Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/htSzD6XQ5T95En56_eeSv2I6sq4.roa
File: htSzD6XQ5T95En56_eeSv2I6sq4.roa (raw, json)
Hash identifier: 9sWRamQCgnFjh/vM3mFTQ9KP3BPZhhU/N1hwxPDaVC0=
Subject key identifier: 86:D4:B3:0F:A5:D0:E5:3F:79:12:7E:7A:FD:E7:92:BF:62:3A:B2:AE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FE9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/htSzD6XQ5T95En56_eeSv2I6sq4.roa
Signing time: Sun 05 May 2024 03:23:48 +0000
ROA not before: Sun 05 May 2024 03:23:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20457 (0x4fe9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 03:23:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=86D4B30FA5D0E53F79127E7AFDE792BF623AB2AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ee:4a:f2:40:b2:89:03:81:4d:06:63:15:6d:
9e:c3:6e:d5:96:0a:14:6f:5c:d0:f5:57:73:e7:e3:
34:47:25:8d:ae:94:a5:bd:13:da:5e:df:f3:90:8a:
ca:61:01:00:e0:e0:e4:8a:c0:4b:c8:db:20:b7:cf:
67:d5:11:de:8d:1e:41:26:c4:79:8d:b1:f8:d3:b5:
f1:4a:2d:1e:ba:80:d3:ef:82:a4:98:d9:fd:63:89:
22:f6:d9:fa:81:44:d0:1c:5c:bc:19:aa:98:ad:e7:
91:5c:3a:e1:a3:0a:d0:e1:44:89:1c:a6:30:cc:08:
13:7d:49:c6:64:f0:e2:24:f4:39:9f:50:00:7e:d2:
80:1f:67:49:12:8d:2a:91:d8:4b:9b:a1:83:8f:3f:
b9:ad:df:d9:e8:85:a0:ce:15:ef:33:a3:b2:37:b7:
f5:99:a2:ec:0a:f1:34:db:fc:2d:b3:03:25:15:ce:
cd:fc:19:2f:d0:13:85:f8:a2:8c:cf:ab:b9:61:66:
99:42:e2:b0:f7:ce:9c:a1:41:d0:f4:7d:01:8c:d3:
5a:0c:98:b2:b6:bb:82:ba:d3:3f:76:97:26:72:95:
c8:8a:d0:17:d8:40:91:71:4e:af:bc:3b:57:83:9a:
2a:ab:e7:3c:09:84:5e:b2:fb:59:6c:a8:e9:6c:d7:
83:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D4:B3:0F:A5:D0:E5:3F:79:12:7E:7A:FD:E7:92:BF:62:3A:B2:AE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/htSzD6XQ5T95En56_eeSv2I6sq4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
72:e2:12:bf:4a:42:03:76:78:27:83:87:36:2a:2f:dd:03:3a:
91:62:52:94:97:d4:77:5f:db:66:61:5b:66:f0:08:ab:fc:87:
88:de:b4:86:72:c0:68:bb:69:9b:3a:20:f7:5f:7a:5c:1a:24:
a2:21:bd:3c:6a:a4:65:42:72:38:ae:a7:fa:17:fa:c7:82:69:
48:ef:9a:d4:a7:ac:9a:52:cd:89:8c:44:6f:b0:76:a2:e6:96:
ab:64:86:6c:c4:57:0a:c1:96:a6:07:7e:13:a9:86:78:24:a8:
42:f6:e4:81:74:e3:6f:b3:cc:78:41:f4:66:36:8a:35:42:6b:
57:09:15:73:b0:6f:67:5a:3a:09:20:3f:4a:2f:90:d4:7a:45:
67:17:f1:1e:76:7e:e0:b5:fe:69:e4:df:ee:d1:82:60:46:e2:
51:38:37:0f:05:d6:ce:bb:38:a5:76:e3:99:64:3c:10:ee:7e:
b0:57:92:1b:9b:b4:5a:20:e5:96:2d:59:c2:e8:49:f0:e0:49:
5b:f9:dc:a1:20:21:2f:34:b5:2b:d4:d5:01:f0:f6:84:eb:5f:
b3:9a:9c:07:0b:d8:ad:46:60:46:5d:c1:6b:ae:32:e9:e2:38:
68:71:c6:ab:c3:da:5d:43:b3:bb:21:0e:22:a3:25:41:7f:4d:
c4:9d:95:e9
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICT+kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUw
MzIzNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg2RDRCMzBGQTVEMEU1
M0Y3OTEyN0U3QUZERTc5MkJGNjIzQUIyQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/7kryQLKJA4FNBmMVbZ7DbtWWChRvXND1V3Pn4zRHJY2ulKW9
E9pe3/OQisphAQDg4OSKwEvI2yC3z2fVEd6NHkEmxHmNsfjTtfFKLR66gNPvgqSY
2f1jiSL22fqBRNAcXLwZqpit55FcOuGjCtDhRIkcpjDMCBN9ScZk8OIk9DmfUAB+
0oAfZ0kSjSqR2EuboYOPP7mt39nohaDOFe8zo7I3t/WZouwK8TTb/C2zAyUVzs38
GS/QE4X4oozPq7lhZplC4rD3zpyhQdD0fQGM01oMmLK2u4K60z92lyZylciK0BfY
QJFxTq+8O1eDmiqr5zwJhF6y+1lsqOls14OVAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUhtSzD6XQ5T95En56/eeSv2I6sq4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2h0U3pENlhRNVQ5NUVu
NTZfZWVTdjJJNnNxNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHLiEr9KQgN2eCeD
hzYqL90DOpFiUpSX1Hdf22ZhW2bwCKv8h4jetIZywGi7aZs6IPdfelwaJKIhvTxq
pGVCcjiup/oX+seCaUjvmtSnrJpSzYmMRG+wdqLmlqtkhmzEVwrBlqYHfhOphngk
qEL25IF042+zzHhB9GY2ijVCa1cJFXOwb2daOgkgP0ovkNR6RWcX8R52fuC1/mnk
3+7RgmBG4lE4Nw8F1s67OKV245lkPBDufrBXkhubtFog5ZYtWcLoSfDgSVv53KEg
IS80tSvU1QHw9oTrX7OanAcL2K1GYEZdwWuuMuniOGhxxqvD2l1Ds7shDiKjJUF/
TcSdlek=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:41 2024 by rpki-client on console-fra.rpki-client.org