Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qeMia1J2ZrYmJx-HFj03yPC-tho.roa
File: qeMia1J2ZrYmJx-HFj03yPC-tho.roa (raw, json)
Hash identifier: juGaYaDaeVkMlmpfhZFb5a/V7028mgM+6YZbPLQLNR0=
Subject key identifier: A9:E3:22:6B:52:76:66:B6:26:27:1F:87:16:3D:37:C8:F0:BE:B6:1A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D21
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qeMia1J2ZrYmJx-HFj03yPC-tho.roa
Signing time: Wed 10 Apr 2024 02:22:39 +0000
ROA not before: Wed 10 Apr 2024 02:22:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15649 (0x3d21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 02:22:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A9E3226B527666B626271F87163D37C8F0BEB61A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:45:3e:55:e9:6d:98:59:6d:3b:e1:8d:58:e0:
93:88:af:74:e5:b1:da:09:11:8a:47:ee:c7:d4:31:
87:25:ac:65:b4:b6:19:99:84:be:c7:e8:75:46:bc:
13:94:34:79:58:20:a0:96:14:9c:66:14:72:a7:7b:
6d:fb:21:56:7a:09:98:6e:cb:1f:72:e3:9a:a3:c3:
b7:5c:86:48:30:48:21:25:71:02:47:6e:d7:4a:03:
08:b3:c7:ca:e1:e0:6f:f2:43:9f:51:85:be:ac:18:
f1:53:f9:2d:52:90:b3:de:da:a9:53:63:76:48:bf:
78:96:a7:47:06:9c:b2:41:6b:41:79:3d:52:b8:0f:
01:8e:4a:51:2f:2c:7b:20:81:28:ea:ca:a2:6e:2f:
25:0a:23:bf:36:2a:66:a2:b4:89:1e:49:cd:63:53:
d2:04:cb:ee:9b:33:66:c2:d6:ec:69:ed:67:02:41:
3c:6d:38:39:22:ea:65:ae:cc:dd:4d:71:f4:ed:5d:
cf:d8:2b:1f:3d:44:22:dd:ad:cc:b8:c9:e0:2c:7b:
f7:a1:bc:ce:9f:88:de:01:12:d5:fb:ea:29:53:c3:
fc:90:54:0c:42:9e:84:b7:4f:f7:5f:ee:fc:f6:97:
4f:11:ab:bf:22:ac:25:c6:b6:7b:c8:fd:ae:65:0f:
25:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E3:22:6B:52:76:66:B6:26:27:1F:87:16:3D:37:C8:F0:BE:B6:1A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qeMia1J2ZrYmJx-HFj03yPC-tho.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
99:4e:6b:39:01:c8:87:94:21:b8:27:ba:03:88:e3:a1:81:c8:
08:43:c2:3f:69:01:43:3c:17:37:19:21:eb:9c:41:95:ba:7d:
42:12:f2:64:d0:23:10:0b:7c:9b:b5:1f:58:14:b1:b4:bc:81:
b6:b7:26:88:d4:5a:e4:61:ca:30:91:e9:e0:9b:a2:dc:e5:56:
db:c3:61:b7:0f:18:2f:a4:94:80:cd:de:0a:62:37:2c:c7:3d:
ce:5d:4e:88:d8:32:9b:34:72:9b:bc:70:18:9e:81:cf:6f:a9:
13:68:32:b5:e1:65:de:cb:7a:1a:68:5c:59:28:8d:0e:e2:53:
45:c5:3b:2b:a4:bc:3b:0d:b8:f0:45:55:7a:3d:8c:a9:65:fc:
2c:f1:bd:d2:8a:39:0c:92:78:3e:8b:90:86:b5:33:56:95:07:
91:b9:b1:4e:c4:9a:72:7b:56:4e:f7:4c:81:f6:bc:19:9b:6e:
bb:1b:f6:5d:d2:7e:3c:c3:c0:10:fb:32:9b:87:c8:c0:68:48:
09:72:ac:65:b7:c2:0d:14:8c:c6:ba:03:a2:a6:63:f9:ec:8a:
f3:bb:80:3d:0a:76:32:ab:2e:2a:5a:cb:c2:6f:af:f4:ab:a3:
85:d2:16:25:0c:81:fb:45:09:fe:4d:f6:80:c7:a8:5a:2b:17:
e1:e4:47:4e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPSEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAw
MjIyMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE5RTMyMjZCNTI3NjY2
QjYyNjI3MUY4NzE2M0QzN0M4RjBCRUI2MUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmRT5V6W2YWW074Y1Y4JOIr3TlsdoJEYpH7sfUMYclrGW0thmZ
hL7H6HVGvBOUNHlYIKCWFJxmFHKne237IVZ6CZhuyx9y45qjw7dchkgwSCElcQJH
btdKAwizx8rh4G/yQ59Rhb6sGPFT+S1SkLPe2qlTY3ZIv3iWp0cGnLJBa0F5PVK4
DwGOSlEvLHsggSjqyqJuLyUKI782KmaitIkeSc1jU9IEy+6bM2bC1uxp7WcCQTxt
ODki6mWuzN1NcfTtXc/YKx89RCLdrcy4yeAse/ehvM6fiN4BEtX76ilTw/yQVAxC
noS3T/df7vz2l08Rq78irCXGtnvI/a5lDyXHAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUqeMia1J2ZrYmJx+HFj03yPC+thowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3FlTWlhMUoyWnJZbUp4
LUhGajAzeVBDLXRoby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJlOazkByIeUIbgn
ugOI46GByAhDwj9pAUM8FzcZIeucQZW6fUIS8mTQIxALfJu1H1gUsbS8gba3JojU
WuRhyjCR6eCbotzlVtvDYbcPGC+klIDN3gpiNyzHPc5dTojYMps0cpu8cBiegc9v
qRNoMrXhZd7LehpoXFkojQ7iU0XFOyukvDsNuPBFVXo9jKll/CzxvdKKOQySeD6L
kIa1M1aVB5G5sU7EmnJ7Vk73TIH2vBmbbrsb9l3SfjzDwBD7MpuHyMBoSAlyrGW3
wg0UjMa6A6KmY/nsivO7gD0KdjKrLipay8Jvr/Sro4XSFiUMgftFCf5N9oDHqFor
F+HkR04=
-----END CERTIFICATE-----
Generated at Wed Apr 10 09:28:59 2024 by rpki-client on console.sobornost.net