZSGtYajI5
Vl9CQlk1c3dLeTR1Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFGZvJVN77wvOXqY
3m3Z4IxTJwkOmSmwkLGknAhBwUKLt67chxte7Ko7Znq1STD/mvVx+qTiRYO0+gyt
7zUBqTT7VSVRHMHg/2PRfJzo5mLsJFjzmU8mIXDziUfQ5VdBg1CfM7LrnAWjX10k
YAKmpaYcyu335Bv5olagZ0/AuRDwdDqD0Ijb/WMsSjQbmfdAdRvfUEPoPG1HS6h6
hkjEZen53HH1UlTDhhhBxr9IXrC+Aoz+CnaDJjoswBeQXaeFv4OBJx6OMrIMtGUb
ePDyXaMNItS6CiUElx5ej3Z2SxoR60NhlYUIBhkDUzeToB+AVA6oc7WB0VtbXNp3
wtljbuM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:01 2024 by rpki-client on console-ams.rpki-client.org