Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jC5nhAxjKQpbfCUAJELn4KcZNww.roa
File: jC5nhAxjKQpbfCUAJELn4KcZNww.roa (raw, json)
Hash identifier: STfVbXn1SAIwysNgc3Yo2yWCMJPuDl+S/j7/zO1EPbw=
Subject key identifier: 8C:2E:67:84:0C:63:29:0A:5B:7C:25:00:24:42:E7:E0:A7:19:37:0C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3289
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jC5nhAxjKQpbfCUAJELn4KcZNww.roa
Signing time: Wed 27 Mar 2024 07:11:50 +0000
ROA not before: Wed 27 Mar 2024 07:11:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12937 (0x3289)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 07:11:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8C2E67840C63290A5B7C25002442E7E0A719370C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1b:20:a5:35:6c:0d:6d:8e:fb:34:6a:1b:a7:
92:de:23:93:be:64:33:61:e2:56:d5:ee:e7:9a:f7:
b2:ca:99:95:8b:2d:f5:b9:f4:e7:4d:43:d1:42:a0:
8c:8a:1e:c9:3e:04:61:79:0a:7b:8a:08:f8:7b:c5:
d8:ee:98:22:65:a9:a4:b7:c8:7e:6d:78:fa:6b:51:
a5:08:4d:1c:f0:2d:d1:88:0f:9c:4e:f1:67:9b:2a:
7f:9d:0c:c6:8c:c2:4b:20:e5:65:e9:88:0f:86:74:
7a:bc:b8:67:a2:dd:e6:bd:6c:31:95:1c:db:b6:2a:
d6:16:53:35:57:ca:06:28:4f:55:c9:5b:6d:95:aa:
3e:de:e7:09:2b:94:82:50:a6:31:8a:6f:6c:c3:3d:
7e:7f:09:2c:ca:ad:da:62:6d:3b:7d:ed:f1:ce:ca:
ea:8f:87:e2:6b:7e:b4:9b:a6:6c:de:04:73:d1:f5:
a0:eb:ec:ee:9e:62:3e:52:79:29:60:17:87:03:42:
8c:2f:03:32:6d:f4:01:17:69:52:a2:d9:fd:52:2c:
40:1a:42:7c:93:ee:d9:bd:d3:e4:57:ce:4e:96:44:
c0:31:99:dc:78:fe:80:92:69:fe:00:b5:43:72:4f:
e3:04:2b:39:d5:f6:a6:45:3c:43:ef:56:5d:ab:6d:
f7:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:2E:67:84:0C:63:29:0A:5B:7C:25:00:24:42:E7:E0:A7:19:37:0C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jC5nhAxjKQpbfCUAJELn4KcZNww.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
26:33:53:2c:1f:08:d2:b3:71:5c:23:b6:4d:66:17:ce:5a:c5:
fd:7b:36:d4:ae:4a:b0:a6:20:24:8f:ed:2e:10:04:17:0a:81:
39:96:e7:f4:6e:3e:c6:84:0e:5b:d0:1f:95:6e:5a:e6:22:e8:
e2:db:4a:b7:08:67:b1:8f:b6:e2:9f:4a:44:4d:1d:56:76:81:
fc:04:ba:f3:44:fb:b8:d0:54:51:a8:e5:a2:90:31:9e:d1:ed:
3f:87:58:09:6c:97:fc:5d:98:f2:4d:03:41:e5:04:b1:63:bb:
ed:61:da:67:b9:b8:8d:19:d3:1d:16:d9:eb:24:da:17:e4:c5:
af:4e:76:13:45:9d:a0:db:21:f2:67:b7:4a:f0:60:56:6a:c1:
16:29:a8:1b:c5:12:d1:bd:78:63:ba:07:9f:8d:81:25:8d:f0:
3a:64:c0:29:85:32:0a:c5:82:e9:1e:10:3c:32:fa:fa:d1:96:
0f:16:0a:c4:60:29:30:1d:74:55:55:9a:7e:ab:01:4a:4c:c2:
83:24:dc:e4:02:71:0e:fb:27:a7:90:9b:d5:9d:f9:d8:2e:cc:
51:b6:65:1d:3a:7e:d5:1c:90:af:d4:70:62:a4:70:1c:b6:49:
b2:0e:a4:e2:3e:54:2a:87:ee:1a:16:6a:fb:54:28:b6:c6:32:
76:9f:58:00
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICMokwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcw
NzExNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhDMkU2Nzg0MEM2MzI5
MEE1QjdDMjUwMDI0NDJFN0UwQTcxOTM3MEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgGyClNWwNbY77NGobp5LeI5O+ZDNh4lbV7uea97LKmZWLLfW5
9OdNQ9FCoIyKHsk+BGF5CnuKCPh7xdjumCJlqaS3yH5tePprUaUITRzwLdGID5xO
8WebKn+dDMaMwksg5WXpiA+GdHq8uGei3ea9bDGVHNu2KtYWUzVXygYoT1XJW22V
qj7e5wkrlIJQpjGKb2zDPX5/CSzKrdpibTt97fHOyuqPh+JrfrSbpmzeBHPR9aDr
7O6eYj5SeSlgF4cDQowvAzJt9AEXaVKi2f1SLEAaQnyT7tm90+RXzk6WRMAxmdx4
/oCSaf4AtUNyT+MEKznV9qZFPEPvVl2rbfdLAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUjC5nhAxjKQpbfCUAJELn4KcZNwwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2pDNW5oQXhqS1FwYmZD
VUFKRUxuNEtjWk53dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACYzUywfCNKzcVwj
tk1mF85axf17NtSuSrCmICSP7S4QBBcKgTmW5/RuPsaEDlvQH5VuWuYi6OLbSrcI
Z7GPtuKfSkRNHVZ2gfwEuvNE+7jQVFGo5aKQMZ7R7T+HWAlsl/xdmPJNA0HlBLFj
u+1h2me5uI0Z0x0W2esk2hfkxa9OdhNFnaDbIfJnt0rwYFZqwRYpqBvFEtG9eGO6
B5+NgSWN8DpkwCmFMgrFgukeEDwy+vrRlg8WCsRgKTAddFVVmn6rAUpMwoMk3OQC
cQ77J6eQm9Wd+dguzFG2ZR06ftUckK/UcGKkcBy2SbIOpOI+VCqH7hoWavtUKLbG
MnafWAA=
-----END CERTIFICATE-----
Generated at Wed Mar 27 13:23:28 2024 by rpki-client on console.sobornost.net