Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/z0oNdsBZyulhpXIm03aC-FzUgnM.roa
File: z0oNdsBZyulhpXIm03aC-FzUgnM.roa (raw, json)
Hash identifier: 5684T2IxPE29z0Bf0gSxbare2pt98L/K2yMwMSlYNEQ=
Subject key identifier: CF:4A:0D:76:C0:59:CA:E9:61:A5:72:26:D3:76:82:F8:5C:D4:82:73
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 38BD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/z0oNdsBZyulhpXIm03aC-FzUgnM.roa
Signing time: Thu 04 Apr 2024 05:52:24 +0000
ROA not before: Thu 04 Apr 2024 05:52:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14525 (0x38bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 05:52:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CF4A0D76C059CAE961A57226D37682F85CD48273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:81:03:be:10:dd:f4:a8:d8:89:56:85:d0:94:
77:70:e8:0d:5c:12:45:36:5a:c4:33:8f:19:f5:aa:
84:b0:f2:40:8c:60:b9:c2:a7:fa:28:dc:69:05:3b:
29:57:ac:c8:a4:a9:90:3e:60:a0:37:87:c8:46:a7:
82:73:56:ff:ca:57:0f:6c:b9:66:00:12:1d:e9:39:
c3:4d:f2:5a:a0:91:15:dd:05:69:bb:fb:ba:24:5e:
03:dc:ef:c2:cc:ca:15:a6:37:56:75:f5:bd:4b:7b:
66:cf:22:0a:c7:6a:ef:65:57:1a:cc:1e:0c:45:24:
5c:48:54:0e:21:28:35:af:29:dd:c2:26:fc:4f:bf:
a8:5c:3f:8f:11:7c:04:dc:e3:f6:ec:a1:a5:9a:5f:
1b:10:f5:de:6e:42:92:22:a7:4c:2a:61:da:77:0d:
78:f4:74:ae:cb:f9:04:8f:ce:0a:21:19:15:2c:a7:
63:bc:ec:68:ba:cf:c2:a9:48:18:4e:c6:ca:4d:b7:
72:28:9d:02:e6:c0:4d:a4:0f:a5:06:4d:a1:87:cb:
64:ba:02:d2:45:d3:59:b5:49:72:e3:25:a3:f9:b1:
1b:d9:3b:e2:e0:4b:ad:a0:5c:77:d0:91:6e:11:2d:
b5:1a:0a:8f:7d:77:7d:99:44:52:4f:e2:fd:00:90:
20:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4A:0D:76:C0:59:CA:E9:61:A5:72:26:D3:76:82:F8:5C:D4:82:73
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/z0oNdsBZyulhpXIm03aC-FzUgnM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
03:3b:d7:77:13:5b:41:bf:7d:29:df:19:63:62:02:85:70:61:
56:72:b4:56:0a:8d:58:84:03:55:22:60:32:cb:3b:e1:15:07:
35:cf:73:6e:e6:e2:4c:90:83:13:14:f4:be:f6:79:53:a2:8c:
55:29:ea:88:37:b0:a9:ff:0c:3e:23:9d:e5:03:a5:4f:05:d0:
17:3b:4f:92:37:45:21:c7:30:f2:b9:df:46:37:0b:2a:16:70:
58:9b:0f:29:06:09:ef:da:94:3a:7c:7f:2d:5f:06:1d:22:44:
3c:98:29:0d:b7:22:32:ef:41:33:d5:ed:1a:b3:dd:67:84:7a:
e0:9c:f3:27:7a:eb:0a:b8:a6:05:70:2c:96:93:c3:fa:06:a8:
4d:6d:65:dc:94:02:20:9f:02:08:69:7e:97:54:6b:d9:d6:87:
3e:a5:f7:2e:27:0b:1d:d2:51:c4:35:93:99:8c:3b:08:71:45:
0f:0c:66:42:67:29:0b:c9:ab:ca:68:b5:c9:2b:01:55:02:37:
0d:7f:f8:cc:be:b2:05:f0:33:42:82:c7:15:9f:29:d8:81:19:
6a:86:50:d8:ba:94:09:1b:9e:b0:58:49:81:2e:65:29:83:87:
0d:4b:6f:59:12:9e:19:91:50:4c:a4:ba:25:cf:28:60:57:9b:
1f:85:63:46
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOL0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQw
NTUyMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENGNEEwRDc2QzA1OUNB
RTk2MUE1NzIyNkQzNzY4MkY4NUNENDgyNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDigQO+EN30qNiJVoXQlHdw6A1cEkU2WsQzjxn1qoSw8kCMYLnC
p/oo3GkFOylXrMikqZA+YKA3h8hGp4JzVv/KVw9suWYAEh3pOcNN8lqgkRXdBWm7
+7okXgPc78LMyhWmN1Z19b1Le2bPIgrHau9lVxrMHgxFJFxIVA4hKDWvKd3CJvxP
v6hcP48RfATc4/bsoaWaXxsQ9d5uQpIip0wqYdp3DXj0dK7L+QSPzgohGRUsp2O8
7Gi6z8KpSBhOxspNt3IonQLmwE2kD6UGTaGHy2S6AtJF01m1SXLjJaP5sRvZO+Lg
S62gXHfQkW4RLbUaCo99d32ZRFJP4v0AkCCvAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUz0oNdsBZyulhpXIm03aC+FzUgnMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3owb05kc0JaeXVsaHBY
SW0wM2FDLUZ6VWduTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAM713cTW0G/fSnf
GWNiAoVwYVZytFYKjViEA1UiYDLLO+EVBzXPc27m4kyQgxMU9L72eVOijFUp6og3
sKn/DD4jneUDpU8F0Bc7T5I3RSHHMPK530Y3CyoWcFibDykGCe/alDp8fy1fBh0i
RDyYKQ23IjLvQTPV7Rqz3WeEeuCc8yd66wq4pgVwLJaTw/oGqE1tZdyUAiCfAghp
fpdUa9nWhz6l9y4nCx3SUcQ1k5mMOwhxRQ8MZkJnKQvJq8potckrAVUCNw1/+My+
sgXwM0KCxxWfKdiBGWqGUNi6lAkbnrBYSYEuZSmDhw1Lb1kSnhmRUEykuiXPKGBX
mx+FY0Y=
-----END CERTIFICATE-----
Generated at Thu Apr 4 12:50:09 2024 by rpki-client on console.sobornost.net