Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-zbuXARR5yUD77_mpQ2RvCY_spU.roa
File: -zbuXARR5yUD77_mpQ2RvCY_spU.roa (raw, json)
Hash identifier: UAhvT3eUrlTWWAHiM3T2uKtygfcTRqBBsYhyUqiaERM=
Subject key identifier: FB:36:EE:5C:04:51:E7:25:03:EF:BF:E6:A5:0D:91:BC:26:3F:B2:95
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4089
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-zbuXARR5yUD77_mpQ2RvCY_spU.roa
Signing time: Sun 14 Apr 2024 15:22:52 +0000
ROA not before: Sun 14 Apr 2024 15:22:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16521 (0x4089)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 15:22:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FB36EE5C0451E72503EFBFE6A50D91BC263FB295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:38:38:a8:17:01:b4:37:bc:cc:3c:65:09:95:
30:09:14:28:53:df:ea:40:e8:a8:45:5e:54:4a:c2:
aa:62:01:ce:7d:2d:93:b1:75:d4:9c:b6:a9:fa:c1:
dc:5a:84:3d:c0:fd:b1:e2:5d:ed:03:e9:56:d3:61:
50:47:39:b2:f6:d1:73:76:89:7a:10:c3:cc:4e:f0:
b0:0b:f2:72:a6:72:b3:28:11:b8:36:ca:7f:b3:84:
27:19:04:6c:73:e0:91:35:55:36:ce:2d:79:d4:d0:
67:5c:73:4e:01:fb:46:30:60:62:f4:03:e7:07:42:
1c:ec:08:dc:1a:49:b5:2f:a3:41:12:b6:25:9b:58:
4d:e0:d8:56:44:b4:a9:8f:53:53:8d:50:f6:14:3a:
04:34:b5:90:d9:91:f4:75:a6:ad:b6:2c:c7:81:31:
af:3e:03:09:5b:7c:5d:26:33:c0:45:80:c6:37:f5:
b9:ff:b1:a6:cf:04:9e:c3:bf:d9:f2:d0:b7:1e:8a:
06:12:42:e4:12:98:dd:11:4a:c5:01:0f:42:3f:9e:
79:cf:66:d4:bc:20:21:e1:dd:00:74:37:fc:8a:57:
21:60:e8:fe:af:e1:15:c7:b9:28:00:ac:0d:f4:0a:
c2:24:39:8f:c9:91:1c:e2:26:5b:b4:c9:95:46:80:
1c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:36:EE:5C:04:51:E7:25:03:EF:BF:E6:A5:0D:91:BC:26:3F:B2:95
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-zbuXARR5yUD77_mpQ2RvCY_spU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
1a:7a:8e:c3:53:ce:8b:c9:5d:60:d2:6e:ab:17:5d:02:27:fc:
38:53:22:0d:cc:81:55:37:9c:89:0f:fa:cd:64:b0:a0:2b:5c:
15:55:00:90:d2:5f:bd:8c:88:a0:0c:b8:5c:82:d0:8d:bd:9c:
89:c1:98:15:87:d8:7d:83:1e:72:86:36:11:ad:d8:a4:ee:c1:
da:7c:56:36:12:89:ff:02:5d:26:fc:aa:0d:ca:16:8d:88:b0:
ab:91:09:b3:5c:f7:db:50:89:1a:ca:94:fa:39:17:6c:03:12:
4a:9b:26:65:0f:08:d2:ed:8a:60:85:3e:ca:b6:f3:c3:4c:33:
7d:61:aa:9f:53:10:16:b5:f9:70:9a:86:46:49:4c:9f:09:c8:
8f:d9:05:67:5c:91:07:c5:db:3a:cc:db:aa:92:43:6c:ca:e4:
69:85:e2:2d:c6:51:27:8e:cb:1b:44:be:52:7c:7c:cc:f9:0e:
ef:b2:d2:cb:0b:99:4b:31:7b:e3:5b:ab:4c:59:72:75:3b:3a:
e3:0b:69:9f:1e:f8:d6:83:fb:03:0f:86:54:b3:5d:cb:f7:7b:
ab:15:4d:ea:16:f3:02:37:6d:87:6e:0e:5e:01:68:24:a1:5b:
1c:05:66:60:7d:86:fa:e0:70:06:8d:bc:76:55:8f:b8:ca:4c:
bb:6b:7a:dd
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQIkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
NTIyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZCMzZFRTVDMDQ1MUU3
MjUwM0VGQkZFNkE1MEQ5MUJDMjYzRkIyOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXODioFwG0N7zMPGUJlTAJFChT3+pA6KhFXlRKwqpiAc59LZOx
ddSctqn6wdxahD3A/bHiXe0D6VbTYVBHObL20XN2iXoQw8xO8LAL8nKmcrMoEbg2
yn+zhCcZBGxz4JE1VTbOLXnU0Gdcc04B+0YwYGL0A+cHQhzsCNwaSbUvo0EStiWb
WE3g2FZEtKmPU1ONUPYUOgQ0tZDZkfR1pq22LMeBMa8+AwlbfF0mM8BFgMY39bn/
sabPBJ7Dv9ny0LceigYSQuQSmN0RSsUBD0I/nnnPZtS8ICHh3QB0N/yKVyFg6P6v
4RXHuSgArA30CsIkOY/JkRziJlu0yZVGgBwNAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU+zbuXARR5yUD77/mpQ2RvCY/spUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly16YnVYQVJSNXlVRDc3
X21wUTJSdkNZX3NwVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABp6jsNTzovJXWDS
bqsXXQIn/DhTIg3MgVU3nIkP+s1ksKArXBVVAJDSX72MiKAMuFyC0I29nInBmBWH
2H2DHnKGNhGt2KTuwdp8VjYSif8CXSb8qg3KFo2IsKuRCbNc99tQiRrKlPo5F2wD
EkqbJmUPCNLtimCFPsq288NMM31hqp9TEBa1+XCahkZJTJ8JyI/ZBWdckQfF2zrM
26qSQ2zK5GmF4i3GUSeOyxtEvlJ8fMz5Du+y0ssLmUsxe+Nbq0xZcnU7OuMLaZ8e
+NaD+wMPhlSzXcv3e6sVTeoW8wI3bYduDl4BaCShWxwFZmB9hvrgcAaNvHZVj7jK
TLtret0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:01 2024 by rpki-client on console-fra.rpki-client.org