Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mWqm2nemAmZpp-UFe1SY5teNcII.roa
File: mWqm2nemAmZpp-UFe1SY5teNcII.roa (raw, json)
Hash identifier: FG6OnKyyPiu6v+ictDFKRaM4HRo0zufRURoxebGceOI=
Subject key identifier: 99:6A:A6:DA:77:A6:02:66:69:A7:E5:05:7B:54:98:E6:D7:8D:70:82
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 55C5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mWqm2nemAmZpp-UFe1SY5teNcII.roa
Signing time: Sun 12 May 2024 22:54:10 +0000
ROA not before: Sun 12 May 2024 22:54:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21957 (0x55c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 22:54:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=996AA6DA77A6026669A7E5057B5498E6D78D7082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:8e:53:dc:a8:ce:59:9f:06:77:fb:f2:bb:14:
6a:49:80:45:fe:a0:9a:eb:23:8f:ad:65:96:b4:cb:
ef:cb:36:55:c8:e1:be:a6:be:d5:9e:ea:5a:77:15:
ae:a9:e3:3b:26:77:75:00:ee:7a:0f:ee:60:ef:a1:
83:0c:55:fd:7c:fb:54:da:a8:01:76:3f:6f:95:9c:
16:48:98:19:c5:9b:cc:09:b0:7b:97:42:e8:d4:e6:
1f:54:77:9d:65:1d:5c:c7:c4:94:5c:18:f1:2a:78:
1a:cd:7e:47:47:5e:39:ac:55:d6:61:c9:b0:07:d6:
82:bd:b4:98:12:f1:8d:41:2a:91:a5:56:4d:1c:c2:
e7:fc:99:be:53:b9:29:cf:1d:47:22:eb:1a:40:44:
e8:b4:21:f8:20:00:26:18:6e:7e:53:8f:9d:c7:9d:
7d:41:bd:29:9b:3e:d0:0d:97:b9:3a:6f:36:c2:00:
6b:3f:22:7b:d7:e8:69:73:8b:a4:94:1d:16:a6:b5:
6c:ad:d3:cc:e7:88:86:0d:c1:54:e9:68:f1:85:48:
a3:54:90:0f:e5:c0:67:a1:f6:10:65:14:0c:81:dd:
e4:fa:a3:ff:75:a2:70:25:42:d0:0a:9a:07:ae:73:
bc:a5:d4:97:7b:0b:6d:84:3c:cc:d7:a0:43:fa:a2:
d6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:6A:A6:DA:77:A6:02:66:69:A7:E5:05:7B:54:98:E6:D7:8D:70:82
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mWqm2nemAmZpp-UFe1SY5teNcII.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
75:6d:db:39:21:e8:41:39:bd:58:2b:ca:5e:47:09:f4:9f:3d:
0f:c5:35:ec:65:c3:73:4a:28:02:d1:34:01:f7:73:e0:6c:00:
62:0b:7e:3a:ae:1d:9b:d9:fc:04:a1:fe:92:78:e8:7b:a4:bf:
33:b6:fa:ca:7c:45:fd:ad:88:b2:10:63:9d:f6:84:b3:b7:fe:
ad:92:f6:96:0b:52:28:3b:32:28:a0:ed:5a:c0:fd:50:02:22:
d1:8c:0a:ca:d8:b9:3a:34:74:5e:f6:d7:51:9d:ad:17:f2:07:
2a:d2:bc:db:bc:4e:d3:d8:9f:7e:9f:7b:91:15:37:6a:bf:c7:
76:1c:64:60:b8:de:82:b3:60:4f:40:a9:f8:ab:f5:d1:c6:9e:
f3:99:d1:05:05:7d:42:7d:7d:7b:73:5c:7d:c5:dd:c3:1a:9a:
c1:6a:5f:7a:71:89:8a:ff:5c:86:13:77:49:d9:95:ee:db:de:
53:32:b2:7f:b7:c5:84:67:7f:5b:3c:3c:1d:4a:d1:17:7c:7f:
2d:59:04:70:49:e7:db:38:17:79:a4:9c:d5:a4:b0:b7:d4:95:
e2:92:46:7a:8d:96:6c:84:e1:7d:f2:a5:1f:ca:9d:ab:e4:c1:
b1:ed:74:00:1c:31:9f:5e:00:50:40:ad:69:5e:22:b6:2a:f2:
cd:a9:92:82
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVcUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIy
MjU0MTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk5NkFBNkRBNzdBNjAy
NjY2OUE3RTUwNTdCNTQ5OEU2RDc4RDcwODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzjlPcqM5ZnwZ3+/K7FGpJgEX+oJrrI4+tZZa0y+/LNlXI4b6m
vtWe6lp3Fa6p4zsmd3UA7noP7mDvoYMMVf18+1TaqAF2P2+VnBZImBnFm8wJsHuX
QujU5h9Ud51lHVzHxJRcGPEqeBrNfkdHXjmsVdZhybAH1oK9tJgS8Y1BKpGlVk0c
wuf8mb5TuSnPHUci6xpAROi0IfggACYYbn5Tj53HnX1BvSmbPtANl7k6bzbCAGs/
InvX6Glzi6SUHRamtWyt08zniIYNwVTpaPGFSKNUkA/lwGeh9hBlFAyB3eT6o/91
onAlQtAKmgeuc7yl1Jd7C22EPMzXoEP6otZXAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUmWqm2nemAmZpp+UFe1SY5teNcIIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21XcW0ybmVtQW1acHAt
VUZlMVNZNXRlTmNJSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHVt2zkh6EE5vVgr
yl5HCfSfPQ/FNexlw3NKKALRNAH3c+BsAGILfjquHZvZ/ASh/pJ46HukvzO2+sp8
Rf2tiLIQY532hLO3/q2S9pYLUig7Miig7VrA/VACItGMCsrYuTo0dF7211GdrRfy
ByrSvNu8TtPYn36fe5EVN2q/x3YcZGC43oKzYE9Aqfir9dHGnvOZ0QUFfUJ9fXtz
XH3F3cMamsFqX3pxiYr/XIYTd0nZle7b3lMysn+3xYRnf1s8PB1K0Rd8fy1ZBHBJ
59s4F3mknNWksLfUleKSRnqNlmyE4X3ypR/KnavkwbHtdAAcMZ9eAFBArWleIrYq
8s2pkoI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:07 2024 by rpki-client on console-ams.rpki-client.org