Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2C4NHD79IJ-LL6Kp1mJVJRX0ddo.roa
File: 2C4NHD79IJ-LL6Kp1mJVJRX0ddo.roa (raw, json)
Hash identifier: I+Gs+Uy/mlfPdVrPJ/Yqtf9UAy0ZHo90i8jFYf/qWmc=
Subject key identifier: D8:2E:0D:1C:3E:FD:20:9F:8B:2F:A2:A9:D6:62:55:25:15:F4:75:DA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4269
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2C4NHD79IJ-LL6Kp1mJVJRX0ddo.roa
Signing time: Wed 17 Apr 2024 03:22:57 +0000
ROA not before: Wed 17 Apr 2024 03:22:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17001 (0x4269)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 03:22:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D82E0D1C3EFD209F8B2FA2A9D662552515F475DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a6:42:8b:d2:77:98:78:cb:4c:7c:50:d7:6c:
26:9a:b7:f2:70:57:fa:b0:7c:85:42:3b:5c:19:b3:
a4:b7:79:53:02:72:b8:6e:83:79:ff:3a:f3:1a:31:
f3:a7:f6:24:05:9c:e4:41:18:b7:35:6e:07:f0:37:
ac:be:7d:f2:97:19:6b:cb:64:46:2d:95:1d:1a:dd:
16:fd:5c:10:7b:c4:0f:54:b3:34:b2:53:96:92:0e:
de:b3:bc:b4:a1:e9:7b:82:12:75:f4:76:30:50:fe:
b7:41:40:5f:16:1a:a0:12:91:30:94:d8:ce:82:f3:
0b:7a:f1:f5:06:4d:72:58:57:85:f2:1f:a8:4e:25:
51:ea:cc:f4:da:ae:ce:50:b7:c1:7e:2c:cc:0c:26:
87:90:66:2d:ac:e7:68:7f:3d:6a:bd:35:6b:4e:18:
6a:98:cd:24:02:98:a1:80:29:69:1d:11:78:70:ac:
96:96:71:eb:b3:d2:f6:77:a5:b4:96:83:a1:30:b6:
cf:c5:a3:a2:28:0a:f3:6f:59:ff:d8:cf:36:7f:d7:
11:36:f0:19:77:d4:d5:2a:ab:6f:73:ec:8a:82:27:
31:2c:e6:ce:68:3e:c1:84:94:b1:3a:28:1f:75:15:
f7:46:d3:e4:9a:c7:b1:61:b6:b0:4d:0f:a3:9d:12:
c3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:2E:0D:1C:3E:FD:20:9F:8B:2F:A2:A9:D6:62:55:25:15:F4:75:DA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2C4NHD79IJ-LL6Kp1mJVJRX0ddo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
25:a7:d8:7c:a0:c5:31:d9:14:29:ab:f9:62:93:a9:ab:18:f4:
de:f0:6e:f1:26:dc:de:60:cd:bd:e0:18:35:0f:32:ce:88:b8:
f4:9a:72:18:8f:04:58:80:9a:44:72:69:2f:15:a0:4a:a0:91:
20:c1:a4:e4:4a:3c:71:57:a5:14:82:d0:b9:47:e2:8c:4d:78:
9c:9a:c1:6b:47:e5:de:11:bc:18:4c:42:7b:aa:43:5d:57:d1:
f2:84:36:75:93:ad:c1:48:b7:d3:b0:24:09:0e:3f:b9:6e:d4:
aa:33:1f:6c:50:64:24:f2:7b:42:c7:84:5f:c4:27:7f:96:bb:
be:52:60:79:d0:d2:a2:c1:16:cf:d7:38:9b:17:d5:ec:fc:3e:
42:15:91:bc:b5:af:c0:54:c9:ce:f0:48:8d:ae:79:63:f4:21:
c6:78:36:11:51:43:64:75:72:2c:74:cf:5e:e6:b8:89:b3:d9:
d5:da:f4:f9:a1:f6:0a:ed:c3:7d:42:3a:06:6a:7a:eb:a5:d1:
f8:2f:5d:65:b3:40:ea:40:d8:7e:44:b1:80:82:20:be:8d:df:
eb:59:66:2e:c4:76:3a:27:4a:0e:a9:c9:0f:d0:2c:fd:5f:b9:
60:22:d1:d1:0d:9e:61:fb:b5:1e:8c:df:b1:25:61:e7:be:c6:
e9:74:23:63
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQmkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
MzIyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ4MkUwRDFDM0VGRDIw
OUY4QjJGQTJBOUQ2NjI1NTI1MTVGNDc1REEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgpkKL0neYeMtMfFDXbCaat/JwV/qwfIVCO1wZs6S3eVMCcrhu
g3n/OvMaMfOn9iQFnORBGLc1bgfwN6y+ffKXGWvLZEYtlR0a3Rb9XBB7xA9UszSy
U5aSDt6zvLSh6XuCEnX0djBQ/rdBQF8WGqASkTCU2M6C8wt68fUGTXJYV4XyH6hO
JVHqzPTars5Qt8F+LMwMJoeQZi2s52h/PWq9NWtOGGqYzSQCmKGAKWkdEXhwrJaW
ceuz0vZ3pbSWg6Ewts/Fo6IoCvNvWf/YzzZ/1xE28Bl31NUqq29z7IqCJzEs5s5o
PsGElLE6KB91FfdG0+Sax7FhtrBND6OdEsP/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU2C4NHD79IJ+LL6Kp1mJVJRX0ddowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJDNE5IRDc5SUotTEw2
S3AxbUpWSlJYMGRkby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACWn2HygxTHZFCmr
+WKTqasY9N7wbvEm3N5gzb3gGDUPMs6IuPSachiPBFiAmkRyaS8VoEqgkSDBpORK
PHFXpRSC0LlH4oxNeJyawWtH5d4RvBhMQnuqQ11X0fKENnWTrcFIt9OwJAkOP7lu
1KozH2xQZCTye0LHhF/EJ3+Wu75SYHnQ0qLBFs/XOJsX1ez8PkIVkby1r8BUyc7w
SI2ueWP0IcZ4NhFRQ2R1cix0z17muImz2dXa9Pmh9grtw31COgZqeuul0fgvXWWz
QOpA2H5EsYCCIL6N3+tZZi7EdjonSg6pyQ/QLP1fuWAi0dENnmH7tR6M37ElYee+
xul0I2M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:03 2024 by rpki-client on console-fra.rpki-client.org