Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pafqsK9NQqNEs3MbIyVdQSKdS8w.roa
File: pafqsK9NQqNEs3MbIyVdQSKdS8w.roa (raw, json)
Hash identifier: ZAEg9FHWh0Ao5Fcz7AiV/2S/B0a06W2FYX/3Mxe8v7c=
Subject key identifier: A5:A7:EA:B0:AF:4D:42:A3:44:B3:73:1B:23:25:5D:41:22:9D:4B:CC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D75
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pafqsK9NQqNEs3MbIyVdQSKdS8w.roa
Signing time: Wed 01 May 2024 20:53:39 +0000
ROA not before: Wed 01 May 2024 20:53:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19829 (0x4d75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 20:53:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A5A7EAB0AF4D42A344B3731B23255D41229D4BCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b5:e6:09:61:70:e2:79:90:0e:87:08:d6:f3:
28:c9:b7:8e:73:9c:fa:8f:66:e1:9e:28:ce:4f:6c:
7c:f3:e0:5f:92:27:20:cf:38:18:32:c1:43:2c:4f:
ae:0e:0f:46:76:d7:4f:16:53:1f:9f:bb:2f:88:5e:
83:3a:8b:0a:62:bf:7b:98:46:6f:c1:e2:d7:e9:f3:
9a:aa:f6:e4:39:29:95:c2:e3:4d:e2:61:3e:b6:a2:
e9:65:ed:1d:cb:21:9e:e2:63:8a:31:8f:fa:6d:7e:
a7:83:37:69:29:f5:76:6e:a0:54:a8:7e:2b:20:38:
b8:6e:67:0b:6a:17:93:f6:15:43:e0:2c:70:3b:cb:
0c:31:90:d6:1d:fb:97:2c:72:b9:6d:fb:7c:51:00:
c1:8d:30:a0:33:84:ae:22:2a:5f:d7:62:9b:ad:26:
d8:2b:57:9a:3b:f9:68:3f:e1:a3:f2:09:7b:9a:fc:
c3:f8:f6:20:8b:0c:94:19:ab:93:d6:38:48:88:ab:
3b:7b:a3:0b:2c:d6:11:f2:f3:a2:69:85:ec:b7:bc:
cb:e5:50:be:79:ec:79:f2:2d:70:75:1d:68:37:4a:
52:ea:ee:99:97:ac:3f:da:b7:39:fb:4e:d4:c8:41:
ed:75:e9:19:da:3c:90:42:a9:cb:31:26:91:aa:48:
e8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A7:EA:B0:AF:4D:42:A3:44:B3:73:1B:23:25:5D:41:22:9D:4B:CC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pafqsK9NQqNEs3MbIyVdQSKdS8w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6a:75:72:85:2c:e9:61:09:ee:dc:5c:20:f2:94:7a:a8:87:82:
4a:62:27:75:8a:38:98:d0:40:50:09:fa:3f:54:9c:c8:b3:66:
2e:2e:7a:de:e1:16:02:f3:58:20:75:29:f2:c9:f4:33:a7:d3:
89:ec:33:08:06:d3:fc:f0:e0:fe:26:84:06:ea:f5:7d:95:28:
90:3c:f1:a8:78:17:6a:21:fe:54:7a:cb:59:a9:d6:85:94:34:
1e:70:54:a5:a4:c8:6d:e4:19:c0:0b:34:3b:c5:02:2b:9f:b7:
6a:b3:0b:45:9e:88:14:dd:cd:5a:3f:76:c1:13:f7:4a:d8:de:
3c:ac:27:50:0e:c5:4f:d1:28:69:85:19:2a:3c:64:8e:e9:b0:
fe:87:74:69:8f:d1:e6:2c:f0:a3:ac:92:7e:70:b4:74:ff:70:
c3:3f:33:45:86:63:46:bd:f4:de:81:ae:2e:69:2c:da:f0:6a:
4f:26:40:c1:fc:ab:11:51:90:b9:8d:8c:6b:3d:9b:34:57:b6:
e0:a1:8f:64:c2:9d:1c:2f:23:53:58:e8:c2:77:51:25:98:d3:
3b:b1:7a:41:b3:3d:a6:9b:9f:69:77:f5:20:3a:12:95:9e:6b:
0e:58:5d:4b:8c:8b:5c:91:f1:9b:48:d9:3f:f8:f8:19:ca:db:
58:72:55:31
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTXUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEy
MDUzMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE1QTdFQUIwQUY0RDQy
QTM0NEIzNzMxQjIzMjU1RDQxMjI5RDRCQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4teYJYXDieZAOhwjW8yjJt45znPqPZuGeKM5PbHzz4F+SJyDP
OBgywUMsT64OD0Z2108WUx+fuy+IXoM6iwpiv3uYRm/B4tfp85qq9uQ5KZXC403i
YT62oull7R3LIZ7iY4oxj/ptfqeDN2kp9XZuoFSofisgOLhuZwtqF5P2FUPgLHA7
ywwxkNYd+5cscrlt+3xRAMGNMKAzhK4iKl/XYputJtgrV5o7+Wg/4aPyCXua/MP4
9iCLDJQZq5PWOEiIqzt7owss1hHy86Jphey3vMvlUL557HnyLXB1HWg3SlLq7pmX
rD/atzn7TtTIQe116RnaPJBCqcsxJpGqSOhxAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUpafqsK9NQqNEs3MbIyVdQSKdS8wwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BhZnFzSzlOUXFORXMz
TWJJeVZkUVNLZFM4dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGp1coUs6WEJ7txc
IPKUeqiHgkpiJ3WKOJjQQFAJ+j9UnMizZi4uet7hFgLzWCB1KfLJ9DOn04nsMwgG
0/zw4P4mhAbq9X2VKJA88ah4F2oh/lR6y1mp1oWUNB5wVKWkyG3kGcALNDvFAiuf
t2qzC0WeiBTdzVo/dsET90rY3jysJ1AOxU/RKGmFGSo8ZI7psP6HdGmP0eYs8KOs
kn5wtHT/cMM/M0WGY0a99N6Bri5pLNrwak8mQMH8qxFRkLmNjGs9mzRXtuChj2TC
nRwvI1NY6MJ3USWY0zuxekGzPaabn2l39SA6EpWeaw5YXUuMi1yR8ZtI2T/4+BnK
21hyVTE=
-----END CERTIFICATE-----
Generated at Thu May 2 04:32:42 2024 by rpki-client on console.sobornost.net