Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0ejLRVlWlNpq7tWbjS0CVIxT5RM.roa
File: 0ejLRVlWlNpq7tWbjS0CVIxT5RM.roa (raw, json)
Hash identifier: nP4LcC+7DPWGe1jm/jiqJVg0NbqFWR/8R0HJogt44W0=
Subject key identifier: D1:E8:CB:45:59:56:94:DA:6A:EE:D5:9B:8D:2D:02:54:8C:53:E5:13
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3315
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0ejLRVlWlNpq7tWbjS0CVIxT5RM.roa
Signing time: Wed 27 Mar 2024 16:52:10 +0000
ROA not before: Wed 27 Mar 2024 16:52:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13077 (0x3315)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 16:52:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D1E8CB45595694DA6AEED59B8D2D02548C53E513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:07:03:2a:f2:2a:f6:8d:e6:7f:30:df:c9:47:
39:f4:80:24:2d:a5:e5:7f:e4:50:86:96:e1:52:af:
42:34:4d:d5:cb:24:84:16:d3:d9:66:f2:8d:e9:1f:
06:43:4d:ff:94:78:9e:07:6c:ad:1c:27:98:da:ba:
7b:b2:44:8a:fd:ea:d5:67:e9:0c:8b:74:06:b0:0e:
34:e5:e4:7f:25:c8:d0:2c:3d:2f:cc:bd:53:aa:e0:
f0:05:92:db:6f:a7:9d:1f:91:bc:95:b5:6a:47:b0:
5f:77:6a:6f:03:d0:9d:a6:07:16:64:3b:2a:f7:f2:
02:ba:84:4e:df:25:a1:6c:a4:72:aa:45:5a:5e:73:
5e:24:e5:7e:65:81:79:f7:e1:a5:6d:8c:aa:af:9f:
b9:29:32:43:ce:70:bd:a6:b8:62:d7:23:74:3d:d1:
9f:5b:a5:8e:93:3a:2f:77:ec:de:67:d4:f1:db:5a:
44:2b:b4:7e:f2:cc:e4:53:c0:7c:e2:e2:c4:8c:bf:
3e:fe:86:ba:28:43:6c:a1:e6:f2:1e:da:d8:83:7f:
07:df:2b:30:c8:2f:bd:d8:69:99:6d:78:17:e7:5d:
90:41:86:c7:8f:e6:d3:31:a7:da:ee:6a:4d:a6:70:
ad:93:e4:09:b1:57:a0:5b:b5:08:50:0f:59:2a:f9:
24:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:E8:CB:45:59:56:94:DA:6A:EE:D5:9B:8D:2D:02:54:8C:53:E5:13
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0ejLRVlWlNpq7tWbjS0CVIxT5RM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
aa:43:dd:6e:35:b4:ee:26:21:06:a7:12:a4:a1:09:ee:70:77:
34:f6:86:73:eb:9c:2f:a9:c2:c9:15:12:b0:02:a6:e3:62:8c:
8e:d7:67:d9:07:d6:79:0a:44:6f:79:9d:75:52:09:de:47:03:
b8:64:27:8d:22:21:e8:4c:db:d5:f6:73:57:ce:b8:5a:6a:6b:
73:2e:ca:5d:06:35:c2:da:94:50:74:ec:06:52:7c:df:f1:b5:
4c:c2:11:07:fd:bf:b5:b0:a6:d4:3c:dd:9a:4f:76:86:43:fe:
a5:db:50:74:e7:61:aa:71:58:1e:47:9d:22:df:5c:98:4d:69:
03:2a:76:9f:15:00:56:b7:64:c6:28:07:39:23:b5:b1:3a:62:
5f:ca:02:75:bc:90:b4:66:77:58:97:c2:24:57:6a:b2:82:33:
3b:cd:f4:ef:94:dd:16:ab:0e:71:4c:e1:82:d6:00:db:99:db:
27:5c:d4:61:bf:8c:3a:cb:94:8a:0c:fb:34:fe:12:d3:4d:71:
59:ee:ee:e0:72:bf:7d:ed:4e:d9:14:00:da:a9:ad:d0:d5:5f:
b3:60:e2:c3:b3:b3:9b:5c:69:be:40:f3:4e:d8:03:5a:da:65:
a1:4b:9f:07:eb:3f:f3:3c:d5:3b:5c:1c:f0:8c:a3:b1:ec:87:
28:8e:e3:6a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICMxUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcx
NjUyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQxRThDQjQ1NTk1Njk0
REE2QUVFRDU5QjhEMkQwMjU0OEM1M0U1MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9BwMq8ir2jeZ/MN/JRzn0gCQtpeV/5FCGluFSr0I0TdXLJIQW
09lm8o3pHwZDTf+UeJ4HbK0cJ5jaunuyRIr96tVn6QyLdAawDjTl5H8lyNAsPS/M
vVOq4PAFkttvp50fkbyVtWpHsF93am8D0J2mBxZkOyr38gK6hE7fJaFspHKqRVpe
c14k5X5lgXn34aVtjKqvn7kpMkPOcL2muGLXI3Q90Z9bpY6TOi937N5n1PHbWkQr
tH7yzORTwHzi4sSMvz7+hrooQ2yh5vIe2tiDfwffKzDIL73YaZlteBfnXZBBhseP
5tMxp9ruak2mcK2T5AmxV6BbtQhQD1kq+SQ5AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU0ejLRVlWlNpq7tWbjS0CVIxT5RMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBlakxSVmxXbE5wcTd0
V2JqUzBDVkl4VDVSTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKpD3W41tO4mIQan
EqShCe5wdzT2hnPrnC+pwskVErACpuNijI7XZ9kH1nkKRG95nXVSCd5HA7hkJ40i
IehM29X2c1fOuFpqa3Muyl0GNcLalFB07AZSfN/xtUzCEQf9v7WwptQ83ZpPdoZD
/qXbUHTnYapxWB5HnSLfXJhNaQMqdp8VAFa3ZMYoBzkjtbE6Yl/KAnW8kLRmd1iX
wiRXarKCMzvN9O+U3RarDnFM4YLWANuZ2ydc1GG/jDrLlIoM+zT+EtNNcVnu7uBy
v33tTtkUANqprdDVX7Ng4sOzs5tcab5A807YA1raZaFLnwfrP/M81TtcHPCMo7Hs
hyiO42o=
-----END CERTIFICATE-----
Generated at Wed Mar 27 23:44:24 2024 by rpki-client on console.sobornost.net