Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/36MnKdtWK2E_kk--GtebRQ1T6vo.roa
File: 36MnKdtWK2E_kk--GtebRQ1T6vo.roa (raw, json)
Hash identifier: DOP8k266dQB3sQp0NjGuNHt9Y3xU/opKSIGhalXXmto=
Subject key identifier: DF:A3:27:29:DB:56:2B:61:3F:92:4F:BE:1A:D7:9B:45:0D:53:EA:FA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 52F1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/36MnKdtWK2E_kk--GtebRQ1T6vo.roa
Signing time: Thu 09 May 2024 04:24:01 +0000
ROA not before: Thu 09 May 2024 04:24:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21233 (0x52f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 04:24:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DFA32729DB562B613F924FBE1AD79B450D53EAFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7e:b9:15:a8:3e:e2:22:b3:25:f0:d5:a4:35:
92:76:09:d0:2d:4c:e4:b6:72:7f:67:07:cb:6b:dd:
f0:d1:b3:27:31:79:24:b7:48:13:10:a0:18:c1:97:
47:ab:e2:84:e6:ba:2e:d6:05:78:73:30:3e:47:38:
56:3b:ce:b5:9f:d7:c4:83:57:0e:61:27:32:71:cd:
b9:f8:25:a3:9e:c7:32:99:1b:84:c9:18:16:e1:af:
43:16:d7:1d:b5:ce:8f:7f:ba:a0:13:3f:e9:69:07:
41:a6:63:b3:0e:62:d8:38:68:3a:9a:83:e4:23:83:
68:cf:d4:2b:7c:b2:73:38:87:7c:a5:0a:1d:0c:dd:
e7:c4:d3:57:91:72:11:3e:13:82:90:4e:0d:13:07:
af:61:ac:81:d3:12:b7:d3:0f:da:91:64:15:ee:86:
6c:ac:f4:d0:a1:5b:d5:97:cf:e9:bc:92:9f:85:00:
0f:b0:96:af:0d:8f:96:dd:80:99:47:d2:c1:13:59:
8c:66:75:15:c5:a5:8c:af:69:e1:2a:35:25:a5:bf:
c2:6a:b9:dc:dc:ca:eb:40:e0:01:4c:0c:3a:53:ee:
f2:42:5b:e2:a7:48:65:ef:db:2c:74:e7:65:26:d0:
ba:41:ca:83:7a:1a:c1:7c:bb:dd:95:c5:e0:0d:63:
2d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A3:27:29:DB:56:2B:61:3F:92:4F:BE:1A:D7:9B:45:0D:53:EA:FA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/36MnKdtWK2E_kk--GtebRQ1T6vo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
59:b9:56:1a:02:3b:ae:72:a7:44:b2:12:e7:f8:3e:5a:23:53:
77:9a:c8:f6:92:56:e2:19:a9:5c:db:c5:9c:bb:2f:26:df:22:
1b:c0:0c:fb:5d:66:d3:71:0f:7f:78:51:f3:5d:1a:bc:cd:aa:
24:c0:55:9d:de:33:76:f9:eb:74:93:df:19:d4:8f:5f:7c:8a:
6a:9f:42:59:fe:88:4b:f5:61:8b:fa:94:13:95:f2:f7:73:fa:
f6:3e:d9:5a:ad:a0:80:88:03:b2:30:44:54:8a:f1:a3:65:59:
df:d5:48:42:74:3c:3e:ff:d2:dd:f9:85:2d:e7:17:5b:15:9e:
58:21:3d:6c:59:24:8d:ef:72:d5:d9:9f:b0:a6:f7:eb:c0:57:
28:da:29:d5:f0:a8:54:63:eb:37:05:5b:62:f0:9e:c4:e8:03:
02:4d:ac:87:51:c6:53:1f:80:51:78:01:cc:ad:c7:60:a4:6f:
b5:ca:e0:23:36:72:17:0a:28:f8:bc:d7:7b:e5:f8:a9:b5:62:
ec:9e:d6:98:aa:02:da:8b:2b:2a:74:46:93:ca:17:4c:1c:98:
5a:7e:80:24:43:4f:97:ba:e7:90:e1:6c:dd:ed:0a:2a:2d:e9:
69:38:2f:e6:b3:dd:c1:5d:63:8b:b1:21:f5:c7:d2:49:5a:e2:
f7:d3:b7:0c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUvEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkw
NDI0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERGQTMyNzI5REI1NjJC
NjEzRjkyNEZCRTFBRDc5QjQ1MEQ1M0VBRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxfrkVqD7iIrMl8NWkNZJ2CdAtTOS2cn9nB8tr3fDRsycxeSS3
SBMQoBjBl0er4oTmui7WBXhzMD5HOFY7zrWf18SDVw5hJzJxzbn4JaOexzKZG4TJ
GBbhr0MW1x21zo9/uqATP+lpB0GmY7MOYtg4aDqag+Qjg2jP1Ct8snM4h3ylCh0M
3efE01eRchE+E4KQTg0TB69hrIHTErfTD9qRZBXuhmys9NChW9WXz+m8kp+FAA+w
lq8Nj5bdgJlH0sETWYxmdRXFpYyvaeEqNSWlv8JqudzcyutA4AFMDDpT7vJCW+Kn
SGXv2yx052Um0LpByoN6GsF8u92VxeANYy2jAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU36MnKdtWK2E/kk++GtebRQ1T6vowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzM2TW5LZHRXSzJFX2tr
LS1HdGViUlExVDZ2by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFm5VhoCO65yp0Sy
Euf4PlojU3eayPaSVuIZqVzbxZy7LybfIhvADPtdZtNxD394UfNdGrzNqiTAVZ3e
M3b563ST3xnUj198imqfQln+iEv1YYv6lBOV8vdz+vY+2VqtoICIA7IwRFSK8aNl
Wd/VSEJ0PD7/0t35hS3nF1sVnlghPWxZJI3vctXZn7Cm9+vAVyjaKdXwqFRj6zcF
W2LwnsToAwJNrIdRxlMfgFF4Acytx2Ckb7XK4CM2chcKKPi813vl+Km1Yuye1piq
AtqLKyp0RpPKF0wcmFp+gCRDT5e655DhbN3tCiot6Wk4L+az3cFdY4uxIfXH0kla
4vfTtww=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:04 2024 by rpki-client on console-fra.rpki-client.org