Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tONdEbS8IfrCjgMfYw7CfymWBps.roa
File: tONdEbS8IfrCjgMfYw7CfymWBps.roa (raw, json)
Hash identifier: ocLP3iU2jjAVxz9ruZzQVfh4n+Cj0HOoxpzKyjxoLr4=
Subject key identifier: B4:E3:5D:11:B4:BC:21:FA:C2:8E:03:1F:63:0E:C2:7F:29:96:06:9B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F0D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tONdEbS8IfrCjgMfYw7CfymWBps.roa
Signing time: Fri 03 May 2024 23:54:01 +0000
ROA not before: Fri 03 May 2024 23:54:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20237 (0x4f0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 23:54:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B4E35D11B4BC21FAC28E031F630EC27F2996069B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:33:d8:21:15:e7:47:a3:dc:65:4f:3d:41:a0:
04:4a:87:15:d9:52:51:fe:fb:30:93:45:37:d3:33:
8f:01:39:93:db:63:65:e7:5a:c6:1f:db:e4:5b:80:
f9:52:e4:60:32:63:e2:9e:46:ee:e9:f9:42:44:aa:
41:54:20:77:97:b1:fa:02:69:f9:ff:5b:7a:67:c3:
67:16:f7:8a:da:3a:dc:51:0c:9b:9c:1b:d4:58:79:
98:59:41:36:c4:e4:66:ca:49:53:ce:34:4a:79:82:
52:4b:cc:2f:f8:a5:e3:22:ce:20:86:6a:51:36:52:
6e:ef:ab:0f:cb:68:13:98:9c:f0:f9:d3:64:4e:d3:
ef:e4:28:72:87:72:9c:83:d4:bd:c3:14:56:f8:6e:
59:45:38:15:d7:3b:44:e4:9d:c8:7c:de:ee:30:7d:
3e:6c:d6:61:58:84:a6:53:a9:6c:e7:24:a2:fd:c4:
70:17:6e:dd:fc:2b:50:cf:6a:55:a4:43:50:34:1f:
6b:98:e7:8b:08:d8:a6:22:92:f8:92:10:a4:5d:41:
5e:9c:c1:2c:24:97:b9:f5:11:4d:53:29:f7:37:ab:
d1:00:0b:66:ec:d8:4b:b7:51:78:0d:de:dc:db:f6:
87:bc:33:a4:62:8b:41:2d:6c:29:52:f2:b9:ee:51:
b0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E3:5D:11:B4:BC:21:FA:C2:8E:03:1F:63:0E:C2:7F:29:96:06:9B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tONdEbS8IfrCjgMfYw7CfymWBps.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
04:62:f8:e4:91:9f:7a:1e:89:f2:65:a1:78:81:a4:3c:e3:d9:
0e:4f:50:f5:1e:7f:25:b1:45:e3:50:d2:73:df:ab:52:6b:7a:
a4:e7:16:7c:62:7a:85:98:4d:99:cf:ab:0a:0a:75:e1:75:3c:
66:77:ed:7b:eb:06:54:16:8d:4e:3d:2f:9d:a1:09:2e:2c:34:
0e:2d:9e:23:82:9b:fe:be:d3:e5:9e:3c:50:fb:2b:81:44:ac:
33:87:12:c3:59:7b:d3:eb:ea:7c:ec:a9:a3:45:67:de:b5:01:
52:9a:f1:6d:81:c9:54:7e:dc:ff:56:16:08:4a:4e:fe:10:e4:
fd:94:3f:be:8e:5f:c3:4e:07:4b:87:27:e3:27:bd:de:4a:34:
cc:35:e2:fd:16:c8:61:f8:db:62:86:c7:7c:73:dd:63:a4:1b:
d9:b9:71:e0:19:16:2d:66:8a:43:94:3c:9e:ed:02:fb:30:37:
4a:6a:97:1e:46:7c:7c:02:1a:35:59:cb:38:03:0a:e5:de:f4:
6b:d9:8a:a6:24:1e:08:6d:b6:dd:fc:dd:e3:d2:32:e2:b4:82:
e2:60:c1:c8:75:0f:49:2e:b5:81:e3:9a:b6:d6:c7:97:83:84:
52:b6:1e:a9:f7:bc:2a:79:d4:a7:15:21:30:62:54:2f:c1:e4:
36:50:06:d0
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTw0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMy
MzU0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI0RTM1RDExQjRCQzIx
RkFDMjhFMDMxRjYzMEVDMjdGMjk5NjA2OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7M9ghFedHo9xlTz1BoARKhxXZUlH++zCTRTfTM48BOZPbY2Xn
WsYf2+RbgPlS5GAyY+KeRu7p+UJEqkFUIHeXsfoCafn/W3pnw2cW94raOtxRDJuc
G9RYeZhZQTbE5GbKSVPONEp5glJLzC/4peMiziCGalE2Um7vqw/LaBOYnPD502RO
0+/kKHKHcpyD1L3DFFb4bllFOBXXO0Tknch83u4wfT5s1mFYhKZTqWznJKL9xHAX
bt38K1DPalWkQ1A0H2uY54sI2KYikviSEKRdQV6cwSwkl7n1EU1TKfc3q9EAC2bs
2Eu3UXgN3tzb9oe8M6Rii0EtbClS8rnuUbAfAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUtONdEbS8IfrCjgMfYw7CfymWBpswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RPTmRFYlM4SWZyQ2pn
TWZZdzdDZnltV0Jwcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAARi+OSRn3oeifJl
oXiBpDzj2Q5PUPUefyWxReNQ0nPfq1JreqTnFnxieoWYTZnPqwoKdeF1PGZ37Xvr
BlQWjU49L52hCS4sNA4tniOCm/6+0+WePFD7K4FErDOHEsNZe9Pr6nzsqaNFZ961
AVKa8W2ByVR+3P9WFghKTv4Q5P2UP76OX8NOB0uHJ+Mnvd5KNMw14v0WyGH422KG
x3xz3WOkG9m5ceAZFi1mikOUPJ7tAvswN0pqlx5GfHwCGjVZyzgDCuXe9GvZiqYk
Hghttt383ePSMuK0guJgwch1D0kutYHjmrbWx5eDhFK2Hqn3vCp51KcVITBiVC/B
5DZQBtA=
-----END CERTIFICATE-----
Generated at Thu May 9 03:53:50 2024 by rpki-client on console.sobornost.net