Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/s0irTKreo00O-LPA39kcj1f4SdU.roa
File: s0irTKreo00O-LPA39kcj1f4SdU.roa (raw, json)
Hash identifier: SGL2kQhiVxhICVNl+TiPDhSGSvsYxw9XEcBJol/Q70w=
Subject key identifier: B3:48:AB:4C:AA:DE:A3:4D:0E:F8:B3:C0:DF:D9:1C:8F:57:F8:49:D5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E09
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/s0irTKreo00O-LPA39kcj1f4SdU.roa
Signing time: Thu 11 Apr 2024 07:22:44 +0000
ROA not before: Thu 11 Apr 2024 07:22:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15881 (0x3e09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 07:22:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B348AB4CAADEA34D0EF8B3C0DFD91C8F57F849D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:02:a2:ce:b3:f6:ed:b7:ea:89:01:40:ed:02:
3d:97:82:7b:11:79:20:a1:26:fa:55:d8:33:65:db:
a1:e0:a4:0c:8e:47:c4:c7:fd:92:fa:23:7d:f2:f9:
4b:79:6e:b3:3f:aa:dd:9f:3f:94:a0:f0:7e:5b:ae:
6c:b4:e3:9b:37:d1:ab:6a:b0:79:81:ee:0e:ba:98:
20:12:65:9a:dc:16:b0:66:4b:7a:39:38:8f:02:b6:
d7:0a:32:df:cd:1d:9d:d0:c5:d2:ad:94:b9:b2:8a:
c5:c9:eb:5e:1e:79:4c:49:6a:21:e6:b6:9b:b8:d4:
e9:56:bc:c0:25:14:7c:41:63:e6:cf:71:b0:84:dc:
f7:dc:08:94:4a:b8:b8:da:26:55:3a:ac:8d:5b:be:
4a:1b:ca:6c:79:43:44:fa:5f:5d:26:a3:ce:a8:75:
19:1c:7c:fb:1e:0b:a6:b5:18:f3:0f:48:51:55:83:
a2:88:be:ed:06:a8:57:6e:52:29:17:95:0a:0a:a5:
20:d6:8d:6f:bd:02:5c:7f:4b:2d:f0:d9:37:99:22:
a2:7c:b7:88:8b:ab:c7:45:6e:2d:d8:9e:ff:dd:98:
87:16:8a:4e:93:61:80:5c:46:63:fc:6d:5c:4e:fc:
37:80:fd:e1:97:10:c4:ed:86:70:cc:1c:f1:d2:bf:
db:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:48:AB:4C:AA:DE:A3:4D:0E:F8:B3:C0:DF:D9:1C:8F:57:F8:49:D5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/s0irTKreo00O-LPA39kcj1f4SdU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
55:b8:3d:9a:f7:c1:75:ca:eb:cc:0e:54:30:91:bb:66:45:fd:
ea:23:86:96:c1:e3:7c:fa:f1:26:d3:4b:3b:34:22:d8:1f:db:
d9:28:74:7d:80:5a:64:3e:ac:ae:7b:ac:99:78:1f:1e:4a:0d:
22:39:ca:34:dc:b4:e8:72:81:91:54:d2:0d:dd:b9:ab:b3:d6:
14:c7:52:74:6c:5c:0d:2d:3c:a0:e2:64:98:08:0d:e0:84:9c:
e9:3e:25:07:40:64:4a:cf:fa:72:e8:7e:e4:d2:2d:c9:09:7b:
81:25:4e:fc:f8:53:81:c4:77:95:02:b3:4e:6a:b1:b5:db:91:
85:f2:6d:76:15:0b:ed:02:21:a7:e4:91:6d:7c:b8:a0:06:4b:
3f:5e:18:43:ba:bb:7e:01:18:00:d4:1e:51:f1:27:f0:c2:74:
3a:ba:a8:5f:b9:c8:b7:e9:f4:20:42:1c:62:49:6d:92:ec:13:
55:9d:a6:da:21:9d:67:f3:85:50:26:fd:62:69:88:00:c6:e5:
f7:46:ea:1c:88:ae:51:32:23:0c:f9:e6:ae:85:53:aa:07:82:
c4:26:00:87:6a:bb:e9:60:f2:2a:f2:85:e3:f1:8f:fc:14:28:
1a:df:6f:a1:5d:c5:00:59:ec:67:be:c6:53:99:32:4f:03:bc:
98:77:1f:e2
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPgkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
NzIyNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIzNDhBQjRDQUFERUEz
NEQwRUY4QjNDMERGRDkxQzhGNTdGODQ5RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYAqLOs/btt+qJAUDtAj2XgnsReSChJvpV2DNl26HgpAyOR8TH
/ZL6I33y+Ut5brM/qt2fP5Sg8H5brmy045s30atqsHmB7g66mCASZZrcFrBmS3o5
OI8CttcKMt/NHZ3QxdKtlLmyisXJ614eeUxJaiHmtpu41OlWvMAlFHxBY+bPcbCE
3PfcCJRKuLjaJlU6rI1bvkobymx5Q0T6X10mo86odRkcfPseC6a1GPMPSFFVg6KI
vu0GqFduUikXlQoKpSDWjW+9Alx/Sy3w2TeZIqJ8t4iLq8dFbi3Ynv/dmIcWik6T
YYBcRmP8bVxO/DeA/eGXEMTthnDMHPHSv9vJAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUs0irTKreo00O+LPA39kcj1f4SdUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3MwaXJUS3JlbzAwTy1M
UEEzOWtjajFmNFNkVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFW4PZr3wXXK68wO
VDCRu2ZF/eojhpbB43z68SbTSzs0Itgf29kodH2AWmQ+rK57rJl4Hx5KDSI5yjTc
tOhygZFU0g3duauz1hTHUnRsXA0tPKDiZJgIDeCEnOk+JQdAZErP+nLofuTSLckJ
e4ElTvz4U4HEd5UCs05qsbXbkYXybXYVC+0CIafkkW18uKAGSz9eGEO6u34BGADU
HlHxJ/DCdDq6qF+5yLfp9CBCHGJJbZLsE1WdptohnWfzhVAm/WJpiADG5fdG6hyI
rlEyIwz55q6FU6oHgsQmAIdqu+lg8iryhePxj/wUKBrfb6FdxQBZ7Ge+xlOZMk8D
vJh3H+I=
-----END CERTIFICATE-----
Generated at Thu Apr 11 14:03:39 2024 by rpki-client on console.sobornost.net