Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/s5w-GZi5mL8VLF9Gdp1S9y3zVpQ.roa
File: s5w-GZi5mL8VLF9Gdp1S9y3zVpQ.roa (raw, json)
Hash identifier: b2oEA7gQyzbYjZ3/fKi4jVb4f7ivWUDaFCBhh6yEG4c=
Subject key identifier: B3:9C:3E:19:98:B9:98:BF:15:2C:5F:46:76:9D:52:F7:2D:F3:56:94
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53E5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/s5w-GZi5mL8VLF9Gdp1S9y3zVpQ.roa
Signing time: Fri 10 May 2024 10:54:10 +0000
ROA not before: Fri 10 May 2024 10:54:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21477 (0x53e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 10:54:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B39C3E1998B998BF152C5F46769D52F72DF35694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:dc:da:af:a7:e8:a3:1a:58:9a:0b:fc:88:d6:
42:a6:ac:e0:ed:39:6f:7a:0f:ef:90:e1:db:22:d2:
f5:b0:b3:62:33:09:4a:c0:b8:a4:6a:2a:29:e6:9d:
8d:b0:96:91:76:91:17:e0:67:d8:08:f4:40:4e:0b:
85:2c:32:4b:f4:4a:16:08:8b:83:53:f7:20:6b:ed:
24:65:9b:bf:0c:4b:85:01:44:e0:0b:47:45:e3:23:
f8:21:5b:41:4f:3d:49:3c:e7:63:87:db:fa:c1:70:
04:2d:b3:cc:bb:0e:8c:ab:16:a6:b6:bb:d5:6e:2d:
58:cf:1f:c6:50:dc:b9:d9:19:91:a8:fa:04:3f:f9:
34:3d:3b:d5:2a:45:be:8a:a7:0a:b8:31:a4:9e:02:
e7:71:84:f0:89:c0:d2:b4:e2:99:9f:f7:72:6f:b9:
2f:97:dc:f7:fd:51:f6:1a:b3:5f:fe:4e:1e:cc:7a:
70:86:60:3a:04:39:61:ce:c2:dd:88:a7:dc:86:8e:
be:9e:d0:11:bb:9f:98:5f:09:8c:df:77:41:75:5b:
36:c2:6d:46:a4:af:c0:5a:ed:96:5b:76:46:ac:1d:
a2:42:35:68:b2:fe:85:e7:9a:9a:45:aa:10:ab:32:
a5:81:97:00:19:b4:e2:b1:bb:01:81:c9:3f:a3:1d:
7c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:9C:3E:19:98:B9:98:BF:15:2C:5F:46:76:9D:52:F7:2D:F3:56:94
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/s5w-GZi5mL8VLF9Gdp1S9y3zVpQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4f:23:4a:21:46:6e:aa:70:78:21:cd:07:83:23:25:b6:dc:6e:
22:72:9d:1f:b6:2a:c5:55:08:59:24:5d:b7:ed:3a:02:86:0f:
37:a3:08:aa:c1:1a:97:be:d2:cd:96:eb:cf:ee:a9:18:d0:0a:
0b:8b:b9:48:fa:97:8f:48:5b:f8:75:7d:40:eb:64:5c:ab:a9:
00:73:aa:74:84:6a:86:24:b5:ff:8c:09:fd:95:90:e2:db:46:
91:6c:7f:9c:d0:7c:0b:ab:1a:e1:fa:92:d8:16:7d:10:2e:af:
6c:4c:51:4c:b7:e9:d0:8d:68:d2:e3:89:f9:f5:d3:ab:07:9c:
9c:9c:d6:25:83:d8:ec:5e:e3:54:d4:d0:55:6f:92:17:c6:08:
27:8c:b5:c4:4a:bd:28:8c:c9:45:ea:ea:c1:4b:34:ab:9e:b1:
97:40:60:02:66:3c:d6:be:db:30:cb:5c:28:99:ba:90:4a:0e:
d4:14:9b:d9:72:de:55:3f:f2:ab:81:e4:af:b0:a6:2f:52:e7:
ca:8b:ee:14:34:0c:bf:a8:8d:61:91:f5:e1:46:92:8e:cf:d8:
b6:37:14:d8:56:ba:ea:25:ce:2a:ff:3a:cf:a9:b1:27:3c:6b:
73:54:05:fd:d3:55:6e:b7:72:7c:a6:25:42:3b:f8:cd:c6:ff:
5a:66:d8:ba
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICU+UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAx
MDU0MTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIzOUMzRTE5OThCOTk4
QkYxNTJDNUY0Njc2OUQ1MkY3MkRGMzU2OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDf3Nqvp+ijGliaC/yI1kKmrODtOW96D++Q4dsi0vWws2IzCUrA
uKRqKinmnY2wlpF2kRfgZ9gI9EBOC4UsMkv0ShYIi4NT9yBr7SRlm78MS4UBROAL
R0XjI/ghW0FPPUk852OH2/rBcAQts8y7DoyrFqa2u9VuLVjPH8ZQ3LnZGZGo+gQ/
+TQ9O9UqRb6Kpwq4MaSeAudxhPCJwNK04pmf93JvuS+X3Pf9UfYas1/+Th7MenCG
YDoEOWHOwt2Ip9yGjr6e0BG7n5hfCYzfd0F1WzbCbUakr8Ba7ZZbdkasHaJCNWiy
/oXnmppFqhCrMqWBlwAZtOKxuwGByT+jHXwfAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUs5w+GZi5mL8VLF9Gdp1S9y3zVpQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3M1dy1HWmk1bUw4VkxG
OUdkcDFTOXkzelZwUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAE8jSiFGbqpweCHN
B4MjJbbcbiJynR+2KsVVCFkkXbftOgKGDzejCKrBGpe+0s2W68/uqRjQCguLuUj6
l49IW/h1fUDrZFyrqQBzqnSEaoYktf+MCf2VkOLbRpFsf5zQfAurGuH6ktgWfRAu
r2xMUUy36dCNaNLjifn106sHnJyc1iWD2Oxe41TU0FVvkhfGCCeMtcRKvSiMyUXq
6sFLNKuesZdAYAJmPNa+2zDLXCiZupBKDtQUm9ly3lU/8quB5K+wpi9S58qL7hQ0
DL+ojWGR9eFGko7P2LY3FNhWuuolzir/Os+psSc8a3NUBf3TVW63cnymJUI7+M3G
/1pm2Lo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:14 2024 by rpki-client on console-ams.rpki-client.org