Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/nE5GhLGs2THElN5XboWivfYwBD8.roa
File: nE5GhLGs2THElN5XboWivfYwBD8.roa (raw, json)
Hash identifier: CV+8z5TcYMaS3/hZtJ0Dn5GqbN0TVeGfXZH+89Ln+x0=
Subject key identifier: 9C:4E:46:84:B1:AC:D9:31:C4:94:DE:57:6E:85:A2:BD:F6:30:04:3F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4435
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nE5GhLGs2THElN5XboWivfYwBD8.roa
Signing time: Fri 19 Apr 2024 12:53:02 +0000
ROA not before: Fri 19 Apr 2024 12:53:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17461 (0x4435)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 12:53:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9C4E4684B1ACD931C494DE576E85A2BDF630043F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b0:5e:22:0e:fb:06:43:5e:03:fc:75:69:3e:
73:46:2c:e8:94:4f:87:34:79:2c:2e:47:1e:bb:ce:
7b:1a:bd:66:04:75:46:30:b9:fc:db:a7:87:e3:cb:
33:f0:49:d5:c4:ef:19:31:76:e4:fc:66:d8:2e:2e:
50:bd:ca:40:6f:68:03:62:25:70:d0:bb:19:c4:5a:
79:17:46:14:6c:b2:68:ed:c5:ab:40:03:36:ea:fc:
d9:48:b5:6b:97:fa:da:c9:1d:0c:96:2c:e0:29:d3:
74:66:df:aa:0c:d6:df:05:0f:62:98:25:97:f0:97:
44:9d:5e:df:39:75:b4:eb:63:29:3a:15:9a:93:ad:
c5:76:d5:79:98:0e:07:10:63:91:d4:97:c2:c0:15:
2e:f7:a5:a3:6d:cc:e8:20:9c:5c:c0:60:ed:c3:e7:
cd:2b:cc:c8:6a:39:ce:bb:f0:13:23:c9:2e:fc:d1:
ac:d7:90:8e:b7:b2:38:71:52:ac:7e:27:a2:48:25:
d5:0e:34:a9:60:f4:d8:30:60:a0:38:59:f3:df:a1:
10:71:aa:90:99:7a:3a:b9:2f:21:5d:6f:6a:f7:86:
38:f0:a0:a9:e9:18:65:48:a6:18:71:a0:47:75:69:
c2:ee:dd:6d:9a:cc:c1:29:b2:da:cf:2b:af:d1:fe:
2a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4E:46:84:B1:AC:D9:31:C4:94:DE:57:6E:85:A2:BD:F6:30:04:3F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nE5GhLGs2THElN5XboWivfYwBD8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
04:a5:03:6a:42:51:bc:60:26:c6:d2:59:d2:fc:01:cc:fc:7d:
64:55:c9:ae:98:65:53:2a:cf:59:e2:0c:24:8b:2c:57:62:ae:
e6:cc:b4:fc:24:ca:e0:f0:4d:00:a6:f0:41:78:7a:f2:94:55:
e4:32:71:4d:d9:ea:f1:1b:cb:2a:96:12:f3:7a:da:63:bc:8e:
49:d9:36:44:18:b5:94:b5:d1:78:b5:ae:e8:62:08:96:1e:69:
7f:c8:7b:5f:a4:9a:af:4e:25:52:bc:f4:ff:3a:85:a9:b8:ba:
43:f4:55:ca:53:d8:ce:7b:0b:27:93:6a:f1:43:bf:6d:d7:fe:
fb:52:e3:52:88:6c:64:b0:6d:49:37:45:15:ea:3c:4f:e6:5f:
dc:87:18:f8:83:b3:b9:dc:ad:31:f5:ec:26:43:09:c2:d9:67:
5e:cd:af:82:fe:60:ab:4d:65:6c:97:2a:7f:28:c6:12:6c:e2:
17:06:f1:d2:f6:85:cf:e6:3f:98:b4:66:f7:f8:1e:4a:bb:3c:
e4:e2:c9:ce:57:c2:49:94:ec:e1:50:fe:31:17:22:3e:ea:22:
dc:74:b6:12:86:74:86:41:48:0e:a9:7b:cc:66:b1:ec:cc:14:
91:2c:a2:a1:1b:ac:4d:fa:35:79:01:aa:d1:07:be:c1:1d:15:
60:2d:02:06
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRDUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkx
MjUzMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlDNEU0Njg0QjFBQ0Q5
MzFDNDk0REU1NzZFODVBMkJERjYzMDA0M0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcsF4iDvsGQ14D/HVpPnNGLOiUT4c0eSwuRx67znsavWYEdUYw
ufzbp4fjyzPwSdXE7xkxduT8ZtguLlC9ykBvaANiJXDQuxnEWnkXRhRssmjtxatA
Azbq/NlItWuX+trJHQyWLOAp03Rm36oM1t8FD2KYJZfwl0SdXt85dbTrYyk6FZqT
rcV21XmYDgcQY5HUl8LAFS73paNtzOggnFzAYO3D580rzMhqOc678BMjyS780azX
kI63sjhxUqx+J6JIJdUONKlg9NgwYKA4WfPfoRBxqpCZejq5LyFdb2r3hjjwoKnp
GGVIphhxoEd1acLu3W2azMEpstrPK6/R/ipFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUnE5GhLGs2THElN5XboWivfYwBD8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25FNUdoTEdzMlRIRWxO
NVhib1dpdmZZd0JEOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAASlA2pCUbxgJsbS
WdL8Acz8fWRVya6YZVMqz1niDCSLLFdirubMtPwkyuDwTQCm8EF4evKUVeQycU3Z
6vEbyyqWEvN62mO8jknZNkQYtZS10Xi1ruhiCJYeaX/Ie1+kmq9OJVK89P86ham4
ukP0VcpT2M57CyeTavFDv23X/vtS41KIbGSwbUk3RRXqPE/mX9yHGPiDs7ncrTH1
7CZDCcLZZ17Nr4L+YKtNZWyXKn8oxhJs4hcG8dL2hc/mP5i0Zvf4Hkq7POTiyc5X
wkmU7OFQ/jEXIj7qItx0thKGdIZBSA6pe8xmsezMFJEsoqEbrE36NXkBqtEHvsEd
FWAtAgY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:45 2024 by rpki-client on console-fra.rpki-client.org