Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Z-7ZlKo4HNp0Wuy04yR0MosZhPY.roa
File: Z-7ZlKo4HNp0Wuy04yR0MosZhPY.roa (raw, json)
Hash identifier: QJMHKaVY2QkufM6IZtJSKKxZ79UhbH2f/PV1NAaxyro=
Subject key identifier: 67:EE:D9:94:AA:38:1C:DA:74:5A:EC:B4:E3:24:74:32:8B:19:84:F6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 38C5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Z-7ZlKo4HNp0Wuy04yR0MosZhPY.roa
Signing time: Thu 04 Apr 2024 06:52:20 +0000
ROA not before: Thu 04 Apr 2024 06:52:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14533 (0x38c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 06:52:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=67EED994AA381CDA745AECB4E32474328B1984F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:53:c4:46:b7:e3:43:98:91:64:ab:52:37:90:
62:73:82:c3:7c:c4:15:81:2e:3c:aa:b2:d0:fa:36:
e2:8d:5f:20:cb:73:01:3f:54:20:7a:a2:ef:b9:a1:
46:9f:35:e5:06:dc:9c:da:b7:1b:ee:56:c1:7a:43:
53:b8:ab:b2:a7:34:a2:bb:86:4e:6f:08:ff:14:19:
7b:2b:8a:25:27:7f:8b:c0:77:99:8a:31:f6:f5:b3:
3e:ee:50:9d:c3:ab:b0:2e:ca:62:6a:11:6c:5c:4c:
4f:0e:b4:86:56:d9:f0:83:2c:09:fa:48:98:e5:91:
45:49:31:fc:3c:2d:d9:49:d1:6f:ae:be:1e:f1:35:
d5:6b:55:47:cf:15:74:a2:fb:c3:9c:be:b4:7a:8b:
f7:29:c3:38:4e:0d:32:48:0d:c0:e1:89:7b:06:23:
b6:f9:d0:55:34:68:44:e5:4a:64:b5:33:fc:99:20:
ac:2c:c9:5b:78:9c:53:42:fc:9b:36:67:f3:92:65:
04:e2:72:b7:cf:48:05:55:8a:27:38:75:ee:fc:cf:
6b:58:d8:5e:41:4d:c5:ea:7f:1a:22:43:1a:41:ed:
5c:cc:00:5e:35:2a:0e:60:65:f5:c2:c1:39:84:81:
48:01:3e:95:2f:2c:c5:de:ec:73:5b:4a:78:10:d8:
af:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:EE:D9:94:AA:38:1C:DA:74:5A:EC:B4:E3:24:74:32:8B:19:84:F6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Z-7ZlKo4HNp0Wuy04yR0MosZhPY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
92:66:d9:96:e0:eb:38:10:3d:f4:3a:10:e9:69:eb:d8:b1:70:
cf:72:1d:d6:61:e7:28:4a:6f:3b:56:c9:f7:d4:2e:a9:9d:3f:
59:1f:fa:ab:b3:43:b5:c6:c0:f3:78:ec:c2:0a:53:62:06:c8:
3c:dc:89:a5:a3:0f:38:9a:94:a2:73:46:56:b5:78:c7:d1:14:
88:90:ac:33:38:c4:e6:16:ec:cc:93:35:24:03:49:28:cc:b5:
0d:8c:9e:7f:c8:1c:f0:a3:69:85:80:45:d1:71:8c:ae:67:b8:
2f:fe:17:eb:25:cf:34:4e:f6:fb:fe:e1:c2:59:5f:a4:31:b4:
3a:eb:c1:4b:93:bf:f4:0b:a9:4b:5b:3e:be:0d:81:a7:ac:e6:
ca:8c:c4:9c:a5:03:48:ca:73:e6:82:d0:5a:9b:5b:9e:4e:02:
32:2e:5a:ae:69:e7:74:70:80:f4:e8:85:f7:af:01:2f:a1:96:
51:3c:b8:7b:36:ed:f0:b3:60:dc:7f:73:47:69:a0:0a:24:b1:
2d:bb:69:a6:95:38:3a:5e:fa:e4:b7:f2:52:bb:b0:f4:82:aa:
7c:b7:eb:3e:ca:5e:7f:1b:7b:8e:af:08:5b:19:af:da:43:ca:
d6:2e:24:49:64:f9:de:0c:62:a4:d9:76:fd:a7:dd:ae:eb:2b:
4a:d4:a6:73
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQw
NjUyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY3RUVEOTk0QUEzODFD
REE3NDVBRUNCNEUzMjQ3NDMyOEIxOTg0RjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZU8RGt+NDmJFkq1I3kGJzgsN8xBWBLjyqstD6NuKNXyDLcwE/
VCB6ou+5oUafNeUG3JzatxvuVsF6Q1O4q7KnNKK7hk5vCP8UGXsriiUnf4vAd5mK
Mfb1sz7uUJ3Dq7AuymJqEWxcTE8OtIZW2fCDLAn6SJjlkUVJMfw8LdlJ0W+uvh7x
NdVrVUfPFXSi+8OcvrR6i/cpwzhODTJIDcDhiXsGI7b50FU0aETlSmS1M/yZIKws
yVt4nFNC/Js2Z/OSZQTicrfPSAVViic4de78z2tY2F5BTcXqfxoiQxpB7VzMAF41
Kg5gZfXCwTmEgUgBPpUvLMXe7HNbSngQ2K+nAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUZ+7ZlKo4HNp0Wuy04yR0MosZhPYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1otN1psS280SE5wMFd1
eTA0eVIwTW9zWmhQWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJJm2Zbg6zgQPfQ6
EOlp69ixcM9yHdZh5yhKbztWyffULqmdP1kf+quzQ7XGwPN47MIKU2IGyDzciaWj
DzialKJzRla1eMfRFIiQrDM4xOYW7MyTNSQDSSjMtQ2Mnn/IHPCjaYWARdFxjK5n
uC/+F+slzzRO9vv+4cJZX6QxtDrrwUuTv/QLqUtbPr4Ngaes5sqMxJylA0jKc+aC
0FqbW55OAjIuWq5p53RwgPTohfevAS+hllE8uHs27fCzYNx/c0dpoAoksS27aaaV
ODpe+uS38lK7sPSCqny36z7KXn8be46vCFsZr9pDytYuJElk+d4MYqTZdv2n3a7r
K0rUpnM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:32 2024 by rpki-client on console-fra.rpki-client.org