Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/10w9jB5pQoat6PEhFsaje0A0Yb4.roa
File: 10w9jB5pQoat6PEhFsaje0A0Yb4.roa (raw, json)
Hash identifier: j+HmBqwWAg1McfPlpU3TTSNCp6MwXH9A20HpDD0cpZI=
Subject key identifier: D7:4C:3D:8C:1E:69:42:86:AD:E8:F1:21:16:C6:A3:7B:40:34:61:BE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5285
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/10w9jB5pQoat6PEhFsaje0A0Yb4.roa
Signing time: Wed 08 May 2024 14:54:06 +0000
ROA not before: Wed 08 May 2024 14:54:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21125 (0x5285)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 14:54:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D74C3D8C1E694286ADE8F12116C6A37B403461BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:89:65:4b:8e:3a:e7:47:f4:25:e2:54:c3:cd:
88:93:6c:fa:0a:fc:2f:d1:f4:c1:84:5c:14:0f:4a:
9c:f6:95:c9:eb:07:ea:d9:10:47:34:3f:5e:05:6e:
f0:6c:e6:8e:6b:47:94:49:95:dd:b6:fd:74:02:b6:
09:04:61:24:ee:b8:f3:ce:20:b1:71:05:02:8d:1f:
3d:da:06:e4:a5:71:c9:13:18:33:ca:db:c3:d4:24:
13:f4:2f:5b:3b:8f:99:02:5f:f3:96:46:d4:91:3a:
1e:42:fd:97:97:83:75:11:44:e9:15:ed:75:34:cd:
32:0f:fc:e7:e9:b7:24:58:c8:72:4a:f4:ad:2e:d7:
3d:62:8b:7e:ab:3f:df:52:98:75:98:e5:a8:b2:59:
21:fd:06:7e:ab:0c:b4:aa:98:8f:8d:49:28:15:b1:
34:00:49:ae:ce:dd:e9:01:88:f1:fb:8b:32:05:91:
63:aa:29:b9:51:77:e6:e6:0f:95:ef:99:17:01:af:
65:cb:5e:a3:50:0c:3e:58:f4:2c:30:ae:67:19:b7:
dc:3a:e6:97:4d:00:3f:f0:d8:07:41:27:8a:1a:a0:
f9:63:68:37:84:ab:7b:55:c0:d0:e2:4c:35:58:ce:
3c:64:51:5b:7a:24:2b:08:d6:d2:ff:0a:00:04:9e:
70:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:4C:3D:8C:1E:69:42:86:AD:E8:F1:21:16:C6:A3:7B:40:34:61:BE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/10w9jB5pQoat6PEhFsaje0A0Yb4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a8:45:44:00:3c:45:4f:cc:4b:80:01:20:a5:9f:64:29:f9:50:
03:0a:f4:79:fa:41:bc:15:ba:27:da:b3:b2:ae:04:b4:0b:73:
4f:48:43:68:d6:2e:5a:c5:f3:ef:b3:98:5c:86:e3:f7:15:79:
93:9c:a0:29:14:08:58:c9:82:e4:27:a8:ee:32:a8:e1:27:07:
d9:94:b3:b3:30:8e:d7:9c:e4:2f:f4:2f:d0:95:f8:5a:08:90:
75:c3:0d:ca:e6:d0:28:ac:c8:66:36:8e:e5:e5:a3:66:27:f9:
3a:a4:4f:0c:40:b3:a3:78:28:c8:24:71:e0:b3:69:8e:b0:a2:
31:21:85:41:92:1e:d1:cf:81:17:31:26:92:a3:26:94:f6:fc:
2d:70:d2:97:72:93:5d:12:bf:12:da:19:9c:94:e8:4c:e6:19:
f9:2e:a9:01:f9:32:89:2f:03:02:f4:af:0d:84:c1:6e:13:58:
d2:0e:63:eb:4d:8b:06:7c:12:21:23:2f:c3:07:d2:63:eb:ba:
93:1a:42:47:a8:f8:5e:22:ef:87:ea:ab:b4:ad:ae:66:51:10:
71:02:06:2c:f0:99:de:cf:dc:d3:16:c2:b2:56:a5:8e:3f:a3:
c3:c2:df:e5:dc:98:25:e8:ce:cf:d1:05:e1:96:7e:a6:d7:5f:
54:fd:b2:fd
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUoUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgx
NDU0MDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ3NEMzRDhDMUU2OTQy
ODZBREU4RjEyMTE2QzZBMzdCNDAzNDYxQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyiWVLjjrnR/Ql4lTDzYiTbPoK/C/R9MGEXBQPSpz2lcnrB+rZ
EEc0P14FbvBs5o5rR5RJld22/XQCtgkEYSTuuPPOILFxBQKNHz3aBuSlcckTGDPK
28PUJBP0L1s7j5kCX/OWRtSROh5C/ZeXg3URROkV7XU0zTIP/OfptyRYyHJK9K0u
1z1ii36rP99SmHWY5aiyWSH9Bn6rDLSqmI+NSSgVsTQASa7O3ekBiPH7izIFkWOq
KblRd+bmD5XvmRcBr2XLXqNQDD5Y9CwwrmcZt9w65pdNAD/w2AdBJ4oaoPljaDeE
q3tVwNDiTDVYzjxkUVt6JCsI1tL/CgAEnnA/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU10w9jB5pQoat6PEhFsaje0A0Yb4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzEwdzlqQjVwUW9hdDZQ
RWhGc2FqZTBBMFliNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKhFRAA8RU/MS4AB
IKWfZCn5UAMK9Hn6QbwVuifas7KuBLQLc09IQ2jWLlrF8++zmFyG4/cVeZOcoCkU
CFjJguQnqO4yqOEnB9mUs7Mwjtec5C/0L9CV+FoIkHXDDcrm0CisyGY2juXlo2Yn
+TqkTwxAs6N4KMgkceCzaY6wojEhhUGSHtHPgRcxJpKjJpT2/C1w0pdyk10SvxLa
GZyU6EzmGfkuqQH5MokvAwL0rw2EwW4TWNIOY+tNiwZ8EiEjL8MH0mPrupMaQkeo
+F4i74fqq7StrmZREHECBizwmd7P3NMWwrJWpY4/o8PC3+XcmCXozs/RBeGWfqbX
X1T9sv0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:02 2024 by rpki-client on console-fra.rpki-client.org