Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Cvc4Sf4TjCfyafyAtBt0kRMN7nQ.roa
File: Cvc4Sf4TjCfyafyAtBt0kRMN7nQ.roa (raw, json)
Hash identifier: 2gpBjIXTHrVU5ECyX6M72Vm6ex68vGNl+Fw/8ug/i20=
Subject key identifier: 0A:F7:38:49:FE:13:8C:27:F2:69:FC:80:B4:1B:74:91:13:0D:EE:74
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 344D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Cvc4Sf4TjCfyafyAtBt0kRMN7nQ.roa
Signing time: Fri 29 Mar 2024 07:52:04 +0000
ROA not before: Fri 29 Mar 2024 07:52:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13389 (0x344d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 07:52:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0AF73849FE138C27F269FC80B41B7491130DEE74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:30:2e:20:85:23:6a:18:c3:bc:e8:ef:5d:b3:
63:17:92:bf:2e:66:24:03:91:a2:7d:c0:8c:0b:d1:
b4:cf:a7:7d:3e:b0:26:f1:a3:bc:b3:f8:4a:6c:07:
59:f9:73:28:10:88:69:df:b5:0c:68:8b:6a:df:06:
69:8f:17:0a:cc:85:41:1f:b6:ec:ba:c1:0e:24:95:
98:b5:6c:ad:25:ea:1d:39:96:e6:1b:97:4e:be:2e:
c5:1f:12:9f:00:e8:93:5d:ae:dc:be:4a:0d:d6:99:
59:d8:cc:9b:9f:25:0e:8b:da:11:e3:3e:a6:80:da:
7c:4f:89:76:39:96:ee:07:da:38:6e:b0:63:72:09:
b3:07:56:48:34:e4:67:eb:59:39:81:43:c9:2e:e9:
5e:ba:c5:f4:40:7e:f1:d9:18:b9:6a:53:35:6c:b0:
39:2c:83:5d:a3:fd:cd:91:bd:5e:dd:5d:20:51:35:
54:e5:f3:18:c8:e4:08:e0:b3:f2:d0:e6:6b:2b:77:
34:4c:cd:7d:0a:e5:38:e3:81:0f:da:18:9f:bd:dd:
5e:c1:f0:aa:8e:73:ac:4b:b9:62:35:7c:52:5e:8a:
10:5c:9d:3c:ff:92:9a:68:06:4a:c5:3a:fd:56:21:
02:0e:a2:46:17:bd:6a:74:e8:4f:c9:ba:25:7b:ea:
5b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F7:38:49:FE:13:8C:27:F2:69:FC:80:B4:1B:74:91:13:0D:EE:74
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Cvc4Sf4TjCfyafyAtBt0kRMN7nQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4b:96:7f:09:fe:57:61:3a:96:f5:c2:b7:8a:9c:2b:cd:8e:7a:
c7:a2:61:9d:97:08:14:57:09:32:89:30:e6:df:a7:91:f6:45:
80:e4:22:6a:65:88:ee:49:5b:b3:45:32:f7:e8:d2:3c:de:84:
07:67:93:5f:94:76:f6:af:9e:bf:f4:a7:b0:b7:15:c5:d7:de:
f9:1c:2e:86:56:30:34:8c:fe:bc:75:3a:fd:1d:08:91:b1:6e:
e2:01:31:46:5a:a6:64:fd:d1:76:cc:ca:95:ea:36:24:7c:52:
a0:53:18:9e:f4:7d:65:f3:b9:79:54:7e:ab:0e:2d:4d:8f:5b:
d1:bb:65:9e:dd:c3:49:5a:7b:2e:2e:5f:78:83:d0:18:f2:62:
24:4e:5c:1f:99:d6:bd:35:89:2f:d7:db:2d:d7:24:d7:40:81:
a8:31:5f:7c:27:ef:19:3c:49:91:06:f4:76:4b:5d:d4:87:3b:
2b:86:70:53:10:98:50:cc:b4:20:53:c1:1b:61:a7:b6:0b:67:
76:b7:c0:9b:de:8a:05:72:97:94:59:8a:45:52:a0:21:7a:3f:
4f:62:aa:09:79:ae:9d:59:ff:02:2e:5f:a9:92:d6:06:51:9f:
60:78:07:69:03:69:e9:05:44:05:4a:8b:12:88:2e:ac:7c:90:
f0:af:56:ce
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNE0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
NzUyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBBRjczODQ5RkUxMzhD
MjdGMjY5RkM4MEI0MUI3NDkxMTMwREVFNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcMC4ghSNqGMO86O9ds2MXkr8uZiQDkaJ9wIwL0bTPp30+sCbx
o7yz+EpsB1n5cygQiGnftQxoi2rfBmmPFwrMhUEftuy6wQ4klZi1bK0l6h05luYb
l06+LsUfEp8A6JNdrty+Sg3WmVnYzJufJQ6L2hHjPqaA2nxPiXY5lu4H2jhusGNy
CbMHVkg05GfrWTmBQ8ku6V66xfRAfvHZGLlqUzVssDksg12j/c2RvV7dXSBRNVTl
8xjI5Ajgs/LQ5msrdzRMzX0K5TjjgQ/aGJ+93V7B8KqOc6xLuWI1fFJeihBcnTz/
kppoBkrFOv1WIQIOokYXvWp06E/JuiV76lszAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUCvc4Sf4TjCfyafyAtBt0kRMN7nQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0N2YzRTZjRUakNmeWFm
eUF0QnQwa1JNTjduUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEuWfwn+V2E6lvXC
t4qcK82OeseiYZ2XCBRXCTKJMObfp5H2RYDkImpliO5JW7NFMvfo0jzehAdnk1+U
dvavnr/0p7C3FcXX3vkcLoZWMDSM/rx1Ov0dCJGxbuIBMUZapmT90XbMypXqNiR8
UqBTGJ70fWXzuXlUfqsOLU2PW9G7ZZ7dw0laey4uX3iD0BjyYiROXB+Z1r01iS/X
2y3XJNdAgagxX3wn7xk8SZEG9HZLXdSHOyuGcFMQmFDMtCBTwRthp7YLZ3a3wJve
igVyl5RZikVSoCF6P09iqgl5rp1Z/wIuX6mS1gZRn2B4B2kDaekFRAVKixKILqx8
kPCvVs4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:13 2024 by rpki-client on console-fra.rpki-client.org