Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ZPQ7_60e7ZvAXW7QS7LRA49iM2M.roa
File: ZPQ7_60e7ZvAXW7QS7LRA49iM2M.roa (raw, json)
Hash identifier: mn3SxHnuIFukWnvG2MRvy/PpEiyZlh/CBcKQ2hZmuac=
Subject key identifier: 64:F4:3B:FF:AD:1E:ED:9B:C0:5D:6E:D0:4B:B2:D1:03:8F:62:33:63
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3951
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZPQ7_60e7ZvAXW7QS7LRA49iM2M.roa
Signing time: Fri 05 Apr 2024 00:22:23 +0000
ROA not before: Fri 05 Apr 2024 00:22:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14673 (0x3951)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 00:22:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=64F43BFFAD1EED9BC05D6ED04BB2D1038F623363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:43:52:46:2c:7c:e4:a0:86:0f:27:ef:bf:40:
9e:b2:d0:de:14:c6:b4:d0:c1:b2:5f:81:3b:6d:85:
95:80:0f:65:d5:d2:6a:2a:78:39:6b:0b:99:ca:ab:
a8:67:e1:ec:39:f6:52:3e:1c:da:4b:de:3c:b3:89:
91:4c:f6:bf:d6:14:f2:8f:4b:91:2c:97:13:1a:df:
8f:a9:e5:94:c7:ff:22:84:2a:a0:18:38:e7:44:b3:
dc:dc:25:2f:3d:a9:0d:b1:39:82:70:00:0f:16:ad:
33:8e:04:4a:b6:e6:5d:3d:f4:de:04:f4:f3:35:b0:
2a:c0:68:e3:01:42:46:0a:cd:0e:d8:39:17:40:8e:
c0:ec:9a:9b:5b:92:b4:2d:a8:a4:13:b3:c1:17:34:
f8:10:d2:e0:99:e3:6a:d3:4d:86:bb:5a:84:d0:fb:
1e:4d:59:0e:be:b3:6d:fa:44:94:c3:db:ad:a1:9b:
f6:d0:24:af:da:5a:17:26:30:05:dd:31:a9:26:a6:
c6:aa:1b:ee:59:0b:8f:04:22:92:36:1a:9b:0a:63:
b3:2d:42:e1:72:59:e9:57:f7:18:54:49:92:df:c1:
d8:77:5c:c7:75:4c:1a:6e:ce:14:94:81:a6:3b:60:
63:43:6f:9a:32:1a:ae:5d:8f:88:31:ed:50:3c:55:
3a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:F4:3B:FF:AD:1E:ED:9B:C0:5D:6E:D0:4B:B2:D1:03:8F:62:33:63
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZPQ7_60e7ZvAXW7QS7LRA49iM2M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a7:ab:e6:c3:87:00:d7:ac:a9:71:4c:56:07:1c:03:0d:db:76:
70:84:38:1e:07:e8:ea:70:27:36:23:05:9a:93:79:1e:02:ad:
97:94:7f:0b:8d:49:a5:44:d1:c1:86:3f:cb:64:42:63:aa:d2:
ed:6f:a7:d0:22:3c:36:3f:d3:52:af:52:ca:e3:a8:ee:d3:8c:
c8:e6:0d:44:7a:eb:b3:c7:0f:36:a3:f8:26:46:57:61:73:a2:
e7:02:a4:d5:ff:6d:59:d0:26:cf:81:79:93:b8:b9:bf:50:45:
ec:6c:13:65:79:60:bd:a4:34:4d:00:17:ac:8e:9e:b5:99:c2:
8e:56:08:10:0c:01:a5:ab:a9:b6:a4:d8:ff:e6:84:5a:8e:24:
a6:31:89:65:b0:4c:17:2d:da:1a:f9:65:5e:81:f6:1c:82:16:
eb:12:6a:41:84:9c:6a:c4:6f:08:6c:5d:f6:b6:b2:b5:a8:68:
3b:68:07:da:aa:1a:49:da:02:9e:e9:36:b0:a4:05:c5:7a:95:
15:43:e4:ae:32:72:69:3b:d2:c1:86:e2:13:be:de:3d:ee:32:
15:c4:76:13:e5:a0:84:96:9d:f1:56:b9:84:89:f8:71:31:13:
cb:13:01:ff:2a:1d:b2:9a:56:f2:89:b9:28:2c:6e:98:f3:0e:
e8:3b:4b:f5
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOVEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUw
MDIyMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY0RjQzQkZGQUQxRUVE
OUJDMDVENkVEMDRCQjJEMTAzOEY2MjMzNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGQ1JGLHzkoIYPJ++/QJ6y0N4UxrTQwbJfgTtthZWAD2XV0moq
eDlrC5nKq6hn4ew59lI+HNpL3jyziZFM9r/WFPKPS5EslxMa34+p5ZTH/yKEKqAY
OOdEs9zcJS89qQ2xOYJwAA8WrTOOBEq25l099N4E9PM1sCrAaOMBQkYKzQ7YORdA
jsDsmptbkrQtqKQTs8EXNPgQ0uCZ42rTTYa7WoTQ+x5NWQ6+s236RJTD262hm/bQ
JK/aWhcmMAXdMakmpsaqG+5ZC48EIpI2GpsKY7MtQuFyWelX9xhUSZLfwdh3XMd1
TBpuzhSUgaY7YGNDb5oyGq5dj4gx7VA8VTrFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUZPQ7/60e7ZvAXW7QS7LRA49iM2MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1pQUTdfNjBlN1p2QVhX
N1FTN0xSQTQ5aU0yTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKer5sOHANesqXFM
VgccAw3bdnCEOB4H6OpwJzYjBZqTeR4CrZeUfwuNSaVE0cGGP8tkQmOq0u1vp9Ai
PDY/01KvUsrjqO7TjMjmDUR667PHDzaj+CZGV2FzoucCpNX/bVnQJs+BeZO4ub9Q
RexsE2V5YL2kNE0AF6yOnrWZwo5WCBAMAaWrqbak2P/mhFqOJKYxiWWwTBct2hr5
ZV6B9hyCFusSakGEnGrEbwhsXfa2srWoaDtoB9qqGknaAp7pNrCkBcV6lRVD5K4y
cmk70sGG4hO+3j3uMhXEdhPloISWnfFWuYSJ+HExE8sTAf8qHbKaVvKJuSgsbpjz
Dug7S/U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:51 2024 by rpki-client on console-ams.rpki-client.org