Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3KbGeN8iA_1PsQkkdiN0aM63weQ.roa
File: 3KbGeN8iA_1PsQkkdiN0aM63weQ.roa (raw, json)
Hash identifier: 3pETiqIt8PHMyfpLBZADgXKBcmj5zRcyDVu4UygN0CA=
Subject key identifier: DC:A6:C6:78:DF:22:03:FD:4F:B1:09:24:76:23:74:68:CE:B7:C1:E4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3EF5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3KbGeN8iA_1PsQkkdiN0aM63weQ.roa
Signing time: Fri 12 Apr 2024 12:52:50 +0000
ROA not before: Fri 12 Apr 2024 12:52:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16117 (0x3ef5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 12:52:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DCA6C678DF2203FD4FB1092476237468CEB7C1E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3f:7b:e1:35:1b:42:44:4f:83:a2:08:77:22:
52:96:c6:5f:ed:be:e3:e0:9d:c1:01:4f:3c:e4:9b:
5a:ed:57:ad:4c:95:0c:dc:eb:de:7f:99:f5:62:9a:
f7:73:ba:a8:d4:61:8f:64:27:2e:4d:1e:36:71:96:
67:49:7c:80:bc:16:e4:4b:2f:ce:49:e6:ad:3d:d4:
e5:83:f1:1b:2f:61:d0:65:a7:b4:ee:a5:cb:73:a8:
fc:c2:f2:cf:b7:a4:a1:a4:41:42:84:ea:ea:a9:18:
ed:09:d7:2c:8c:21:2f:da:04:c1:86:86:47:5b:53:
34:31:d8:f1:f9:fa:43:e7:7c:f8:94:3b:21:99:63:
22:6e:ee:fc:5d:d6:56:93:fe:1e:67:da:28:25:c2:
6b:66:ee:f8:75:74:35:b1:3f:33:ba:28:da:20:ee:
bd:f7:16:48:a1:f3:86:10:08:9c:ae:8a:b0:40:47:
5e:6b:d2:1a:46:8a:4d:5e:d7:27:93:eb:6a:39:c7:
31:37:a4:83:3a:96:81:de:12:44:90:6f:30:a2:09:
ac:76:5a:fa:e3:98:05:b2:05:b8:de:cf:e3:3a:2a:
bc:db:69:8a:3d:74:73:ad:a6:df:b6:1e:b2:2c:cc:
09:7e:a8:2e:c8:bd:45:bc:f6:bd:e0:0c:c0:9e:04:
5b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A6:C6:78:DF:22:03:FD:4F:B1:09:24:76:23:74:68:CE:B7:C1:E4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3KbGeN8iA_1PsQkkdiN0aM63weQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2a:7a:b7:56:be:33:6e:28:0d:75:88:fd:7d:19:d3:b8:58:72:
fc:a8:11:bc:82:07:fa:71:d8:f7:0e:d8:1f:fa:ea:41:83:ad:
00:35:71:8d:53:e9:23:d5:db:7c:d5:00:c7:46:60:fb:a7:7d:
ac:dc:6c:2d:02:ee:f0:b5:15:5f:f8:88:1f:b2:33:f1:81:67:
d1:a5:d7:c6:c5:fa:0d:60:23:88:a3:ae:b5:d5:33:b6:02:64:
36:12:4f:f0:ea:46:08:2a:39:6b:58:af:76:b2:a2:a7:99:26:
bb:57:0c:6a:6e:38:f1:e3:ae:86:bd:6b:7a:a8:c3:56:94:8e:
71:34:38:e2:33:14:3f:d6:e6:c9:06:10:f9:be:cb:d9:c8:2b:
00:f5:98:b6:79:50:5d:3c:d8:1b:2e:8a:1f:35:27:c7:0e:9c:
ef:15:6d:5f:1a:d0:a9:91:33:ac:55:56:c6:5f:0c:ef:af:8b:
22:75:e5:b0:b2:d3:4c:c6:8a:ae:61:66:9d:93:87:73:15:0b:
22:4e:e1:dd:ba:ad:b0:43:b9:5f:df:70:06:ff:c4:dc:db:5f:
34:fd:68:ee:1a:c9:f0:ef:65:0b:63:12:79:a7:b3:1a:95:07:
0a:71:70:4d:47:75:f2:03:5d:61:94:a4:76:50:15:aa:51:79:
4f:93:2a:fc
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPvUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIx
MjUyNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERDQTZDNjc4REYyMjAz
RkQ0RkIxMDkyNDc2MjM3NDY4Q0VCN0MxRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOP3vhNRtCRE+Dogh3IlKWxl/tvuPgncEBTzzkm1rtV61MlQzc
695/mfVimvdzuqjUYY9kJy5NHjZxlmdJfIC8FuRLL85J5q091OWD8RsvYdBlp7Tu
pctzqPzC8s+3pKGkQUKE6uqpGO0J1yyMIS/aBMGGhkdbUzQx2PH5+kPnfPiUOyGZ
YyJu7vxd1laT/h5n2iglwmtm7vh1dDWxPzO6KNog7r33Fkih84YQCJyuirBAR15r
0hpGik1e1yeT62o5xzE3pIM6loHeEkSQbzCiCax2WvrjmAWyBbjez+M6KrzbaYo9
dHOtpt+2HrIszAl+qC7IvUW89r3gDMCeBFuJAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU3KbGeN8iA/1PsQkkdiN0aM63weQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNLYkdlTjhpQV8xUHNR
a2tkaU4wYU02M3dlUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACp6t1a+M24oDXWI
/X0Z07hYcvyoEbyCB/px2PcO2B/66kGDrQA1cY1T6SPV23zVAMdGYPunfazcbC0C
7vC1FV/4iB+yM/GBZ9Gl18bF+g1gI4ijrrXVM7YCZDYST/DqRggqOWtYr3ayoqeZ
JrtXDGpuOPHjroa9a3qow1aUjnE0OOIzFD/W5skGEPm+y9nIKwD1mLZ5UF082Bsu
ih81J8cOnO8VbV8a0KmRM6xVVsZfDO+viyJ15bCy00zGiq5hZp2Th3MVCyJO4d26
rbBDuV/fcAb/xNzbXzT9aO4ayfDvZQtjEnmnsxqVBwpxcE1HdfIDXWGUpHZQFapR
eU+TKvw=
-----END CERTIFICATE-----
Generated at Fri Apr 12 19:51:36 2024 by rpki-client on console.sobornost.net