Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lOQHZCQlR4Ge_ffiwdfNXCHLBRQ.roa
File: lOQHZCQlR4Ge_ffiwdfNXCHLBRQ.roa (raw, json)
Hash identifier: FmkC/4PKElJiu3cpymfSgAOyhyAm6r4j87bud+XfiSU=
Subject key identifier: 94:E4:07:64:24:25:47:81:9E:FD:F7:E2:C1:D7:CD:5C:21:CB:05:14
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 42A9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lOQHZCQlR4Ge_ffiwdfNXCHLBRQ.roa
Signing time: Wed 17 Apr 2024 11:22:59 +0000
ROA not before: Wed 17 Apr 2024 11:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17065 (0x42a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 11:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=94E40764242547819EFDF7E2C1D7CD5C21CB0514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ce:cd:52:86:6a:b5:29:55:2d:ae:a7:d9:94:
a6:35:c1:72:b7:76:aa:a2:dc:fa:cc:d9:44:ff:b3:
7f:b5:10:c5:c0:09:e7:09:ac:f7:fc:85:e4:0e:65:
92:c5:17:82:de:48:d8:2d:f8:2a:80:93:e8:c9:2b:
85:15:cf:b3:d2:1d:58:28:ab:85:72:2a:11:2b:6f:
cb:71:57:29:c9:40:41:cf:1c:64:75:a8:2f:bc:af:
70:69:92:01:f6:bd:a0:83:4c:23:d3:2b:92:65:42:
8d:0b:f7:bc:3f:b5:65:f0:36:98:c8:8a:ee:90:26:
69:30:df:4b:58:6c:55:19:93:2a:1a:e2:84:18:ec:
14:11:34:bc:1e:b2:c3:e9:bc:c4:c0:cd:5a:f7:6e:
be:43:d4:e6:dd:13:a8:a8:40:58:76:83:e5:ac:d5:
35:ef:2c:e3:d7:32:1f:fc:aa:2f:c3:fe:13:fb:f3:
c6:58:7e:53:b0:1b:fd:af:53:69:3b:18:bd:21:91:
51:ea:f1:37:6f:de:2c:41:6a:a4:90:99:81:a2:57:
c3:f4:37:1b:fd:50:ef:1d:24:20:c4:57:c5:cf:a0:
99:ec:3d:2f:68:c8:c9:be:f9:94:20:76:6b:8f:99:
dc:d6:61:bd:bf:33:9b:9b:6a:c2:de:f2:ca:47:c2:
51:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E4:07:64:24:25:47:81:9E:FD:F7:E2:C1:D7:CD:5C:21:CB:05:14
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lOQHZCQlR4Ge_ffiwdfNXCHLBRQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8c:9c:87:f8:d5:0f:c4:24:07:0a:66:36:07:4d:fd:44:09:9c:
4c:59:3b:cf:50:ad:ad:2a:5d:51:de:36:6f:08:7b:74:9c:0a:
ee:9f:b6:7e:25:80:54:1c:55:5a:5f:47:e1:ed:87:e9:b6:9f:
f4:7b:29:dd:5f:0f:69:64:de:56:c1:5a:4f:7c:ce:0e:59:63:
65:a3:0c:47:5d:86:5a:fa:e4:6b:96:82:ba:9f:93:df:30:51:
4c:6f:19:54:5f:70:87:fb:23:1c:ea:5f:2f:35:35:39:95:e6:
81:8b:aa:f8:23:20:34:09:98:c9:89:a9:16:17:4a:6d:6c:0f:
a5:5c:ee:ce:10:c3:ad:14:12:69:e5:7f:96:90:46:1c:bc:d0:
04:22:8e:92:f5:51:5b:96:89:3c:4f:6a:ad:b6:d8:b5:2e:f2:
86:be:50:41:37:16:2e:83:f2:42:fe:c0:4a:ce:c7:17:12:0f:
02:65:93:a0:70:98:55:3c:e5:8d:71:32:5c:48:93:18:18:d2:
28:05:1f:78:9e:76:f8:ba:06:aa:77:d9:60:40:16:e8:d4:6b:
29:d2:a2:4f:a4:ec:8d:65:10:e4:65:82:2d:74:df:e5:0f:09:
ab:73:f6:80:0c:d8:f9:1f:0f:b4:8b:af:4e:03:ee:bd:35:da:
e6:92:b0:1c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQqkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcx
MTIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk0RTQwNzY0MjQyNTQ3
ODE5RUZERjdFMkMxRDdDRDVDMjFDQjA1MTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCozs1Shmq1KVUtrqfZlKY1wXK3dqqi3PrM2UT/s3+1EMXACecJ
rPf8heQOZZLFF4LeSNgt+CqAk+jJK4UVz7PSHVgoq4VyKhErb8txVynJQEHPHGR1
qC+8r3BpkgH2vaCDTCPTK5JlQo0L97w/tWXwNpjIiu6QJmkw30tYbFUZkyoa4oQY
7BQRNLwessPpvMTAzVr3br5D1ObdE6ioQFh2g+Ws1TXvLOPXMh/8qi/D/hP788ZY
flOwG/2vU2k7GL0hkVHq8Tdv3ixBaqSQmYGiV8P0Nxv9UO8dJCDEV8XPoJnsPS9o
yMm++ZQgdmuPmdzWYb2/M5ubasLe8spHwlElAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUlOQHZCQlR4Ge/ffiwdfNXCHLBRQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xPUUhaQ1FsUjRHZV9m
Zml3ZGZOWENITEJSUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIych/jVD8QkBwpm
NgdN/UQJnExZO89Qra0qXVHeNm8Ie3ScCu6ftn4lgFQcVVpfR+Hth+m2n/R7Kd1f
D2lk3lbBWk98zg5ZY2WjDEddhlr65GuWgrqfk98wUUxvGVRfcIf7IxzqXy81NTmV
5oGLqvgjIDQJmMmJqRYXSm1sD6Vc7s4Qw60UEmnlf5aQRhy80AQijpL1UVuWiTxP
aq222LUu8oa+UEE3Fi6D8kL+wErOxxcSDwJlk6BwmFU85Y1xMlxIkxgY0igFH3ie
dvi6Bqp32WBAFujUaynSok+k7I1lEORlgi103+UPCatz9oAM2PkfD7SLr04D7r01
2uaSsBw=
-----END CERTIFICATE-----
Generated at Wed Apr 17 18:49:38 2024 by rpki-client on console.sobornost.net