Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2ZNf2hoKiH6veKTgnKmNCyz0ZMo.roa
File: 2ZNf2hoKiH6veKTgnKmNCyz0ZMo.roa (raw, json)
Hash identifier: hoozo8Bmuq7YaxMup+yIpsxqvLJykWLLfQ1DtD2+JYE=
Subject key identifier: D9:93:5F:DA:1A:0A:88:7E:AF:78:A4:E0:9C:A9:8D:0B:2C:F4:64:CA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36E5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2ZNf2hoKiH6veKTgnKmNCyz0ZMo.roa
Signing time: Mon 01 Apr 2024 18:52:17 +0000
ROA not before: Mon 01 Apr 2024 18:52:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14053 (0x36e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 18:52:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D9935FDA1A0A887EAF78A4E09CA98D0B2CF464CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2c:f0:f5:92:ba:c2:5c:4f:3c:63:b8:33:ce:
0f:1e:8a:54:34:f6:15:43:f3:1c:be:b6:4c:ef:96:
da:ec:f3:09:0d:39:36:9b:d0:93:82:31:2d:ce:cc:
63:67:21:59:d5:6d:61:d8:99:78:ae:e2:da:45:6d:
a0:08:d2:eb:81:da:6f:0a:a2:8b:de:7d:5d:a5:d3:
29:01:cc:93:38:d0:25:56:05:70:40:3d:eb:75:37:
ee:e0:de:dc:9a:52:16:ad:28:c1:81:7b:a6:a3:18:
f0:85:cf:45:76:fd:4b:a3:6d:5d:20:4f:04:6a:e3:
be:1a:42:87:02:a0:d3:64:7e:f9:3e:fc:f4:4b:65:
6f:2d:c7:de:e0:e9:53:1b:b1:1a:dd:32:ef:57:12:
ed:66:b5:98:42:06:31:ea:95:ef:29:a0:3a:3b:4d:
6b:02:31:f0:6a:39:5b:66:27:2e:f6:40:32:c9:e8:
48:e0:c6:4e:17:2c:92:c3:89:3c:50:d0:ee:29:44:
0d:9e:d7:c9:41:3a:1c:81:f7:0e:e3:62:cd:f4:ef:
10:c4:bb:2b:8d:5b:e0:b2:4f:8c:5f:79:69:f5:54:
41:04:5a:69:7c:2f:e4:ec:71:14:48:39:b3:72:18:
c2:7f:f8:ba:ee:c1:86:19:da:19:37:be:71:2a:fa:
47:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:93:5F:DA:1A:0A:88:7E:AF:78:A4:E0:9C:A9:8D:0B:2C:F4:64:CA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2ZNf2hoKiH6veKTgnKmNCyz0ZMo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
1d:15:68:91:ee:4e:d0:10:7b:ab:6d:22:ec:e7:00:66:6b:ca:
e5:d4:9d:eb:00:fe:ed:d0:6d:44:73:99:86:53:08:b7:2d:76:
5d:d4:0c:ac:49:4b:1d:3e:e8:62:03:ba:62:f2:68:3a:f0:40:
18:60:29:80:d8:15:58:a9:d0:8d:ce:84:74:99:48:0b:d8:ea:
a3:27:09:39:78:e9:3b:e8:63:0f:fb:6e:cc:81:3b:42:80:86:
7c:5b:dd:3d:6a:30:eb:68:ca:df:a5:1c:15:28:68:b1:15:b2:
cf:d9:b4:5e:35:81:d6:a6:74:40:03:07:eb:7a:26:01:43:ab:
6d:87:00:f8:5b:26:ed:ce:67:d9:76:61:c4:b2:2e:f5:29:3c:
39:3f:6c:11:88:50:82:bd:b5:c4:56:ed:82:74:ac:14:0a:5b:
32:81:8f:70:34:99:3e:c1:9d:46:8d:7c:32:0e:32:ab:75:4d:
29:c7:cc:e5:b2:3a:f3:96:46:43:45:88:63:57:7e:25:9d:3f:
98:8e:16:83:e1:60:cc:60:5a:d1:93:7b:36:a4:94:62:dd:4c:
f7:2d:e4:bb:4b:4e:da:9b:ed:3f:4b:07:1c:83:60:7b:c5:29:
66:47:2c:b2:be:3a:b9:c6:7a:6e:f1:ec:62:a3:df:40:6b:2e:
5b:ee:2d:1b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEx
ODUyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ5OTM1RkRBMUEwQTg4
N0VBRjc4QTRFMDlDQTk4RDBCMkNGNDY0Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDLPD1krrCXE88Y7gzzg8eilQ09hVD8xy+tkzvltrs8wkNOTab
0JOCMS3OzGNnIVnVbWHYmXiu4tpFbaAI0uuB2m8KoovefV2l0ykBzJM40CVWBXBA
Pet1N+7g3tyaUhatKMGBe6ajGPCFz0V2/UujbV0gTwRq474aQocCoNNkfvk+/PRL
ZW8tx97g6VMbsRrdMu9XEu1mtZhCBjHqle8poDo7TWsCMfBqOVtmJy72QDLJ6Ejg
xk4XLJLDiTxQ0O4pRA2e18lBOhyB9w7jYs307xDEuyuNW+CyT4xfeWn1VEEEWml8
L+TscRRIObNyGMJ/+LruwYYZ2hk3vnEq+kejAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU2ZNf2hoKiH6veKTgnKmNCyz0ZMowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJaTmYyaG9LaUg2dmVL
VGduS21OQ3l6MFpNby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAB0VaJHuTtAQe6tt
IuznAGZryuXUnesA/u3QbURzmYZTCLctdl3UDKxJSx0+6GIDumLyaDrwQBhgKYDY
FVip0I3OhHSZSAvY6qMnCTl46TvoYw/7bsyBO0KAhnxb3T1qMOtoyt+lHBUoaLEV
ss/ZtF41gdamdEADB+t6JgFDq22HAPhbJu3OZ9l2YcSyLvUpPDk/bBGIUIK9tcRW
7YJ0rBQKWzKBj3A0mT7BnUaNfDIOMqt1TSnHzOWyOvOWRkNFiGNXfiWdP5iOFoPh
YMxgWtGTezaklGLdTPct5LtLTtqb7T9LBxyDYHvFKWZHLLK+OrnGem7x7GKj30Br
LlvuLRs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:11 2024 by rpki-client on console-ams.rpki-client.org