Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/M9B-X6upF1Xne1dr9zWOadKOYRg.roa
File: M9B-X6upF1Xne1dr9zWOadKOYRg.roa (raw, json)
Hash identifier: EWXKKzDjUvhSIx6aOOJdYTKYMUr3GSzx6URtzfIUIdQ=
Subject key identifier: 33:D0:7E:5F:AB:A9:17:55:E7:7B:57:6B:F7:35:8E:69:D2:8E:61:18
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4095
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/M9B-X6upF1Xne1dr9zWOadKOYRg.roa
Signing time: Sun 14 Apr 2024 16:52:53 +0000
ROA not before: Sun 14 Apr 2024 16:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16533 (0x4095)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 16:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=33D07E5FABA91755E77B576BF7358E69D28E6118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:02:d4:c0:5d:fb:07:8b:c0:44:1c:f4:42:ac:
c0:02:e8:11:fa:c9:61:2d:f7:7b:fc:eb:95:53:8e:
e9:a4:42:95:21:16:35:b6:9f:6e:e2:6c:4c:5d:2c:
f5:81:ff:24:0e:7c:a1:ca:e2:00:8f:82:45:32:7e:
a4:5d:a1:ad:df:ac:75:88:af:a4:7b:6a:4d:dd:01:
d0:15:31:96:a7:c5:ae:0d:30:ca:19:09:62:7f:6c:
af:97:ac:50:88:56:02:fc:eb:48:d8:ea:de:ce:08:
d5:57:ca:91:dc:13:d8:ce:cb:a5:84:3e:6f:40:9d:
ca:9e:a6:d0:02:79:83:f6:ef:e0:78:a0:a3:d8:1f:
4f:14:c8:ba:7e:77:c3:fd:07:d1:23:73:b1:c6:f5:
4e:54:5d:96:b7:fc:3b:61:fd:16:7d:54:88:e9:ea:
d3:c3:a2:04:e1:af:e4:47:b3:6d:ea:5a:52:1d:dd:
17:4a:49:3a:68:5e:d8:63:dc:72:a8:5b:1a:0a:11:
60:88:46:b8:ec:15:e4:87:96:0e:09:95:f2:a9:b2:
de:8b:d6:bb:aa:37:3b:f3:9a:a3:fb:5c:11:73:61:
48:2c:39:c5:07:b8:d4:11:a0:00:ff:e0:09:de:c0:
64:50:57:7e:b8:3b:ed:07:34:8f:df:af:f2:b4:7d:
5b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D0:7E:5F:AB:A9:17:55:E7:7B:57:6B:F7:35:8E:69:D2:8E:61:18
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/M9B-X6upF1Xne1dr9zWOadKOYRg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
92:80:46:66:2e:f3:c7:09:4f:a2:b6:28:69:9f:0b:3c:6c:e7:
6b:40:1a:e3:8f:1f:e3:95:45:75:1b:39:6a:64:ab:80:e1:bf:
0c:00:7a:5f:57:07:51:f0:3b:92:3b:58:6b:24:ad:dd:63:3e:
8e:4b:c3:5c:e1:de:d1:8f:b4:de:d7:fa:d4:67:5b:5f:4a:90:
84:18:d5:6f:95:cf:61:8d:06:da:c2:d3:9d:91:f4:a5:be:85:
0c:20:6e:df:45:f3:f6:f9:15:0c:07:56:dd:7d:f8:65:1b:2d:
07:08:5f:0b:30:58:4b:ae:76:86:c2:16:f4:4b:05:db:76:b3:
88:68:1c:ba:b8:0b:bf:85:a4:d6:5c:d5:2a:da:fc:3f:0e:96:
e5:89:1e:93:6e:6e:43:99:e9:04:36:60:1b:0a:b2:a2:0d:42:
fe:2d:55:03:2c:3f:dd:60:6d:c8:c6:f4:f5:46:e6:c8:84:6e:
ce:39:cf:f5:0f:b6:69:26:14:d4:9d:51:69:7a:d6:6e:57:b4:
12:b7:7b:80:bb:98:4b:64:d4:50:44:e5:7c:d3:ef:0e:47:ef:
da:75:37:f3:14:34:b0:6a:ef:14:c6:70:76:fc:f7:f7:15:70:
1d:52:4b:32:43:ea:d5:94:82:6f:21:21:8d:5c:cc:0a:78:2f:
48:c4:81:19
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQJUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
NjUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMzRDA3RTVGQUJBOTE3
NTVFNzdCNTc2QkY3MzU4RTY5RDI4RTYxMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7AtTAXfsHi8BEHPRCrMAC6BH6yWEt93v865VTjumkQpUhFjW2
n27ibExdLPWB/yQOfKHK4gCPgkUyfqRdoa3frHWIr6R7ak3dAdAVMZanxa4NMMoZ
CWJ/bK+XrFCIVgL860jY6t7OCNVXypHcE9jOy6WEPm9AncqeptACeYP27+B4oKPY
H08UyLp+d8P9B9Ejc7HG9U5UXZa3/Dth/RZ9VIjp6tPDogThr+RHs23qWlId3RdK
STpoXthj3HKoWxoKEWCIRrjsFeSHlg4JlfKpst6L1ruqNzvzmqP7XBFzYUgsOcUH
uNQRoAD/4AnewGRQV364O+0HNI/fr/K0fVuXAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUM9B+X6upF1Xne1dr9zWOadKOYRgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L005Qi1YNnVwRjFYbmUx
ZHI5eldPYWRLT1lSZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJKARmYu88cJT6K2
KGmfCzxs52tAGuOPH+OVRXUbOWpkq4DhvwwAel9XB1HwO5I7WGskrd1jPo5Lw1zh
3tGPtN7X+tRnW19KkIQY1W+Vz2GNBtrC052R9KW+hQwgbt9F8/b5FQwHVt19+GUb
LQcIXwswWEuudobCFvRLBdt2s4hoHLq4C7+FpNZc1Sra/D8OluWJHpNubkOZ6QQ2
YBsKsqINQv4tVQMsP91gbcjG9PVG5siEbs45z/UPtmkmFNSdUWl61m5XtBK3e4C7
mEtk1FBE5XzT7w5H79p1N/MUNLBq7xTGcHb89/cVcB1SSzJD6tWUgm8hIY1czAp4
L0jEgRk=
-----END CERTIFICATE-----
Generated at Sun Apr 14 22:29:59 2024 by rpki-client on console.sobornost.net