Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DTCFAK22_zCXs09YLDFBCWFYgkw.roa
File: DTCFAK22_zCXs09YLDFBCWFYgkw.roa (raw, json)
Hash identifier: 7bvbz3aBnUh3v3ZQelq/7mvkfVsIaeRiVelew1mbUSg=
Subject key identifier: 0D:30:85:00:AD:B6:FF:30:97:B3:4F:58:2C:31:41:09:61:58:82:4C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A1D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DTCFAK22_zCXs09YLDFBCWFYgkw.roa
Signing time: Sat 06 Apr 2024 01:52:25 +0000
ROA not before: Sat 06 Apr 2024 01:52:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14877 (0x3a1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 01:52:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0D308500ADB6FF3097B34F582C3141096158824C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:92:75:f3:f6:db:64:35:53:b2:7c:c4:a9:93:
aa:a7:e2:04:06:53:83:62:f3:1b:f1:76:67:b3:a7:
da:23:dc:3a:3f:71:f3:46:8f:be:a9:96:4b:6b:fe:
08:44:c1:f2:4a:96:8e:92:12:7d:a8:1a:10:41:95:
9c:34:26:1f:8e:45:04:16:c2:8b:7b:c9:dd:f2:e2:
92:81:fd:9f:b3:e9:b0:7f:7b:61:64:fa:8a:ef:10:
18:9c:26:db:e6:8a:2a:ab:67:f7:7c:b6:b4:b1:6e:
8c:59:b8:8d:ad:64:d1:a4:37:8d:39:36:5e:fc:50:
7c:6a:bc:f8:14:dc:c5:cd:6f:2f:a2:21:11:3c:95:
fe:6e:25:62:56:42:71:17:76:6d:fc:3d:73:b3:9d:
83:bc:88:98:89:39:c7:e5:f8:29:e5:43:92:11:b8:
7c:fa:89:1f:41:8d:02:f8:bf:19:fd:ae:8f:fd:ad:
4d:f4:d3:11:79:1d:10:98:d6:aa:91:02:ac:eb:69:
81:e2:25:d5:50:15:58:1f:c7:c4:5d:79:8d:41:1c:
6b:8f:96:55:a5:ad:e8:99:45:58:28:a2:b9:3f:59:
62:ae:84:d2:1a:c3:5b:77:f2:aa:50:7e:fd:42:b2:
40:45:2c:8c:f8:ed:db:31:fa:dc:37:5f:09:e8:0c:
c7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:30:85:00:AD:B6:FF:30:97:B3:4F:58:2C:31:41:09:61:58:82:4C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DTCFAK22_zCXs09YLDFBCWFYgkw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
08:3c:1d:7b:e4:cf:fa:27:5f:9c:7c:fd:88:b4:33:a5:b4:7e:
b2:80:90:0f:75:5d:b9:80:de:04:ad:76:61:a1:0d:dd:37:95:
7a:1b:52:e1:e0:cb:2e:41:2e:50:3c:17:16:be:73:49:0f:1b:
81:80:0c:5b:f7:10:6c:ab:6e:8a:10:cd:70:1c:22:35:26:e4:
c6:b7:f9:a6:1b:4b:fd:47:d6:9d:40:e6:3d:cd:c5:28:9f:aa:
ca:af:07:4b:e9:b5:bc:35:77:e8:cf:80:87:c9:df:cc:ce:1c:
05:74:e2:66:cd:f4:b8:b7:ae:98:79:13:95:ad:b0:99:77:14:
61:99:43:c4:79:c7:32:36:33:1a:81:64:14:fb:a0:04:c3:19:
2e:fb:06:bb:cf:d7:e0:fd:ea:5a:cc:f6:09:01:07:7f:57:ab:
eb:61:2f:82:80:01:04:2a:23:6d:45:92:2c:89:81:6e:14:26:
77:94:38:5d:d7:db:28:93:70:47:b1:6f:23:86:36:18:c5:10:
ed:f3:5b:25:9b:28:c9:98:39:60:df:3a:9d:c8:bb:2b:56:ef:
aa:e7:f9:76:85:ed:d6:25:b7:a2:e2:c5:62:04:0a:27:8c:e7:
2d:48:5f:bf:99:b8:8a:51:4d:78:c3:25:b0:f3:66:6a:a3:91:
3a:64:ce:2f
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOh0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYw
MTUyMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBEMzA4NTAwQURCNkZG
MzA5N0IzNEY1ODJDMzE0MTA5NjE1ODgyNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmknXz9ttkNVOyfMSpk6qn4gQGU4Ni8xvxdmezp9oj3Do/cfNG
j76plktr/ghEwfJKlo6SEn2oGhBBlZw0Jh+ORQQWwot7yd3y4pKB/Z+z6bB/e2Fk
+orvEBicJtvmiiqrZ/d8trSxboxZuI2tZNGkN405Nl78UHxqvPgU3MXNby+iIRE8
lf5uJWJWQnEXdm38PXOznYO8iJiJOcfl+CnlQ5IRuHz6iR9BjQL4vxn9ro/9rU30
0xF5HRCY1qqRAqzraYHiJdVQFVgfx8RdeY1BHGuPllWlreiZRVgoork/WWKuhNIa
w1t38qpQfv1CskBFLIz47dsx+tw3XwnoDMfPAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUDTCFAK22/zCXs09YLDFBCWFYgkwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RUQ0ZBSzIyX3pDWHMw
OVlMREZCQ1dGWWdrdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAg8HXvkz/onX5x8
/Yi0M6W0frKAkA91XbmA3gStdmGhDd03lXobUuHgyy5BLlA8Fxa+c0kPG4GADFv3
EGyrbooQzXAcIjUm5Ma3+aYbS/1H1p1A5j3NxSifqsqvB0vptbw1d+jPgIfJ38zO
HAV04mbN9Li3rph5E5WtsJl3FGGZQ8R5xzI2MxqBZBT7oATDGS77BrvP1+D96lrM
9gkBB39Xq+thL4KAAQQqI21FkiyJgW4UJneUOF3X2yiTcEexbyOGNhjFEO3zWyWb
KMmYOWDfOp3IuytW76rn+XaF7dYlt6LixWIECieM5y1IX7+ZuIpRTXjDJbDzZmqj
kTpkzi8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:44 2025 by rpki-client