Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/N2kii9A7vxrx_pgu-7NaLVhqDDQ.roa
File: N2kii9A7vxrx_pgu-7NaLVhqDDQ.roa (raw, json)
Hash identifier: HUnab6zgXkug7/zZsnt/moO2W6rVBiXdWszo+S+AAKQ=
Subject key identifier: 37:69:22:8B:D0:3B:BF:1A:F1:FE:98:2E:FB:B3:5A:2D:58:6A:0C:34
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3519
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/N2kii9A7vxrx_pgu-7NaLVhqDDQ.roa
Signing time: Sat 30 Mar 2024 09:22:07 +0000
ROA not before: Sat 30 Mar 2024 09:22:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13593 (0x3519)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 09:22:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3769228BD03BBF1AF1FE982EFBB35A2D586A0C34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:0d:0c:39:a5:ba:35:7e:30:6c:2f:34:42:e9:
c2:1d:1a:65:f3:3f:ee:0b:68:1b:2a:a2:b3:f9:3d:
78:27:b8:22:bc:c0:89:06:d0:d2:1d:ee:f7:27:43:
cd:48:8b:15:05:23:e4:f0:9f:cd:ca:5c:81:73:72:
6e:ae:6e:99:fa:96:52:25:b2:b4:a3:21:a8:55:16:
3b:1e:3a:aa:4b:f0:43:72:05:92:23:ee:83:d8:44:
8e:5a:08:23:f1:b7:f2:b5:ed:d8:88:9e:36:36:f4:
8d:95:80:86:d9:90:fc:71:cc:01:ec:e6:69:98:31:
1e:3e:42:6d:17:4a:2c:d8:3b:78:46:06:9f:b4:32:
b1:a7:8c:f1:fc:c8:e8:63:b2:f9:a5:8d:e5:21:5c:
b6:c1:3f:6d:ac:92:4a:88:95:77:3c:de:9b:67:7a:
20:16:68:7e:3e:e0:58:eb:4d:13:2f:e6:e4:54:1c:
eb:cf:24:49:1f:26:f3:ed:b4:4a:0c:c3:78:c6:c9:
9d:01:f7:b4:7c:d7:70:41:8f:dc:74:0e:99:43:75:
56:54:58:dc:37:5a:f9:ac:4e:ec:a7:fa:41:3b:0d:
d6:2f:fa:ca:e8:e3:dc:52:ab:43:b4:06:ce:8b:3c:
d7:4f:6d:75:07:f8:20:5c:45:a0:6a:a1:e7:4a:af:
76:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:69:22:8B:D0:3B:BF:1A:F1:FE:98:2E:FB:B3:5A:2D:58:6A:0C:34
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/N2kii9A7vxrx_pgu-7NaLVhqDDQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8a:b7:c0:03:de:03:86:38:64:63:3e:7f:c2:6b:8d:69:c6:6b:
70:28:60:e4:db:16:2d:94:7f:5c:28:cd:4a:cf:a9:7a:f1:39:
d3:5e:97:08:be:3e:6e:88:be:89:85:4b:89:4b:36:7b:bc:b6:
34:55:54:22:e8:1e:73:9a:0b:dc:86:96:43:2d:77:81:6b:5b:
2b:4e:e4:e3:cc:0c:b3:93:13:d3:80:0f:38:23:73:b0:82:aa:
c0:37:5d:73:9b:c0:b0:95:6b:5c:bd:b0:53:71:55:94:97:ee:
cc:4e:1b:61:20:b6:a8:40:d7:e0:86:41:70:d7:be:0d:14:75:
df:05:bc:d1:46:96:4f:f7:3f:71:ce:46:67:3d:a9:eb:a1:b6:
9d:86:91:d2:f9:0f:3e:47:2b:f3:30:09:e4:0e:25:d3:b1:52:
a3:22:7c:c9:f8:eb:50:c4:12:69:77:ad:97:36:99:ef:8b:eb:
53:cf:66:6c:74:ca:56:d6:47:e1:d8:19:bf:5b:9e:3a:33:4b:
6c:8e:90:4b:eb:ea:0c:04:ba:54:84:9e:82:2a:62:76:d2:40:
d4:2f:34:70:66:d6:1c:2a:fd:fd:99:80:e8:22:aa:7a:ff:4e:
20:af:dd:b4:a4:04:11:25:06:0b:53:fe:33:aa:f1:73:02:10:
fa:3d:b7:9e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNRkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
OTIyMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM3NjkyMjhCRDAzQkJG
MUFGMUZFOTgyRUZCQjM1QTJENTg2QTBDMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtDQw5pbo1fjBsLzRC6cIdGmXzP+4LaBsqorP5PXgnuCK8wIkG
0NId7vcnQ81IixUFI+Twn83KXIFzcm6ubpn6llIlsrSjIahVFjseOqpL8ENyBZIj
7oPYRI5aCCPxt/K17diInjY29I2VgIbZkPxxzAHs5mmYMR4+Qm0XSizYO3hGBp+0
MrGnjPH8yOhjsvmljeUhXLbBP22skkqIlXc83ptneiAWaH4+4FjrTRMv5uRUHOvP
JEkfJvPttEoMw3jGyZ0B97R813BBj9x0DplDdVZUWNw3WvmsTuyn+kE7DdYv+sro
49xSq0O0Bs6LPNdPbXUH+CBcRaBqoedKr3Z3AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUN2kii9A7vxrx/pgu+7NaLVhqDDQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L04ya2lpOUE3dnhyeF9w
Z3UtN05hTFZocUREUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIq3wAPeA4Y4ZGM+
f8JrjWnGa3AoYOTbFi2Uf1wozUrPqXrxOdNelwi+Pm6IvomFS4lLNnu8tjRVVCLo
HnOaC9yGlkMtd4FrWytO5OPMDLOTE9OADzgjc7CCqsA3XXObwLCVa1y9sFNxVZSX
7sxOG2EgtqhA1+CGQXDXvg0Udd8FvNFGlk/3P3HORmc9qeuhtp2GkdL5Dz5HK/Mw
CeQOJdOxUqMifMn461DEEml3rZc2me+L61PPZmx0ylbWR+HYGb9bnjozS2yOkEvr
6gwEulSEnoIqYnbSQNQvNHBm1hwq/f2ZgOgiqnr/TiCv3bSkBBElBgtT/jOq8XMC
EPo9t54=
-----END CERTIFICATE-----
Generated at Sat Mar 30 14:41:12 2024 by rpki-client on console.sobornost.net