Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ZQl270r9MUSOEeyn5RrRV1UqeCw.roa
File: ZQl270r9MUSOEeyn5RrRV1UqeCw.roa (raw, json)
Hash identifier: ee0AufT9aTOGLXE6y7xIzTy/A9LhkoZmhJXU/pwUY1o=
Subject key identifier: 65:09:76:EF:4A:FD:31:44:8E:11:EC:A7:E5:1A:D1:57:55:2A:78:2C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43D9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZQl270r9MUSOEeyn5RrRV1UqeCw.roa
Signing time: Fri 19 Apr 2024 01:23:02 +0000
ROA not before: Fri 19 Apr 2024 01:23:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17369 (0x43d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 01:23:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=650976EF4AFD31448E11ECA7E51AD157552A782C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:3b:f6:bd:7e:8a:1d:80:c6:3e:9f:8b:37:6e:
4f:e6:e9:f7:b9:55:49:ee:5c:0b:dd:26:f7:78:48:
20:79:7c:ee:57:9e:e8:9e:be:cb:70:61:8b:67:5f:
19:b8:c8:76:91:1c:b7:48:b4:d1:6d:7a:b3:1d:c1:
68:b6:2b:33:59:b0:a6:f1:f1:b0:a0:c7:bf:a6:2d:
dd:13:ac:c6:92:9c:cb:50:45:22:db:37:f9:66:f2:
42:55:69:7b:d6:91:60:d8:c5:3c:d2:76:56:b5:af:
c1:b6:8a:0c:56:b7:27:b5:a9:84:01:d0:5d:b1:bc:
c1:27:03:e1:3e:8f:47:5a:94:22:82:2c:ba:01:98:
c3:f4:12:41:70:8f:1c:c8:37:ac:1c:83:22:94:9b:
6e:1b:95:28:d7:db:39:24:5e:5c:9f:16:a6:dd:ae:
5f:4c:ef:da:0f:ee:94:5b:cb:42:5b:db:52:45:2a:
f4:1c:d1:2c:94:5c:c0:3e:b8:fd:de:52:49:af:20:
1b:3c:f0:53:ee:61:b7:32:6e:65:f3:30:80:c8:89:
76:ef:3c:b4:a6:f9:c9:18:fd:8f:13:f5:47:d9:5d:
2e:c8:d6:72:2b:c7:b3:48:79:91:8a:be:6c:32:5a:
e6:db:e3:3d:96:8d:24:97:72:aa:60:7d:7f:1b:23:
4b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:09:76:EF:4A:FD:31:44:8E:11:EC:A7:E5:1A:D1:57:55:2A:78:2C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZQl270r9MUSOEeyn5RrRV1UqeCw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2d:14:ce:f9:3a:54:fd:c3:dd:c1:3f:a2:3c:10:82:59:12:2c:
c9:ec:f3:e3:41:54:01:77:b5:ce:02:9f:2a:fc:30:34:16:d1:
91:53:87:f7:89:b4:90:ed:ca:9e:d3:9a:93:6f:8c:f2:ea:c1:
2c:ce:1c:81:d1:a7:da:3b:05:30:7e:bf:46:91:64:72:52:db:
a8:98:df:6b:a6:8b:b9:1a:ae:a8:a5:3e:d2:ec:c8:80:e1:f3:
17:b1:37:73:f9:52:46:ab:01:25:e5:72:ba:2f:09:72:8f:8d:
e4:ac:9c:2b:4c:88:d0:5d:6d:2a:22:53:04:15:d1:74:d9:8b:
eb:91:d1:02:1b:d5:5d:c0:2e:2d:91:07:1b:14:80:21:d4:7c:
40:fa:e8:11:aa:ac:3c:00:1d:46:92:a2:9b:a2:72:c7:08:3a:
41:87:b5:3f:d2:1b:5b:5e:ba:0a:03:d9:d2:46:06:91:fc:a7:
6e:d5:46:dc:9f:2c:b1:9d:f0:83:39:f2:65:45:eb:11:f3:4c:
fb:2f:cd:7f:aa:7c:a4:4d:46:b4:62:27:88:e7:2c:ac:5f:25:
75:be:7c:fe:ff:c3:51:56:8c:e9:0f:a6:ff:47:f5:4e:8a:7f:
f1:c4:66:f5:c4:fc:09:6d:6d:6a:ec:fb:76:7c:dd:95:29:4c:
f7:e8:ef:d4
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQ9kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkw
MTIzMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY1MDk3NkVGNEFGRDMx
NDQ4RTExRUNBN0U1MUFEMTU3NTUyQTc4MkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgO/a9foodgMY+n4s3bk/m6fe5VUnuXAvdJvd4SCB5fO5Xnuie
vstwYYtnXxm4yHaRHLdItNFterMdwWi2KzNZsKbx8bCgx7+mLd0TrMaSnMtQRSLb
N/lm8kJVaXvWkWDYxTzSdla1r8G2igxWtye1qYQB0F2xvMEnA+E+j0dalCKCLLoB
mMP0EkFwjxzIN6wcgyKUm24blSjX2zkkXlyfFqbdrl9M79oP7pRby0Jb21JFKvQc
0SyUXMA+uP3eUkmvIBs88FPuYbcybmXzMIDIiXbvPLSm+ckY/Y8T9UfZXS7I1nIr
x7NIeZGKvmwyWubb4z2WjSSXcqpgfX8bI0thAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUZQl270r9MUSOEeyn5RrRV1UqeCwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1pRbDI3MHI5TVVTT0Vl
eW41UnJSVjFVcWVDdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAC0Uzvk6VP3D3cE/
ojwQglkSLMns8+NBVAF3tc4Cnyr8MDQW0ZFTh/eJtJDtyp7TmpNvjPLqwSzOHIHR
p9o7BTB+v0aRZHJS26iY32umi7karqilPtLsyIDh8xexN3P5UkarASXlcrovCXKP
jeSsnCtMiNBdbSoiUwQV0XTZi+uR0QIb1V3ALi2RBxsUgCHUfED66BGqrDwAHUaS
opuicscIOkGHtT/SG1teugoD2dJGBpH8p27VRtyfLLGd8IM58mVF6xHzTPsvzX+q
fKRNRrRiJ4jnLKxfJXW+fP7/w1FWjOkPpv9H9U6Kf/HEZvXE/AltbWrs+3Z83ZUp
TPfo79Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:32 2024 by rpki-client on console-fra.rpki-client.org