Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RKz_oiiKY9BCPqzFMiPJJguRM7A.roa
File: RKz_oiiKY9BCPqzFMiPJJguRM7A.roa (raw, json)
Hash identifier: OI0pZG4A0hV3WxawIFQExpjBdV7O8x7ZeRWIZZp9a24=
Subject key identifier: 44:AC:FF:A2:28:8A:63:D0:42:3E:AC:C5:32:23:C9:26:0B:91:33:B0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34B1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RKz_oiiKY9BCPqzFMiPJJguRM7A.roa
Signing time: Fri 29 Mar 2024 20:22:06 +0000
ROA not before: Fri 29 Mar 2024 20:22:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13489 (0x34b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 20:22:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=44ACFFA2288A63D0423EACC53223C9260B9133B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:3e:84:1e:54:1a:26:c2:5a:a4:68:40:e4:04:
ad:a6:58:ee:b0:e9:1d:a4:4f:99:be:24:76:fb:df:
8c:ff:14:bf:09:34:36:ef:59:bc:04:bb:65:6b:76:
7f:fe:36:d8:8c:78:2b:5b:10:3e:d4:2f:c1:ef:c8:
5f:30:16:d4:a1:8a:3f:8e:ee:36:cf:7d:74:b5:f5:
99:3f:62:ab:7d:d0:b6:55:cf:c2:a2:61:82:f5:c8:
46:08:cd:16:54:7d:dd:26:eb:bc:35:8a:8e:7b:85:
25:f2:75:40:0f:17:f2:12:e2:05:96:dd:0e:5a:15:
b7:ba:12:4b:4c:bd:09:62:15:2f:41:e0:6f:64:cc:
c5:12:d9:4c:98:cd:fe:10:b9:90:76:c5:1e:58:d4:
9e:c8:d2:f7:4f:62:24:ad:db:e0:a3:27:1f:30:90:
17:b8:9c:6f:77:dd:22:df:a3:8f:8f:2a:e3:b6:70:
3c:c7:ac:df:91:75:e1:8c:b7:05:a9:b6:12:0c:84:
6e:c5:80:19:37:00:a9:f1:dd:91:be:41:2e:83:a9:
d1:20:f2:de:6e:ca:06:3f:e9:f2:03:ed:1b:7f:ae:
05:0b:48:90:7c:bb:d2:16:03:12:dc:92:8e:24:d9:
46:50:62:1d:13:80:d1:20:1a:73:11:d4:f1:ee:2e:
30:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AC:FF:A2:28:8A:63:D0:42:3E:AC:C5:32:23:C9:26:0B:91:33:B0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RKz_oiiKY9BCPqzFMiPJJguRM7A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7d:64:a8:07:7f:27:dd:29:fa:f3:92:e0:93:f7:2c:62:da:c8:
df:1f:14:0e:15:26:ad:34:8a:eb:d6:d1:7f:08:3c:41:2f:b2:
96:10:1d:bc:03:2d:02:5b:8b:33:d2:8f:52:3c:e6:4e:bb:ce:
02:3f:5e:87:8e:19:aa:2a:0a:07:6e:d3:61:ab:b3:63:5c:49:
07:53:ed:89:a4:fe:a1:67:31:1e:5d:c7:f6:9f:4e:1c:eb:94:
a2:9e:32:4f:3d:17:90:ec:c0:b5:c1:cd:a6:fe:eb:0f:b0:17:
c4:f3:ce:af:37:07:7d:95:05:4f:ac:ac:d2:22:bd:38:c8:14:
d7:84:df:84:cb:df:af:9c:af:9e:e1:4d:37:09:d7:3c:fa:c3:
79:2d:31:5a:83:6b:b2:94:3b:f9:05:0f:eb:ed:5b:81:ce:49:
fe:2e:d2:21:55:18:fe:b7:2b:e8:1a:3f:2e:31:01:07:bc:98:
87:98:2d:7c:3d:e3:05:60:aa:81:35:b7:ae:68:b8:b4:f6:d0:
e3:f6:c3:9d:6f:c1:da:49:85:ce:40:15:61:5e:97:54:fa:00:
d1:13:6d:34:3a:3f:55:d4:89:d2:66:64:7d:aa:85:87:a1:25:
8d:66:f7:24:1a:af:5b:5e:e4:28:d5:d0:78:b9:e5:e6:0b:c6:
09:08:4b:8d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNLEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjky
MDIyMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ0QUNGRkEyMjg4QTYz
RDA0MjNFQUNDNTMyMjNDOTI2MEI5MTMzQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtPoQeVBomwlqkaEDkBK2mWO6w6R2kT5m+JHb734z/FL8JNDbv
WbwEu2Vrdn/+NtiMeCtbED7UL8HvyF8wFtShij+O7jbPfXS19Zk/Yqt90LZVz8Ki
YYL1yEYIzRZUfd0m67w1io57hSXydUAPF/IS4gWW3Q5aFbe6EktMvQliFS9B4G9k
zMUS2UyYzf4QuZB2xR5Y1J7I0vdPYiSt2+CjJx8wkBe4nG933SLfo4+PKuO2cDzH
rN+RdeGMtwWpthIMhG7FgBk3AKnx3ZG+QS6DqdEg8t5uygY/6fID7Rt/rgULSJB8
u9IWAxLcko4k2UZQYh0TgNEgGnMR1PHuLjBVAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQURKz/oiiKY9BCPqzFMiPJJguRM7AwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JLel9vaWlLWTlCQ1Bx
ekZNaVBKSmd1Uk03QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAH1kqAd/J90p+vOS
4JP3LGLayN8fFA4VJq00iuvW0X8IPEEvspYQHbwDLQJbizPSj1I85k67zgI/XoeO
GaoqCgdu02Grs2NcSQdT7Ymk/qFnMR5dx/afThzrlKKeMk89F5DswLXBzab+6w+w
F8Tzzq83B32VBU+srNIivTjIFNeE34TL36+cr57hTTcJ1zz6w3ktMVqDa7KUO/kF
D+vtW4HOSf4u0iFVGP63K+gaPy4xAQe8mIeYLXw94wVgqoE1t65ouLT20OP2w51v
wdpJhc5AFWFel1T6ANETbTQ6P1XUidJmZH2qhYehJY1m9yQar1te5CjV0Hi55eYL
xgkIS40=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:25 2024 by rpki-client on console-fra.rpki-client.org