Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/04ZAHwnrNMK7rjk3zY3Sm-H3Tt0.roa
File: 04ZAHwnrNMK7rjk3zY3Sm-H3Tt0.roa (raw, json)
Hash identifier: khe/qNYHpsNyXGnFy/EhQYy2QvJoRcZ1iR5637WU7Y0=
Subject key identifier: D3:86:40:1F:09:EB:34:C2:BB:AE:39:37:CD:8D:D2:9B:E1:F7:4E:DD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4529
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/04ZAHwnrNMK7rjk3zY3Sm-H3Tt0.roa
Signing time: Sat 20 Apr 2024 19:23:05 +0000
ROA not before: Sat 20 Apr 2024 19:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17705 (0x4529)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 19:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D386401F09EB34C2BBAE3937CD8DD29BE1F74EDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:bf:c8:8e:e4:b5:0c:fd:22:00:50:dd:eb:e3:
64:c0:25:15:8c:89:38:2e:78:92:99:ce:37:1e:5c:
36:32:8e:ab:f4:96:64:ca:d0:2c:1b:82:8d:c1:6f:
07:a8:cf:34:87:25:8a:dd:c5:a9:48:8c:79:06:3f:
62:e6:e0:f4:f9:e9:99:86:46:ea:fc:48:74:2a:3a:
01:40:9b:1f:bc:14:a5:84:18:d6:c0:54:52:9a:7f:
55:1f:06:36:93:08:65:4b:66:cc:89:fb:1d:cf:6e:
8e:b1:d9:9e:30:f8:41:a5:76:f7:bd:ec:9c:b6:3e:
70:08:42:5b:cb:d5:93:ee:e9:03:76:e9:90:5e:ba:
1b:4a:f0:d7:44:e0:fd:27:bf:d0:8b:9d:70:b1:19:
bf:30:f5:99:61:af:89:d0:b4:1a:3f:c8:f3:7e:8a:
7a:8f:37:a6:46:8b:e4:0e:74:ea:8d:e4:bf:0c:5d:
5e:41:c4:c4:d7:63:70:56:b0:d4:d4:42:2b:0f:01:
cd:0a:86:79:e3:3a:bd:ae:56:1f:8c:7d:f0:6c:99:
b3:90:ee:73:7f:fa:ba:5a:73:95:f2:68:60:b8:49:
96:88:7c:24:06:15:68:b3:04:79:12:a2:cd:50:6b:
2a:7e:40:bc:9a:2f:2e:b2:b3:4c:50:bd:44:91:b8:
a4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:86:40:1F:09:EB:34:C2:BB:AE:39:37:CD:8D:D2:9B:E1:F7:4E:DD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/04ZAHwnrNMK7rjk3zY3Sm-H3Tt0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4a:73:ee:5b:a3:a8:e7:93:b7:42:bd:b5:57:44:6b:da:17:8d:
41:1c:a7:7d:76:8f:9f:b8:a8:94:f4:e0:2c:30:bf:31:a8:76:
2d:30:3c:dc:89:c1:c4:02:9a:2e:6e:6a:45:bd:1d:d4:bf:21:
fc:9c:a8:d0:af:c9:4c:61:7a:60:f9:fc:74:5d:b1:2d:2e:a3:
97:37:a2:5f:8f:2b:34:46:73:97:77:e2:05:c0:d4:70:c9:ae:
9c:0c:20:b0:b9:1c:bb:ab:c5:f9:e0:25:aa:87:51:66:c9:74:
dc:e4:9e:27:af:da:d9:e5:b4:8a:eb:ee:c1:89:31:07:cc:e9:
86:44:67:e7:ab:dd:c6:f5:1a:03:29:c9:28:29:88:3d:f8:a4:
20:b4:e4:03:f7:b0:d3:ab:c6:d9:ab:7e:4a:df:1e:21:38:f3:
d6:fe:d1:9c:cd:8a:81:dc:94:0e:4f:22:51:51:13:10:55:9f:
7e:a4:16:0c:00:56:1f:d4:e9:5e:22:55:8e:fa:3c:f3:43:1b:
12:86:dd:34:b1:d3:be:92:3e:42:06:75:3d:bd:c2:84:42:8c:
df:5c:6c:b3:5c:f5:67:69:4f:00:fe:e0:18:c6:ec:c3:9f:d4:
19:ca:1c:4f:9e:7e:3d:31:f0:b1:4d:fc:a0:e9:a4:e4:97:3c:
57:35:30:74
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRSkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
OTIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQzODY0MDFGMDlFQjM0
QzJCQkFFMzkzN0NEOEREMjlCRTFGNzRFREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUv8iO5LUM/SIAUN3r42TAJRWMiTgueJKZzjceXDYyjqv0lmTK
0Cwbgo3BbweozzSHJYrdxalIjHkGP2Lm4PT56ZmGRur8SHQqOgFAmx+8FKWEGNbA
VFKaf1UfBjaTCGVLZsyJ+x3Pbo6x2Z4w+EGldve97Jy2PnAIQlvL1ZPu6QN26ZBe
uhtK8NdE4P0nv9CLnXCxGb8w9Zlhr4nQtBo/yPN+inqPN6ZGi+QOdOqN5L8MXV5B
xMTXY3BWsNTUQisPAc0KhnnjOr2uVh+MffBsmbOQ7nN/+rpac5XyaGC4SZaIfCQG
FWizBHkSos1Qayp+QLyaLy6ys0xQvUSRuKQrAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU04ZAHwnrNMK7rjk3zY3Sm+H3Tt0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzA0WkFId25yTk1LN3Jq
azN6WTNTbS1IM1R0MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEpz7lujqOeTt0K9
tVdEa9oXjUEcp312j5+4qJT04CwwvzGodi0wPNyJwcQCmi5uakW9HdS/IfycqNCv
yUxhemD5/HRdsS0uo5c3ol+PKzRGc5d34gXA1HDJrpwMILC5HLurxfngJaqHUWbJ
dNzkniev2tnltIrr7sGJMQfM6YZEZ+er3cb1GgMpySgpiD34pCC05AP3sNOrxtmr
fkrfHiE489b+0ZzNioHclA5PIlFRExBVn36kFgwAVh/U6V4iVY76PPNDGxKG3TSx
076SPkIGdT29woRCjN9cbLNc9WdpTwD+4BjG7MOf1BnKHE+efj0x8LFN/KDppOSX
PFc1MHQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:01 2024 by rpki-client on console-fra.rpki-client.org