Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/oj46WtEqiLSci3r9OjaAlfmBTlY.roa
File: oj46WtEqiLSci3r9OjaAlfmBTlY.roa (raw, json)
Hash identifier: 6FJzYwgPAItqzoAm7R4KwMyViMAJdEEDzs5qWZ2VyRI=
Subject key identifier: A2:3E:3A:5A:D1:2A:88:B4:9C:8B:7A:FD:3A:36:80:95:F9:81:4E:56
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34E9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oj46WtEqiLSci3r9OjaAlfmBTlY.roa
Signing time: Sat 30 Mar 2024 03:22:14 +0000
ROA not before: Sat 30 Mar 2024 03:22:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13545 (0x34e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 03:22:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A23E3A5AD12A88B49C8B7AFD3A368095F9814E56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:04:7a:d6:bd:40:f0:20:1a:c1:44:c3:0a:a4:
0e:86:ee:13:46:f7:30:43:56:7a:cf:64:a3:b4:77:
d8:9b:44:d9:9a:c6:59:6e:71:1f:25:b7:0b:b1:5f:
9d:22:e9:86:7b:3c:c8:c9:c5:d8:16:6b:ba:cf:61:
ae:cd:22:89:b8:2c:a2:27:8b:ec:47:66:8c:79:c4:
c4:2f:75:fe:8e:97:fe:55:c0:8a:ed:67:c4:7b:40:
3b:5a:51:19:62:08:ae:7a:bc:aa:5a:89:b2:b8:0e:
3e:6b:cf:0a:15:72:21:44:7d:40:34:2e:05:f4:a0:
82:3b:3a:a9:5e:cb:2e:1f:a7:8c:4a:b9:82:e6:58:
f1:9a:ae:e3:a3:8a:d4:04:f0:2b:aa:91:c7:05:48:
3f:7d:4b:e2:e6:a0:b4:65:88:50:c2:f6:0f:b7:9d:
70:47:26:c0:b5:4d:65:ee:dd:5e:e4:a4:47:95:d8:
b9:01:35:f6:a9:28:2f:6b:b4:0a:54:ca:0f:ac:40:
d4:70:85:ad:3b:49:74:8a:e9:83:46:ee:3b:33:e3:
25:b1:ce:2f:f5:10:56:a3:85:36:6f:55:03:36:18:
30:dc:ce:b2:ad:90:9c:ba:5a:0a:15:ec:1d:bf:ec:
5d:a6:97:eb:5e:a3:c4:33:28:cd:a5:4a:c8:18:e7:
d5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3E:3A:5A:D1:2A:88:B4:9C:8B:7A:FD:3A:36:80:95:F9:81:4E:56
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oj46WtEqiLSci3r9OjaAlfmBTlY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
1d:4c:41:ca:b9:ff:c7:19:1f:cc:6f:d4:40:ee:fd:86:db:bf:
c1:28:26:c8:d9:24:32:bb:05:fe:75:b5:c5:0d:ca:a4:e4:c3:
b5:7c:5e:9e:d3:1d:34:32:a3:4b:17:b6:99:0a:1b:db:0b:bb:
cd:9a:32:43:9d:f7:c1:9d:c6:57:bf:b9:cb:82:94:d1:e7:23:
fa:f3:ec:67:2a:79:4b:a1:23:8f:a2:1f:97:6b:ea:d2:d6:f1:
24:29:30:19:0c:c9:f3:87:54:17:35:0f:ce:8f:23:60:03:bd:
11:28:f1:cf:37:64:b3:ab:7a:43:c0:b6:ad:d1:2b:d7:85:9d:
4f:39:df:ad:49:21:62:05:57:2b:58:bf:09:f4:20:49:40:11:
55:ad:aa:4b:29:4b:19:89:94:eb:49:67:c9:38:98:44:0f:7a:
83:a5:d7:cb:a3:c4:67:15:f8:0f:d4:3e:50:b0:d0:5c:06:b4:
fa:c1:16:07:79:e3:41:4b:98:01:11:b2:af:4e:5d:32:81:04:
d6:e5:87:7d:73:64:cf:1c:33:9d:c0:98:83:b9:3a:7a:73:60:
04:8c:69:b9:c9:da:cd:33:62:68:62:7b:e9:0f:64:14:ea:58:
37:cc:87:07:6d:70:4e:c7:a0:0d:bb:bb:44:47:7a:7b:7b:01:
90:ab:cc:c9
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNOkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
MzIyMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEyM0UzQTVBRDEyQTg4
QjQ5QzhCN0FGRDNBMzY4MDk1Rjk4MTRFNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKBHrWvUDwIBrBRMMKpA6G7hNG9zBDVnrPZKO0d9ibRNmaxllu
cR8ltwuxX50i6YZ7PMjJxdgWa7rPYa7NIom4LKIni+xHZox5xMQvdf6Ol/5VwIrt
Z8R7QDtaURliCK56vKpaibK4Dj5rzwoVciFEfUA0LgX0oII7Oqleyy4fp4xKuYLm
WPGaruOjitQE8CuqkccFSD99S+LmoLRliFDC9g+3nXBHJsC1TWXu3V7kpEeV2LkB
NfapKC9rtApUyg+sQNRwha07SXSK6YNG7jsz4yWxzi/1EFajhTZvVQM2GDDczrKt
kJy6WgoV7B2/7F2ml+teo8QzKM2lSsgY59UfAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUoj46WtEqiLSci3r9OjaAlfmBTlYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29qNDZXdEVxaUxTY2kz
cjlPamFBbGZtQlRsWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAB1MQcq5/8cZH8xv
1EDu/Ybbv8EoJsjZJDK7Bf51tcUNyqTkw7V8Xp7THTQyo0sXtpkKG9sLu82aMkOd
98Gdxle/ucuClNHnI/rz7GcqeUuhI4+iH5dr6tLW8SQpMBkMyfOHVBc1D86PI2AD
vREo8c83ZLOrekPAtq3RK9eFnU85361JIWIFVytYvwn0IElAEVWtqkspSxmJlOtJ
Z8k4mEQPeoOl18ujxGcV+A/UPlCw0FwGtPrBFgd540FLmAERsq9OXTKBBNblh31z
ZM8cM53AmIO5OnpzYASMabnJ2s0zYmhie+kPZBTqWDfMhwdtcE7HoA27u0RHent7
AZCrzMk=
-----END CERTIFICATE-----
Generated at Sat Mar 30 09:11:46 2024 by rpki-client on console.sobornost.net