Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hxR3UFtNKfP0N8cIDq1kTsJFjIM.roa
File: hxR3UFtNKfP0N8cIDq1kTsJFjIM.roa (raw, json)
Hash identifier: DEzR9V3xlPJGuKbb+oSI30+M/x9MAco02vIsZjZMD3Q=
Subject key identifier: 87:14:77:50:5B:4D:29:F3:F4:37:C7:08:0E:AD:64:4E:C2:45:8C:83
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40A9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hxR3UFtNKfP0N8cIDq1kTsJFjIM.roa
Signing time: Sun 14 Apr 2024 19:22:54 +0000
ROA not before: Sun 14 Apr 2024 19:22:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16553 (0x40a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 19:22:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=871477505B4D29F3F437C7080EAD644EC2458C83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b5:e9:a6:b9:f4:3c:2c:59:69:e9:48:5a:59:
67:bf:ab:f8:31:91:f4:36:b5:47:ad:4e:13:9c:03:
61:d1:e3:f6:b3:fa:27:9a:32:e3:71:17:95:90:c9:
ee:4e:19:84:98:bd:ba:c6:20:87:ad:a3:22:f5:08:
d5:3d:bf:af:d0:82:a9:31:e6:aa:fa:ed:a6:71:6d:
fc:0f:57:2c:9b:b6:e7:6a:52:c0:17:b9:e5:df:ca:
84:27:9d:5c:50:82:59:5a:ef:c7:cf:92:8a:61:22:
87:b8:44:34:77:36:d6:2d:65:4b:0f:2e:01:ea:6c:
41:2f:5a:45:58:11:e9:0f:18:e2:83:06:cd:7b:9b:
4d:ee:d4:4f:2d:10:ed:6b:61:97:6a:f3:1b:88:ec:
02:bf:ca:01:df:2b:41:eb:16:21:67:33:de:ef:47:
99:09:b1:41:bf:33:18:e1:d5:10:d6:13:ff:b8:3e:
46:b3:68:f8:16:0a:2f:16:cc:16:a7:04:6f:3f:18:
27:40:ff:a0:7a:4d:b0:ee:7e:91:ad:ac:b2:35:f7:
98:94:d8:f1:c0:cf:9a:18:e0:78:89:fd:2f:b8:fa:
26:8a:b5:10:ea:1e:32:19:b6:32:34:f3:a3:2a:2f:
4a:5b:2d:25:3e:98:eb:0e:f8:97:22:12:df:0e:b8:
04:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:14:77:50:5B:4D:29:F3:F4:37:C7:08:0E:AD:64:4E:C2:45:8C:83
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hxR3UFtNKfP0N8cIDq1kTsJFjIM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3b:eb:19:43:e0:51:9f:23:a3:0a:7b:68:8f:61:71:a1:e5:57:
43:b0:18:2b:aa:38:6b:85:cf:5c:03:18:07:fa:a5:18:58:4d:
51:c7:74:b5:32:a2:43:fe:e2:cd:79:23:95:83:2b:9c:81:79:
66:ec:82:37:dd:b0:b3:a7:39:c0:b3:69:36:bb:d5:c9:00:4b:
76:02:0e:17:45:0f:f8:0d:98:d0:71:46:f3:d4:53:4e:2a:67:
68:88:76:fa:05:33:f8:57:3d:fa:57:33:11:c0:8c:fe:b2:76:
50:fe:43:bb:e7:67:83:eb:f1:5c:a2:1f:14:2b:ca:24:c6:7e:
96:5d:32:a5:13:96:5f:d6:f8:11:8c:a2:05:de:8a:c5:97:f6:
93:04:cf:55:c1:04:0f:a9:ed:64:bb:47:66:3b:cd:82:5c:40:
79:05:61:72:9e:75:f1:71:6b:14:24:48:cd:77:5a:d7:23:5d:
6b:f5:b6:a2:f1:4c:81:34:ee:35:2d:a0:e1:ec:3e:51:3c:a9:
30:2b:9e:5b:bd:df:a4:57:77:86:1d:ed:7f:9f:3e:0d:6f:12:
2a:dd:20:53:3d:79:e5:ec:ef:e9:07:2f:ab:3c:df:12:69:f0:
c6:5f:d3:89:03:a7:78:d3:99:05:14:68:1d:f4:c5:cf:7d:b1:
ed:72:66:c7
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
OTIyNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg3MTQ3NzUwNUI0RDI5
RjNGNDM3QzcwODBFQUQ2NDRFQzI0NThDODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBtemmufQ8LFlp6UhaWWe/q/gxkfQ2tUetThOcA2HR4/az+iea
MuNxF5WQye5OGYSYvbrGIIetoyL1CNU9v6/Qgqkx5qr67aZxbfwPVyybtudqUsAX
ueXfyoQnnVxQglla78fPkophIoe4RDR3NtYtZUsPLgHqbEEvWkVYEekPGOKDBs17
m03u1E8tEO1rYZdq8xuI7AK/ygHfK0HrFiFnM97vR5kJsUG/Mxjh1RDWE/+4Pkaz
aPgWCi8WzBanBG8/GCdA/6B6TbDufpGtrLI195iU2PHAz5oY4HiJ/S+4+iaKtRDq
HjIZtjI086MqL0pbLSU+mOsO+JciEt8OuATvAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUhxR3UFtNKfP0N8cIDq1kTsJFjIMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2h4UjNVRnROS2ZQME44
Y0lEcTFrVHNKRmpJTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADvrGUPgUZ8jowp7
aI9hcaHlV0OwGCuqOGuFz1wDGAf6pRhYTVHHdLUyokP+4s15I5WDK5yBeWbsgjfd
sLOnOcCzaTa71ckAS3YCDhdFD/gNmNBxRvPUU04qZ2iIdvoFM/hXPfpXMxHAjP6y
dlD+Q7vnZ4Pr8VyiHxQryiTGfpZdMqUTll/W+BGMogXeisWX9pMEz1XBBA+p7WS7
R2Y7zYJcQHkFYXKedfFxaxQkSM13WtcjXWv1tqLxTIE07jUtoOHsPlE8qTArnlu9
36RXd4Yd7X+fPg1vEirdIFM9eeXs7+kHL6s83xJp8MZf04kDp3jTmQUUaB30xc99
se1yZsc=
-----END CERTIFICATE-----
Generated at Mon Apr 15 04:51:05 2024 by rpki-client on console.sobornost.net