Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RftddtFDDwUeMxsvDNwGKbmOemo.roa
File: RftddtFDDwUeMxsvDNwGKbmOemo.roa (raw, json)
Hash identifier: KV/CSU1J0qgBXtuTV9MMXV/CWPupdSMDJkdw38MjTBo=
Subject key identifier: 45:FB:5D:76:D1:43:0F:05:1E:33:1B:2F:0C:DC:06:29:B9:8E:7A:6A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4989
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RftddtFDDwUeMxsvDNwGKbmOemo.roa
Signing time: Fri 26 Apr 2024 15:23:22 +0000
ROA not before: Fri 26 Apr 2024 15:23:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18825 (0x4989)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 26 15:23:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=45FB5D76D1430F051E331B2F0CDC0629B98E7A6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:71:4b:7d:40:26:4f:1d:b4:23:6b:1a:f1:e2:
46:fb:48:e2:87:da:86:69:b3:56:ad:4c:2c:50:8c:
fd:88:44:fb:fd:1a:50:cb:2a:08:51:4c:4d:6f:8c:
2f:c1:4a:3f:39:39:9e:9b:43:39:82:fd:37:df:86:
06:15:be:fe:da:b4:72:34:24:fa:ff:53:51:3b:cc:
7d:a7:94:35:7f:b4:2c:33:ad:e8:78:81:d3:93:23:
ae:35:02:75:30:9c:5b:e3:22:7a:ac:cf:b2:33:79:
9f:ec:43:97:29:27:6c:85:ad:44:5b:db:ea:be:aa:
61:48:9b:2f:46:d8:61:7c:e3:95:f8:af:e0:b4:73:
b4:15:8f:8e:8f:d2:bb:02:c3:0d:6f:a2:a4:f6:ea:
c3:a8:0d:53:d4:b2:4b:10:7d:a5:f4:26:a6:d8:67:
88:02:a1:0c:aa:45:9b:60:f3:66:36:95:6d:c7:ce:
3d:89:6f:b5:76:15:54:ad:55:49:b8:ae:a5:29:49:
af:5d:b3:a0:10:6f:f3:52:6d:e3:a4:34:e8:b5:0f:
64:7a:01:94:c4:33:3a:bc:19:97:54:ad:74:f9:20:
b5:81:07:4a:cb:7b:11:7e:3c:02:d2:5f:e3:42:12:
3d:71:df:74:87:0f:d7:ff:a9:ba:14:79:f1:73:4f:
a6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:FB:5D:76:D1:43:0F:05:1E:33:1B:2F:0C:DC:06:29:B9:8E:7A:6A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RftddtFDDwUeMxsvDNwGKbmOemo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:3c:d7:fd:0e:06:f6:3e:41:d4:db:d4:62:1f:9a:bc:b0:f7:
89:53:b0:1e:25:c0:69:14:0a:7f:67:b6:57:63:21:91:22:96:
9d:db:3b:67:cb:7b:dd:7f:cc:bd:ff:64:98:d1:4e:02:b5:b5:
7b:b2:1f:84:c7:76:b9:01:4e:37:f8:25:03:2a:f4:59:28:5e:
f9:bf:15:53:5a:ae:ed:72:05:c0:03:09:99:95:18:a3:ba:07:
08:f6:97:49:a4:78:17:4f:ed:9a:aa:e4:5c:67:b6:0a:41:f0:
76:bf:f2:3e:38:15:b3:b6:d3:2a:83:5d:e5:ee:54:0a:4b:9d:
21:10:03:21:67:4a:e1:4b:8b:42:c0:b1:80:8f:6f:bb:bf:aa:
c8:15:a0:8c:cf:ed:db:6b:60:e8:6d:31:75:76:2b:4d:95:fe:
52:b2:11:27:a2:5f:60:3b:9e:60:87:58:8d:6a:6c:5f:a0:5b:
88:c9:40:87:fe:0b:44:a5:e7:24:2a:33:6c:c1:f3:18:1f:44:
79:5f:63:8b:0a:b6:07:49:26:2c:01:bf:d5:14:bd:d6:c2:e0:
91:82:b7:f2:02:f3:c1:c5:b0:5b:78:7a:9a:9c:c6:63:52:3b:
20:f8:2a:d3:89:7c:69:29:70:1c:70:ed:ea:99:cb:57:bd:6c:
d8:bb:83:dd
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSYkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjYx
NTIzMjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ1RkI1RDc2RDE0MzBG
MDUxRTMzMUIyRjBDREMwNjI5Qjk4RTdBNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJcUt9QCZPHbQjaxrx4kb7SOKH2oZps1atTCxQjP2IRPv9GlDL
KghRTE1vjC/BSj85OZ6bQzmC/TffhgYVvv7atHI0JPr/U1E7zH2nlDV/tCwzreh4
gdOTI641AnUwnFvjInqsz7IzeZ/sQ5cpJ2yFrURb2+q+qmFImy9G2GF845X4r+C0
c7QVj46P0rsCww1voqT26sOoDVPUsksQfaX0JqbYZ4gCoQyqRZtg82Y2lW3Hzj2J
b7V2FVStVUm4rqUpSa9ds6AQb/NSbeOkNOi1D2R6AZTEMzq8GZdUrXT5ILWBB0rL
exF+PALSX+NCEj1x33SHD9f/qboUefFzT6aBAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQURftddtFDDwUeMxsvDNwGKbmOemowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JmdGRkdEZERHdVZU14
c3ZETndHS2JtT2Vtby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJo81/0OBvY+QdTb
1GIfmryw94lTsB4lwGkUCn9ntldjIZEilp3bO2fLe91/zL3/ZJjRTgK1tXuyH4TH
drkBTjf4JQMq9FkoXvm/FVNaru1yBcADCZmVGKO6Bwj2l0mkeBdP7Zqq5FxntgpB
8Ha/8j44FbO20yqDXeXuVApLnSEQAyFnSuFLi0LAsYCPb7u/qsgVoIzP7dtrYOht
MXV2K02V/lKyESeiX2A7nmCHWI1qbF+gW4jJQIf+C0Sl5yQqM2zB8xgfRHlfY4sK
tgdJJiwBv9UUvdbC4JGCt/IC88HFsFt4epqcxmNSOyD4KtOJfGkpcBxw7eqZy1e9
bNi7g90=
-----END CERTIFICATE-----
Generated at Fri Apr 26 22:47:19 2024 by rpki-client on console.sobornost.net