Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4XL8Rf6nnCd2LPC2on22dAskzjo.roa
File: 4XL8Rf6nnCd2LPC2on22dAskzjo.roa (raw, json)
Hash identifier: elWA7uU6bUH0Tpw/WvS84SZulZhg+X/KGK9VqLMOU9Q=
Subject key identifier: E1:72:FC:45:FE:A7:9C:27:76:2C:F0:B6:A2:7D:B6:74:0B:24:CE:3A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 56A5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4XL8Rf6nnCd2LPC2on22dAskzjo.roa
Signing time: Tue 14 May 2024 02:54:07 +0000
ROA not before: Tue 14 May 2024 02:54:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22181 (0x56a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 02:54:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E172FC45FEA79C27762CF0B6A27DB6740B24CE3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:18:46:24:95:be:90:f5:12:07:c5:22:79:84:
3a:85:69:c2:2e:a8:83:dc:b1:54:4a:68:26:e2:bf:
ff:8f:80:ba:51:67:4c:0e:8c:7d:72:fc:3c:6e:61:
aa:3c:f2:eb:31:2a:46:b4:a0:74:74:96:33:35:c0:
79:78:f1:35:22:6a:be:4b:d3:84:e7:4b:a3:6d:78:
19:ab:75:ad:24:40:31:2b:01:05:72:de:6c:6e:26:
86:46:1f:ed:5e:c2:78:0d:8f:c7:14:b0:2c:1f:5d:
e6:e9:93:8f:e2:1e:82:e5:db:91:81:74:af:df:f2:
72:7e:7d:c7:63:fc:f0:5f:32:c6:78:19:0e:06:d4:
4d:32:82:b7:0c:ae:2f:c8:57:87:cc:85:4d:0e:98:
2e:19:3e:52:b2:c1:6a:64:3e:84:3f:c8:f0:2b:36:
a0:86:5b:2f:16:74:d8:17:69:f3:46:5a:8d:60:0c:
76:86:52:5a:c5:d6:bc:19:ad:66:af:a1:84:c8:23:
1b:91:4c:c1:53:2e:9f:dc:d1:3e:37:34:da:58:bf:
2f:59:87:09:5d:d3:bd:3f:f6:b1:b5:87:f2:b5:8a:
22:24:5e:84:12:15:f1:0c:85:59:ac:cc:a5:d8:de:
41:ce:e9:79:9d:53:56:f8:c4:e1:dd:00:8f:55:f3:
39:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:72:FC:45:FE:A7:9C:27:76:2C:F0:B6:A2:7D:B6:74:0B:24:CE:3A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4XL8Rf6nnCd2LPC2on22dAskzjo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4f:ea:11:04:77:01:4b:0e:38:d0:f6:24:3a:9b:26:ba:ad:da:
af:71:c5:ce:af:e9:16:57:84:17:81:10:52:6e:4f:7f:d5:c7:
15:df:ba:8e:b0:2c:ab:56:6f:2b:cd:1b:40:2c:91:12:38:26:
95:3d:bd:34:af:aa:46:f8:90:7d:5f:f2:4e:32:d8:dd:50:d2:
bb:1e:f1:65:f0:e9:dd:8f:d9:ab:8d:bb:6b:7b:73:59:69:e1:
f5:71:c5:3a:aa:7a:35:df:1e:de:55:16:96:37:7c:23:d6:a6:
fa:aa:43:bd:9d:03:03:b3:16:2a:5c:48:47:9d:55:5a:0a:94:
06:82:e9:75:bb:ec:d8:f5:c7:a7:59:33:0f:0c:f4:90:ba:c9:
41:1a:c4:20:db:3b:1f:b8:a7:c7:94:fd:6b:13:65:9c:e2:38:
89:c5:17:30:d7:ae:fe:a8:68:d5:90:79:4b:14:63:d8:dd:a1:
a1:ec:84:59:70:03:56:44:4b:d0:0b:ce:8a:83:f8:b2:7c:6b:
44:84:cc:d4:29:9a:eb:80:93:d4:77:b8:90:96:75:60:22:72:
d2:e6:48:cc:94:45:43:7b:fe:dc:d9:49:b3:c5:bf:a1:b2:5f:
3d:c9:27:d2:d3:f4:06:a5:83:68:e8:f0:2c:04:b0:61:f0:0d:
01:d1:a1:97
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVqUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQw
MjU0MDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUxNzJGQzQ1RkVBNzlD
Mjc3NjJDRjBCNkEyN0RCNjc0MEIyNENFM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTGEYklb6Q9RIHxSJ5hDqFacIuqIPcsVRKaCbiv/+PgLpRZ0wO
jH1y/DxuYao88usxKka0oHR0ljM1wHl48TUiar5L04TnS6NteBmrda0kQDErAQVy
3mxuJoZGH+1ewngNj8cUsCwfXebpk4/iHoLl25GBdK/f8nJ+fcdj/PBfMsZ4GQ4G
1E0ygrcMri/IV4fMhU0OmC4ZPlKywWpkPoQ/yPArNqCGWy8WdNgXafNGWo1gDHaG
UlrF1rwZrWavoYTIIxuRTMFTLp/c0T43NNpYvy9Zhwld070/9rG1h/K1iiIkXoQS
FfEMhVmszKXY3kHO6XmdU1b4xOHdAI9V8zn1AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU4XL8Rf6nnCd2LPC2on22dAskzjowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRYTDhSZjZubkNkMkxQ
QzJvbjIyZEFza3pqby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAE/qEQR3AUsOOND2
JDqbJrqt2q9xxc6v6RZXhBeBEFJuT3/VxxXfuo6wLKtWbyvNG0AskRI4JpU9vTSv
qkb4kH1f8k4y2N1Q0rse8WXw6d2P2auNu2t7c1lp4fVxxTqqejXfHt5VFpY3fCPW
pvqqQ72dAwOzFipcSEedVVoKlAaC6XW77Nj1x6dZMw8M9JC6yUEaxCDbOx+4p8eU
/WsTZZziOInFFzDXrv6oaNWQeUsUY9jdoaHshFlwA1ZES9ALzoqD+LJ8a0SEzNQp
muuAk9R3uJCWdWAictLmSMyURUN7/tzZSbPFv6GyXz3JJ9LT9Aalg2jo8CwEsGHw
DQHRoZc=
-----END CERTIFICATE-----
Generated at Tue May 14 08:41:12 2024 by rpki-client on console.sobornost.net