Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xSWX6cUKxvwJW0g7f15_67XMUsY.roa
File: xSWX6cUKxvwJW0g7f15_67XMUsY.roa (raw, json)
Hash identifier: BKjhM7rDeji2ib9IvPSDgU0qw+BDbizXAMfdbkwdeNA=
Subject key identifier: C5:25:97:E9:C5:0A:C6:FC:09:5B:48:3B:7F:5E:7F:EB:B5:CC:52:C6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3969
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xSWX6cUKxvwJW0g7f15_67XMUsY.roa
Signing time: Fri 05 Apr 2024 03:22:24 +0000
ROA not before: Fri 05 Apr 2024 03:22:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14697 (0x3969)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 03:22:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C52597E9C50AC6FC095B483B7F5E7FEBB5CC52C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:97:d1:87:f3:f3:a0:6f:f5:10:fc:a2:1c:83:
09:1d:eb:11:6d:63:ea:7f:11:a7:b4:2c:fc:13:8b:
db:bd:3f:6d:7b:65:7b:81:a4:37:7f:f1:fd:1f:97:
5b:b4:af:9a:62:9e:c2:e3:6e:b1:b0:17:41:c2:5b:
a1:ab:22:42:38:a1:50:bd:c5:d1:e2:e8:28:7a:8e:
29:28:70:c6:69:11:e0:54:4e:76:50:88:63:4a:a9:
ee:6c:d4:98:f6:90:06:42:13:2f:ec:58:85:4b:4b:
6d:1d:a1:d6:02:66:35:34:a9:58:5e:3e:74:95:2c:
29:8f:0e:17:b7:6f:95:02:b7:ee:5e:05:42:6a:67:
01:90:21:b7:05:a0:37:d6:f5:6a:d5:d9:4f:eb:9f:
32:5c:60:f1:9d:06:82:f2:b7:86:e3:0a:65:49:6d:
2d:62:da:a2:36:08:9a:ce:9f:50:23:b9:42:62:1f:
65:33:c6:8c:6a:9a:1d:df:6c:ba:20:b7:20:f0:ce:
77:e6:c9:05:34:89:24:40:e1:37:b0:31:e8:60:4f:
50:69:b7:81:58:ea:47:1f:6d:02:22:fe:c2:f2:8b:
f9:d0:35:33:0c:63:e2:06:09:8a:c8:57:7d:37:73:
b9:d3:49:eb:35:a4:86:c0:e4:61:44:89:2e:83:c6:
6e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:25:97:E9:C5:0A:C6:FC:09:5B:48:3B:7F:5E:7F:EB:B5:CC:52:C6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xSWX6cUKxvwJW0g7f15_67XMUsY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
57:7f:f2:6a:75:da:65:f9:33:2c:d1:8c:57:63:71:a6:3b:7f:
c8:67:f2:c1:e0:73:b6:2a:3e:73:41:13:6d:a6:c9:71:61:be:
4f:51:57:10:8c:8e:cf:af:ab:f1:ed:41:bb:ad:ac:77:38:a1:
9a:04:8a:6a:5f:9b:35:1b:8b:85:41:0f:10:ae:28:0d:83:f2:
3f:eb:2a:55:a0:13:1d:3a:f8:61:ca:88:dd:11:1d:b8:a0:fc:
b1:65:e6:ed:29:bf:9a:eb:86:2b:71:34:25:3b:b3:c1:0d:e1:
dd:39:29:10:38:c2:d4:c4:fa:37:1f:8a:56:e0:ad:bb:55:6e:
ad:5c:8c:b9:d1:84:42:cb:31:a6:e4:3a:85:2a:1d:ff:a8:8d:
79:c8:5b:1e:59:25:ad:7e:a2:85:6c:75:a7:36:39:15:91:c1:
55:61:03:73:ea:ef:1d:a6:08:b2:b9:d4:7f:05:15:e3:62:ed:
6e:2a:e5:d8:8a:6d:3f:9f:d1:27:f6:1a:4d:fb:1d:77:44:6b:
bb:e7:5a:e4:a5:df:7c:9c:43:ae:b3:9c:b4:32:09:c7:db:72:
ad:d0:0b:c0:53:0b:90:41:42:6e:27:80:32:a0:45:59:a0:a2:
75:3a:62:d9:ad:bf:65:57:bc:a3:ba:60:69:13:de:ae:a4:42:
45:6b:34:e8
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOWkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUw
MzIyMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM1MjU5N0U5QzUwQUM2
RkMwOTVCNDgzQjdGNUU3RkVCQjVDQzUyQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCel9GH8/Ogb/UQ/KIcgwkd6xFtY+p/Eae0LPwTi9u9P217ZXuB
pDd/8f0fl1u0r5pinsLjbrGwF0HCW6GrIkI4oVC9xdHi6Ch6jikocMZpEeBUTnZQ
iGNKqe5s1Jj2kAZCEy/sWIVLS20dodYCZjU0qVhePnSVLCmPDhe3b5UCt+5eBUJq
ZwGQIbcFoDfW9WrV2U/rnzJcYPGdBoLyt4bjCmVJbS1i2qI2CJrOn1AjuUJiH2Uz
xoxqmh3fbLogtyDwznfmyQU0iSRA4TewMehgT1Bpt4FY6kcfbQIi/sLyi/nQNTMM
Y+IGCYrIV303c7nTSes1pIbA5GFEiS6Dxm6XAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUxSWX6cUKxvwJW0g7f15/67XMUsYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hTV1g2Y1VLeHZ3Slcw
ZzdmMTVfNjdYTVVzWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFd/8mp12mX5MyzR
jFdjcaY7f8hn8sHgc7YqPnNBE22myXFhvk9RVxCMjs+vq/HtQbutrHc4oZoEimpf
mzUbi4VBDxCuKA2D8j/rKlWgEx06+GHKiN0RHbig/LFl5u0pv5rrhitxNCU7s8EN
4d05KRA4wtTE+jcfilbgrbtVbq1cjLnRhELLMabkOoUqHf+ojXnIWx5ZJa1+ooVs
dac2ORWRwVVhA3Pq7x2mCLK51H8FFeNi7W4q5diKbT+f0Sf2Gk37HXdEa7vnWuSl
33ycQ66znLQyCcfbcq3QC8BTC5BBQm4ngDKgRVmgonU6Ytmtv2VXvKO6YGkT3q6k
QkVrNOg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:19 2024 by rpki-client on console-ams.rpki-client.org