Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/r5AcC05n5QDyBKxln-lhkJ69as4.roa
File: r5AcC05n5QDyBKxln-lhkJ69as4.roa (raw, json)
Hash identifier: nT6rewqnX1hoMOC250G1wwfO5HgFoZ1VU7VDAAzPuds=
Subject key identifier: AF:90:1C:0B:4E:67:E5:00:F2:04:AC:65:9F:E9:61:90:9E:BD:6A:CE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34C9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/r5AcC05n5QDyBKxln-lhkJ69as4.roa
Signing time: Fri 29 Mar 2024 23:22:07 +0000
ROA not before: Fri 29 Mar 2024 23:22:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13513 (0x34c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 23:22:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AF901C0B4E67E500F204AC659FE961909EBD6ACE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ad:d1:f2:9d:49:f3:8c:9e:9f:8d:13:8a:85:
be:bb:d6:db:ad:e2:81:97:d8:c6:2e:52:c6:4c:c1:
f6:3b:da:0f:ed:ff:9e:d3:5c:26:67:e0:76:d6:a8:
1f:ca:20:97:37:cc:82:1a:f2:5d:08:f0:30:70:ec:
eb:2a:52:e6:54:50:fd:f0:ef:bb:9c:4c:c5:b0:d4:
2b:cf:be:3d:d2:e0:c6:1f:37:24:45:14:5f:89:4f:
14:83:1e:7d:d4:94:fc:2a:65:14:56:5a:3c:1d:b3:
30:6d:45:e8:0f:03:08:be:b1:33:07:a1:5f:05:72:
93:27:e2:b9:40:52:c6:6a:a7:ff:fc:df:37:4e:3e:
f2:aa:96:e0:a4:53:16:f6:cf:3f:a9:f7:c4:a2:cb:
00:92:4c:6c:6e:c3:ae:d9:bb:ee:61:c2:e4:74:5a:
9e:27:53:3d:44:ee:f7:de:3a:cd:62:95:5b:4f:ad:
39:d2:04:19:d1:75:79:80:f6:7e:9d:fc:9e:3a:a1:
85:57:71:67:6a:dd:5e:fe:ef:00:0d:54:08:d1:84:
fa:f7:41:83:e8:b5:eb:28:f2:64:24:d6:6f:07:f5:
de:34:74:43:de:1a:d0:0f:b9:a1:82:61:f0:12:cd:
2f:d3:8c:e3:d9:08:53:98:7e:93:0d:39:c4:59:d0:
df:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:90:1C:0B:4E:67:E5:00:F2:04:AC:65:9F:E9:61:90:9E:BD:6A:CE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/r5AcC05n5QDyBKxln-lhkJ69as4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b0:6d:76:00:10:5c:4f:85:8c:1b:8e:cd:07:ae:39:a9:97:28:
6b:fd:a7:de:c7:0b:c8:c3:a4:07:14:23:1e:cc:d8:eb:66:46:
9c:43:1c:2d:29:9e:a6:7a:29:47:67:44:6a:d5:f8:32:71:61:
ab:3c:87:2b:8b:33:96:7d:e4:cf:0d:21:50:b2:67:0b:9b:4c:
e6:ba:c3:d8:50:c4:73:22:d8:1a:db:01:4e:38:79:3a:65:58:
b4:fb:ff:62:81:fe:c4:9d:2d:27:b1:1a:ee:2f:fb:a6:a6:9c:
e7:58:70:99:ac:b1:fc:c9:d3:fe:ac:2b:24:d6:8f:cd:7b:1b:
73:b1:6c:90:d7:5d:57:a1:5d:68:f4:47:c6:e6:65:e8:3a:0f:
48:1d:fd:a9:8d:80:e6:d7:af:20:31:17:4e:1e:e8:b4:f3:e8:
26:4a:2f:2d:80:62:ef:79:56:d4:0f:de:1b:c2:1e:0c:19:12:
7a:fe:46:43:d2:48:c4:b2:f9:04:a2:c3:7a:ca:be:ce:28:5e:
d2:12:f8:7e:b4:68:c1:7a:c3:53:b7:30:fe:c8:2d:99:8b:03:
e0:64:1c:11:0b:aa:47:c3:11:0b:d5:f8:47:a4:44:63:94:8a:
bc:30:af:2b:c4:2b:ce:34:b8:c7:a3:ea:b9:85:ae:40:d6:50:
3f:96:33:ba
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNMkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjky
MzIyMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFGOTAxQzBCNEU2N0U1
MDBGMjA0QUM2NTlGRTk2MTkwOUVCRDZBQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1rdHynUnzjJ6fjROKhb671tut4oGX2MYuUsZMwfY72g/t/57T
XCZn4HbWqB/KIJc3zIIa8l0I8DBw7OsqUuZUUP3w77ucTMWw1CvPvj3S4MYfNyRF
FF+JTxSDHn3UlPwqZRRWWjwdszBtRegPAwi+sTMHoV8FcpMn4rlAUsZqp//83zdO
PvKqluCkUxb2zz+p98SiywCSTGxuw67Zu+5hwuR0Wp4nUz1E7vfeOs1ilVtPrTnS
BBnRdXmA9n6d/J46oYVXcWdq3V7+7wANVAjRhPr3QYPoteso8mQk1m8H9d40dEPe
GtAPuaGCYfASzS/TjOPZCFOYfpMNOcRZ0N8ZAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUr5AcC05n5QDyBKxln+lhkJ69as4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3I1QWNDMDVuNVFEeUJL
eGxuLWxoa0o2OWFzNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALBtdgAQXE+FjBuO
zQeuOamXKGv9p97HC8jDpAcUIx7M2OtmRpxDHC0pnqZ6KUdnRGrV+DJxYas8hyuL
M5Z95M8NIVCyZwubTOa6w9hQxHMi2BrbAU44eTplWLT7/2KB/sSdLSexGu4v+6am
nOdYcJmssfzJ0/6sKyTWj817G3OxbJDXXVehXWj0R8bmZeg6D0gd/amNgObXryAx
F04e6LTz6CZKLy2AYu95VtQP3hvCHgwZEnr+RkPSSMSy+QSiw3rKvs4oXtIS+H60
aMF6w1O3MP7ILZmLA+BkHBELqkfDEQvV+EekRGOUirwwryvEK840uMej6rmFrkDW
UD+WM7o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:49 2024 by rpki-client on console-fra.rpki-client.org