Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/nhwgQaU985RfMTiH_1b5xbPwCKg.roa
File: nhwgQaU985RfMTiH_1b5xbPwCKg.roa (raw, json)
Hash identifier: TtUG0e3ASAtzUeETPE+fwDjR4g5jbARfkvXhZLtrPNU=
Subject key identifier: 9E:1C:20:41:A5:3D:F3:94:5F:31:38:87:FF:56:F9:C5:B3:F0:08:A8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5245
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nhwgQaU985RfMTiH_1b5xbPwCKg.roa
Signing time: Wed 08 May 2024 06:53:56 +0000
ROA not before: Wed 08 May 2024 06:53:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21061 (0x5245)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 06:53:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9E1C2041A53DF3945F313887FF56F9C5B3F008A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:80:9d:28:e2:a4:36:ce:b8:cc:41:27:b1:54:
ef:9e:22:2a:4d:c4:2f:b0:11:2a:36:00:9a:5e:79:
cb:24:6f:40:d5:be:06:da:fd:46:e3:af:18:da:5c:
0f:5e:66:b2:56:47:08:f5:72:a3:48:54:e2:8a:89:
5f:31:ac:77:76:3f:bc:04:9d:01:fc:28:ce:37:3b:
71:32:04:e5:27:75:42:2c:f9:53:43:63:3d:43:0d:
ca:59:ca:52:29:00:52:31:58:07:3b:c0:3d:06:8f:
e3:46:ea:c4:5c:48:f0:9a:6e:94:4e:4f:e7:a8:18:
3e:c2:11:f6:e4:80:3f:84:56:c3:bc:a1:cf:89:d6:
37:ec:cd:f3:36:65:d5:9b:1d:67:f4:40:d6:6a:e9:
c1:c7:f5:3b:4d:6c:f6:0a:72:55:29:c1:8b:60:20:
22:40:36:a7:d0:69:1d:e1:e7:0c:5a:4d:46:ef:79:
6a:25:0e:fb:21:cd:cc:5b:71:ea:76:99:41:38:78:
d4:ed:12:a0:15:36:08:b1:3c:f0:e0:cf:90:cd:04:
f1:d8:13:52:3b:98:30:da:26:3d:6f:98:0f:5b:de:
80:9d:00:9a:69:d6:54:d8:39:25:cc:6c:7d:b1:59:
eb:3d:8b:ed:db:47:ee:b5:8a:00:a6:ac:95:f2:b4:
9e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1C:20:41:A5:3D:F3:94:5F:31:38:87:FF:56:F9:C5:B3:F0:08:A8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nhwgQaU985RfMTiH_1b5xbPwCKg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
60:aa:f9:a5:98:28:f9:32:fe:5e:f1:0d:c9:ca:00:58:d6:7f:
2a:ab:e2:d3:37:40:9e:8c:56:3d:af:b5:f5:ee:d5:8b:d8:78:
48:9d:95:60:da:2c:77:b7:1f:6a:69:c4:d2:75:e6:e4:71:82:
7f:ff:8d:bc:f2:7d:5d:ff:b6:8a:0c:e2:4a:eb:4d:de:60:64:
56:53:4b:10:f4:09:d0:91:7a:38:fc:5d:c4:20:44:f4:28:cc:
7e:f5:b8:d2:a8:b2:1d:53:f7:a8:aa:8a:a7:86:65:91:c9:1c:
ac:7b:88:3c:34:16:9a:17:bb:52:16:8b:67:db:eb:bf:2c:d0:
4a:37:77:ed:17:b9:d6:ec:0d:78:a2:fb:9b:0a:ec:0c:68:3f:
61:0b:ed:46:fd:c8:7e:6d:95:4f:21:6f:8f:aa:e8:e3:65:4b:
e9:ec:d2:62:93:c2:c5:23:bd:e4:68:0f:18:74:5b:bb:4f:5e:
65:a2:10:14:82:f4:ef:6f:ae:ea:fa:c7:7b:e9:7e:55:d3:05:
05:9a:4d:e0:22:f3:fe:78:0c:b8:9d:c7:fc:68:04:b8:ff:4d:
3f:45:53:57:93:15:2f:ee:e7:7b:0b:23:ba:18:8c:9d:21:b6:
e5:a8:7c:94:81:fb:30:ee:85:bb:dd:bf:26:52:24:c8:54:7e:
7a:9d:de:0b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUkUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgw
NjUzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlFMUMyMDQxQTUzREYz
OTQ1RjMxMzg4N0ZGNTZGOUM1QjNGMDA4QTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGgJ0o4qQ2zrjMQSexVO+eIipNxC+wESo2AJpeecskb0DVvgba
/UbjrxjaXA9eZrJWRwj1cqNIVOKKiV8xrHd2P7wEnQH8KM43O3EyBOUndUIs+VND
Yz1DDcpZylIpAFIxWAc7wD0Gj+NG6sRcSPCabpROT+eoGD7CEfbkgD+EVsO8oc+J
1jfszfM2ZdWbHWf0QNZq6cHH9TtNbPYKclUpwYtgICJANqfQaR3h5wxaTUbveWol
Dvshzcxbcep2mUE4eNTtEqAVNgixPPDgz5DNBPHYE1I7mDDaJj1vmA9b3oCdAJpp
1lTYOSXMbH2xWes9i+3bR+61igCmrJXytJ6NAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUnhwgQaU985RfMTiH/1b5xbPwCKgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25od2dRYVU5ODVSZk1U
aUhfMWI1eGJQd0NLZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGCq+aWYKPky/l7x
DcnKAFjWfyqr4tM3QJ6MVj2vtfXu1YvYeEidlWDaLHe3H2ppxNJ15uRxgn//jbzy
fV3/tooM4krrTd5gZFZTSxD0CdCRejj8XcQgRPQozH71uNKosh1T96iqiqeGZZHJ
HKx7iDw0FpoXu1IWi2fb678s0Eo3d+0XudbsDXii+5sK7AxoP2EL7Ub9yH5tlU8h
b4+q6ONlS+ns0mKTwsUjveRoDxh0W7tPXmWiEBSC9O9vrur6x3vpflXTBQWaTeAi
8/54DLidx/xoBLj/TT9FU1eTFS/u53sLI7oYjJ0htuWofJSB+zDuhbvdvyZSJMhU
fnqd3gs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:09 2024 by rpki-client on console-ams.rpki-client.org