Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BAd4BDK5WGgSKDUVKfAjoNUCLG0.roa
File: BAd4BDK5WGgSKDUVKfAjoNUCLG0.roa (raw, json)
Hash identifier: 8dbp3+kUDS9e5sKbISbfK6Z0/jfMOk4EU9vinhfrwkI=
Subject key identifier: 04:07:78:04:32:B9:58:68:12:28:35:15:29:F0:23:A0:D5:02:2C:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4115
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BAd4BDK5WGgSKDUVKfAjoNUCLG0.roa
Signing time: Mon 15 Apr 2024 08:52:57 +0000
ROA not before: Mon 15 Apr 2024 08:52:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16661 (0x4115)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 08:52:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0407780432B958681228351529F023A0D5022C6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:2f:ec:3f:01:54:7c:77:be:bc:1a:83:f2:99:
c8:fa:95:10:23:e4:46:da:34:63:60:e9:1d:34:2f:
ec:34:d9:c9:68:60:a5:c4:b9:27:b7:a5:e4:96:bf:
fb:f7:67:c4:81:22:fb:b2:81:31:2c:da:fc:7b:c6:
21:04:e8:a4:8d:25:98:53:3b:ff:13:93:41:79:81:
32:e4:ff:b6:e8:f4:15:15:6e:28:08:96:d8:56:62:
c5:62:a3:d8:22:37:aa:4c:98:40:87:94:86:b7:e1:
4d:ed:1b:d1:3b:0c:5d:97:b1:57:dc:33:8d:b8:97:
27:b4:9d:7a:cb:a6:0f:44:e1:6e:c7:d4:d3:f6:0b:
a2:ce:75:76:9b:29:a8:70:6e:32:a6:ad:8f:0c:86:
d6:e4:59:d1:c1:0f:32:2d:50:01:59:5a:c6:4c:7e:
12:f9:f3:05:38:3f:d8:83:fb:aa:f5:81:09:07:e4:
bb:1f:93:4a:72:3c:6a:49:c9:50:e4:f6:c9:89:64:
31:b1:02:64:e9:ba:87:22:82:14:11:a8:b8:43:08:
bd:7e:b9:7c:e7:51:09:76:fd:60:ab:71:d4:fd:42:
ce:0c:a2:72:aa:6b:0b:d8:05:0a:b6:5f:f1:dc:d1:
9e:2d:15:78:99:27:c2:02:e8:6c:94:bc:91:97:9f:
71:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:07:78:04:32:B9:58:68:12:28:35:15:29:F0:23:A0:D5:02:2C:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BAd4BDK5WGgSKDUVKfAjoNUCLG0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8a:6e:9f:70:b8:bb:bf:9a:36:d8:1a:a6:92:ca:5a:4e:85:00:
ae:26:6c:ea:98:d3:e6:aa:1b:bc:ef:57:6b:02:f7:6c:69:95:
bb:f2:3b:7f:2e:8c:dc:9f:ac:e0:85:b9:22:9e:63:01:7a:de:
a2:42:a3:0c:12:c9:91:8e:a6:d2:f3:11:e1:22:6c:02:25:0b:
3c:18:c1:05:47:21:40:4f:be:d9:ff:4a:c4:52:01:bf:1d:4d:
e5:e1:6b:a6:24:1d:bb:63:29:2f:11:00:07:48:29:e0:39:fc:
07:d8:84:36:a1:59:83:0d:9e:37:fd:fe:47:36:70:49:90:be:
09:16:a8:99:59:9b:6c:65:4f:3c:ad:c4:51:88:54:46:c3:0c:
ad:bf:22:37:93:13:ac:8b:13:08:f2:e8:df:34:8d:e4:26:bf:
38:90:24:66:d8:e1:db:9c:bf:d3:e1:08:94:da:08:1e:8b:b8:
32:dd:22:98:1a:13:28:04:1c:83:77:81:ef:06:31:23:7a:1c:
9c:b1:87:21:50:1b:9d:4b:85:41:bd:39:b0:88:db:69:5f:ed:
cd:e7:09:4e:bb:4c:a6:38:40:57:fd:51:c5:c2:24:56:ad:a9:
5e:45:c2:bf:be:74:f4:67:7d:0f:04:6f:a9:fc:8c:15:a2:cb:
5d:85:61:42
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQRUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUw
ODUyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA0MDc3ODA0MzJCOTU4
NjgxMjI4MzUxNTI5RjAyM0EwRDUwMjJDNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoL+w/AVR8d768GoPymcj6lRAj5EbaNGNg6R00L+w02cloYKXE
uSe3peSWv/v3Z8SBIvuygTEs2vx7xiEE6KSNJZhTO/8Tk0F5gTLk/7bo9BUVbigI
lthWYsVio9giN6pMmECHlIa34U3tG9E7DF2XsVfcM424lye0nXrLpg9E4W7H1NP2
C6LOdXabKahwbjKmrY8MhtbkWdHBDzItUAFZWsZMfhL58wU4P9iD+6r1gQkH5Lsf
k0pyPGpJyVDk9smJZDGxAmTpuocighQRqLhDCL1+uXznUQl2/WCrcdT9Qs4MonKq
awvYBQq2X/Hc0Z4tFXiZJ8IC6GyUvJGXn3EVAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUBAd4BDK5WGgSKDUVKfAjoNUCLG0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JBZDRCREs1V0dnU0tE
VVZLZkFqb05VQ0xHMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIpun3C4u7+aNtga
ppLKWk6FAK4mbOqY0+aqG7zvV2sC92xplbvyO38ujNyfrOCFuSKeYwF63qJCowwS
yZGOptLzEeEibAIlCzwYwQVHIUBPvtn/SsRSAb8dTeXha6YkHbtjKS8RAAdIKeA5
/AfYhDahWYMNnjf9/kc2cEmQvgkWqJlZm2xlTzytxFGIVEbDDK2/IjeTE6yLEwjy
6N80jeQmvziQJGbY4ducv9PhCJTaCB6LuDLdIpgaEygEHIN3ge8GMSN6HJyxhyFQ
G51LhUG9ObCI22lf7c3nCU67TKY4QFf9UcXCJFatqV5Fwr++dPRnfQ8Eb6n8jBWi
y12FYUI=
-----END CERTIFICATE-----
Generated at Mon Apr 15 15:29:25 2024 by rpki-client on console.sobornost.net