Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xavwg1bhLX6KzL3MS87FcWOoJPw.roa
File: xavwg1bhLX6KzL3MS87FcWOoJPw.roa (raw, json)
Hash identifier: ROahlMz2kvNgNyzmewonKJwE9DpaIi1fdCZVnR+SAn0=
Subject key identifier: C5:AB:F0:83:56:E1:2D:7E:8A:CC:BD:CC:4B:CE:C5:71:63:A8:24:FC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F89
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xavwg1bhLX6KzL3MS87FcWOoJPw.roa
Signing time: Sat 04 May 2024 15:23:49 +0000
ROA not before: Sat 04 May 2024 15:23:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20361 (0x4f89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 15:23:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C5ABF08356E12D7E8ACCBDCC4BCEC57163A824FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b4:c1:f7:60:fb:07:5e:cc:ba:eb:cd:cb:01:
e3:82:c3:a4:22:bd:56:bc:df:48:7d:bf:a0:e6:37:
cb:ff:b0:3f:ba:c7:cd:85:da:e0:b7:61:d0:4b:9e:
d3:5a:72:e3:24:a6:51:88:24:f4:9e:16:85:48:be:
be:e1:ef:92:67:e8:9d:b7:a1:52:65:d5:f1:c9:fd:
dc:5f:cc:b7:68:7d:53:ef:c6:36:0a:c2:0b:4a:a6:
6e:f5:c1:f8:fb:52:53:57:a5:25:e2:28:74:2c:77:
59:29:74:56:b2:b1:99:ab:c5:a1:a2:a0:1e:25:c2:
ae:77:dc:10:b1:11:a1:de:7d:5c:68:5a:e5:be:c5:
47:d0:d8:6d:b5:5e:b9:58:c7:5c:99:ed:30:36:18:
78:a8:7a:b6:1a:7a:49:6d:36:02:a6:dc:a0:1d:d8:
d8:a1:6c:cf:a1:ac:e7:9d:dc:64:17:e8:b1:42:09:
fa:e8:b2:48:cf:d4:c9:53:d1:a9:51:58:c3:06:c5:
4f:87:a6:78:20:2a:bc:1c:c3:d8:37:b2:d7:ad:d8:
0d:39:92:12:a0:65:41:9d:65:44:2d:1d:8a:8a:1e:
55:c1:82:34:07:46:83:50:97:06:d3:74:2e:4f:1d:
40:2f:77:9b:14:0c:aa:0c:f3:20:67:20:c1:b6:2d:
63:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:AB:F0:83:56:E1:2D:7E:8A:CC:BD:CC:4B:CE:C5:71:63:A8:24:FC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xavwg1bhLX6KzL3MS87FcWOoJPw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
73:89:d9:13:93:28:e1:4b:07:3c:f8:41:db:74:90:cf:e2:2c:
8e:a4:e7:1d:d1:e1:a8:21:56:f8:3c:f1:5c:10:f7:ab:d8:fa:
1e:31:14:28:68:2e:92:d9:d3:2a:6d:7d:5d:2b:fc:68:cb:16:
46:29:e7:04:71:ce:29:38:f1:dc:d7:ac:b1:11:e4:b5:de:f6:
b1:49:8e:a6:97:a1:38:23:07:44:40:4f:df:e2:b3:62:78:fa:
27:6f:24:21:a9:a3:a7:0f:c2:9c:bb:aa:33:5e:ab:aa:32:d3:
38:0b:8f:ff:38:1f:70:a4:a8:04:48:53:60:64:58:ff:66:73:
05:a0:92:d7:e6:36:ed:88:48:d4:67:aa:58:f3:23:ca:09:f9:
09:e9:e7:64:c8:ed:05:7b:3c:88:35:af:a0:f2:07:21:1b:b6:
51:6b:e4:97:1f:61:b7:7e:ec:c0:84:64:09:21:c0:6b:5b:ab:
35:a4:b3:6e:66:cd:39:31:16:25:95:e5:92:cf:eb:79:96:cc:
1e:27:14:e7:f1:3b:93:5a:03:03:e8:60:fb:ff:cd:ff:0b:74:
16:f3:12:13:de:98:49:b4:8c:f4:a7:4d:8c:47:fc:df:6c:37:
08:6c:e6:ae:45:2e:dc:9a:80:5a:67:5b:59:a8:74:7c:66:0b:
45:0d:1c:8b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICT4kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQx
NTIzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM1QUJGMDgzNTZFMTJE
N0U4QUNDQkRDQzRCQ0VDNTcxNjNBODI0RkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDatMH3YPsHXsy6683LAeOCw6QivVa830h9v6DmN8v/sD+6x82F
2uC3YdBLntNacuMkplGIJPSeFoVIvr7h75Jn6J23oVJl1fHJ/dxfzLdofVPvxjYK
wgtKpm71wfj7UlNXpSXiKHQsd1kpdFaysZmrxaGioB4lwq533BCxEaHefVxoWuW+
xUfQ2G21XrlYx1yZ7TA2GHioerYaekltNgKm3KAd2NihbM+hrOed3GQX6LFCCfro
skjP1MlT0alRWMMGxU+HpnggKrwcw9g3stet2A05khKgZUGdZUQtHYqKHlXBgjQH
RoNQlwbTdC5PHUAvd5sUDKoM8yBnIMG2LWPvAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUxavwg1bhLX6KzL3MS87FcWOoJPwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hhdndnMWJoTFg2S3pM
M01TODdGY1dPb0pQdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHOJ2ROTKOFLBzz4
Qdt0kM/iLI6k5x3R4aghVvg88VwQ96vY+h4xFChoLpLZ0yptfV0r/GjLFkYp5wRx
zik48dzXrLER5LXe9rFJjqaXoTgjB0RAT9/is2J4+idvJCGpo6cPwpy7qjNeq6oy
0zgLj/84H3CkqARIU2BkWP9mcwWgktfmNu2ISNRnqljzI8oJ+Qnp52TI7QV7PIg1
r6DyByEbtlFr5JcfYbd+7MCEZAkhwGtbqzWks25mzTkxFiWV5ZLP63mWzB4nFOfx
O5NaAwPoYPv/zf8LdBbzEhPemEm0jPSnTYxH/N9sNwhs5q5FLtyagFpnW1modHxm
C0UNHIs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:20 2024 by rpki-client on console-ams.rpki-client.org