Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Zet2VHRNsvDgd8s6KJW5q3qPTYI.roa
File: Zet2VHRNsvDgd8s6KJW5q3qPTYI.roa (raw, json)
Hash identifier: b6Wu8oF4jvBMdssj0JDiZEJgq0/sgtJ+G211Ok0fyVU=
Subject key identifier: 65:EB:76:54:74:4D:B2:F0:E0:77:CB:3A:28:95:B9:AB:7A:8F:4D:82
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33C9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Zet2VHRNsvDgd8s6KJW5q3qPTYI.roa
Signing time: Thu 28 Mar 2024 15:22:28 +0000
ROA not before: Thu 28 Mar 2024 15:22:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13257 (0x33c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 15:22:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=65EB7654744DB2F0E077CB3A2895B9AB7A8F4D82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:05:2d:dc:25:dd:53:0f:26:09:e2:ff:ff:52:
16:88:00:eb:69:ba:80:3f:3b:6d:18:66:1c:1b:7f:
8d:c3:4d:8b:a3:28:68:0e:c6:3f:02:36:7f:a4:bd:
fd:ab:f1:70:7e:ef:c2:b6:5a:f7:c6:0e:03:c3:00:
38:e3:5c:0f:8a:87:87:80:a9:5e:fa:b3:c0:b8:4f:
36:df:ee:9f:b5:d6:35:a6:b4:a4:0d:60:30:35:6b:
19:67:37:81:75:9c:70:b7:10:cc:08:e0:f3:d2:c9:
cc:5e:af:18:19:08:87:f2:69:53:86:67:2c:b9:f3:
8d:1e:41:1e:8d:4c:7f:44:a7:f9:98:d7:e7:ef:51:
76:fb:b0:34:77:35:54:83:c5:44:8f:2e:c5:0e:40:
db:5b:f6:00:16:8d:07:a4:16:08:e1:09:5d:49:28:
04:52:38:f4:04:70:c6:39:a7:3e:69:a5:8b:db:6b:
ca:ba:29:dc:0e:fc:ce:07:59:4a:57:4e:30:93:34:
0c:06:ff:5a:59:a8:7a:22:4d:17:16:ce:b9:10:0f:
01:06:ca:30:fb:f4:34:30:96:f2:36:30:16:89:f9:
55:10:01:91:4f:50:af:1e:3c:0f:62:77:6d:d1:2b:
c1:20:84:02:e0:a1:72:42:d0:e2:9b:a1:56:e0:f3:
25:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:EB:76:54:74:4D:B2:F0:E0:77:CB:3A:28:95:B9:AB:7A:8F:4D:82
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Zet2VHRNsvDgd8s6KJW5q3qPTYI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
76:ff:a3:d5:eb:da:68:92:f3:c6:d2:bd:2b:9a:34:b6:82:37:
87:1c:e2:81:13:24:5c:0c:29:77:6b:2b:c6:0e:31:37:96:be:
3c:7e:e8:39:63:cf:cf:06:d2:26:5a:5b:54:9e:0c:fe:cf:7e:
49:ff:aa:20:db:24:51:62:6b:3a:c8:15:e3:11:ff:96:60:36:
f7:48:cb:1c:32:a7:39:d8:94:e7:16:a3:f4:c1:b8:f7:87:a4:
8d:4e:c8:a0:48:32:37:85:45:f5:09:3e:6c:c3:5c:f5:95:f4:
da:dc:b4:63:71:3e:e2:30:64:07:e8:62:3f:38:91:7b:78:cb:
b6:bd:03:5b:67:93:b0:59:11:5e:72:4b:37:79:8e:fc:15:a1:
3d:8b:fd:b3:7e:a6:12:cb:fe:d5:36:d2:00:65:cd:82:46:c4:
9d:b1:9a:b4:19:92:24:fc:c7:7d:ed:02:97:66:9c:4e:cf:5e:
db:64:34:90:77:82:8a:be:67:1b:95:81:df:fb:15:1d:48:b2:
e1:32:32:70:db:58:6a:1a:7e:79:92:0f:35:81:26:fd:7a:a5:
a0:85:e9:fc:99:1e:a8:54:93:5c:5d:f7:c5:21:c5:d8:98:20:
a0:e0:11:5f:d7:51:73:9f:b0:20:13:93:f1:67:19:53:68:08:
0d:c6:75:80
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICM8kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgx
NTIyMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY1RUI3NjU0NzQ0REIy
RjBFMDc3Q0IzQTI4OTVCOUFCN0E4RjREODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmBS3cJd1TDyYJ4v//UhaIAOtpuoA/O20YZhwbf43DTYujKGgO
xj8CNn+kvf2r8XB+78K2WvfGDgPDADjjXA+Kh4eAqV76s8C4Tzbf7p+11jWmtKQN
YDA1axlnN4F1nHC3EMwI4PPSycxerxgZCIfyaVOGZyy5840eQR6NTH9Ep/mY1+fv
UXb7sDR3NVSDxUSPLsUOQNtb9gAWjQekFgjhCV1JKARSOPQEcMY5pz5ppYvba8q6
KdwO/M4HWUpXTjCTNAwG/1pZqHoiTRcWzrkQDwEGyjD79DQwlvI2MBaJ+VUQAZFP
UK8ePA9id23RK8EghALgoXJC0OKboVbg8yWTAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUZet2VHRNsvDgd8s6KJW5q3qPTYIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1pldDJWSFJOc3ZEZ2Q4
czZLSlc1cTNxUFRZSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHb/o9Xr2miS88bS
vSuaNLaCN4cc4oETJFwMKXdrK8YOMTeWvjx+6Dljz88G0iZaW1SeDP7Pfkn/qiDb
JFFiazrIFeMR/5ZgNvdIyxwypznYlOcWo/TBuPeHpI1OyKBIMjeFRfUJPmzDXPWV
9NrctGNxPuIwZAfoYj84kXt4y7a9A1tnk7BZEV5ySzd5jvwVoT2L/bN+phLL/tU2
0gBlzYJGxJ2xmrQZkiT8x33tApdmnE7PXttkNJB3goq+ZxuVgd/7FR1IsuEyMnDb
WGoafnmSDzWBJv16paCF6fyZHqhUk1xd98UhxdiYIKDgEV/XUXOfsCATk/FnGVNo
CA3GdYA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:55:59 2025 by rpki-client