Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lr4K8WumeMtckkB6iVfDkkNcMwM.roa
File: lr4K8WumeMtckkB6iVfDkkNcMwM.roa (raw, json)
Hash identifier: 9EDeaRKBa+YtrqWHpLWW9dnFaeuZsd8K/VIjd/LQd2Y=
Subject key identifier: 96:BE:0A:F1:6B:A6:78:CB:5C:92:40:7A:89:57:C3:92:43:5C:33:03
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44D5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lr4K8WumeMtckkB6iVfDkkNcMwM.roa
Signing time: Sat 20 Apr 2024 08:53:05 +0000
ROA not before: Sat 20 Apr 2024 08:53:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17621 (0x44d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 08:53:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=96BE0AF16BA678CB5C92407A8957C392435C3303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:df:74:48:62:9e:5b:3f:9f:2f:74:c2:d8:3e:
a0:80:97:eb:bd:3e:e7:02:55:a2:88:70:6b:01:56:
ee:47:8e:8f:ce:5e:85:cf:90:2a:0d:67:08:6f:fb:
f5:97:5f:12:8b:d1:49:ac:e8:33:2c:90:f3:e6:94:
6d:69:48:71:85:75:19:33:d2:ce:8f:77:df:9a:9d:
45:b6:9a:c7:3b:f6:ae:ff:11:91:92:e1:13:6c:03:
0b:3e:ab:c8:e0:f0:f9:75:b9:8b:7f:8d:8e:29:79:
6f:3e:9d:e9:2b:f5:65:c3:ef:59:a1:56:08:e4:9d:
b8:2e:9c:1e:ac:b9:d6:8a:85:00:cb:f9:1b:a3:eb:
95:5e:f2:cb:0f:9d:df:32:35:cb:a9:b4:dc:44:e4:
89:3e:75:13:d1:e4:ab:12:ac:dc:96:2f:ce:43:39:
b6:f3:f3:1b:7c:98:ce:96:df:fd:5e:b0:72:2a:63:
2f:95:3a:cc:8f:b3:69:4d:20:41:26:5a:c1:02:64:
f8:63:2c:48:2c:fb:b5:48:77:5e:98:07:e9:f3:cf:
8c:f4:3f:42:eb:e1:98:2d:df:d6:e1:5b:1a:e4:24:
59:5d:0b:51:ab:03:72:02:fa:57:ba:27:c6:d9:6f:
22:9c:6d:1b:81:3f:1f:d3:2f:7f:56:08:e0:12:90:
f1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BE:0A:F1:6B:A6:78:CB:5C:92:40:7A:89:57:C3:92:43:5C:33:03
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lr4K8WumeMtckkB6iVfDkkNcMwM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6b:af:82:a1:10:55:96:80:97:54:63:ae:5e:0f:14:ab:5e:07:
f9:63:4c:fa:d5:6e:21:17:36:f0:54:f3:54:80:11:4d:6c:1b:
36:79:c5:92:73:d9:ef:2e:14:b5:66:20:28:d0:ab:d9:fc:0d:
e8:44:ba:41:cb:ae:16:8a:cf:82:f0:45:50:2e:66:e2:d7:08:
27:a6:ce:1f:1b:cc:24:1f:ce:10:2c:6b:86:ba:02:7b:e7:ed:
7e:b7:34:29:1d:fd:35:1a:18:f3:77:9f:a8:76:8a:dc:ee:6a:
c0:9c:07:27:9e:01:45:f8:56:82:a2:93:0b:2f:d8:3a:db:28:
99:3f:38:94:c9:57:5e:88:1f:89:3e:df:19:ab:5c:98:32:b4:
cd:71:b0:75:3d:ad:48:bc:75:37:e0:1a:d6:d2:2f:f5:b5:bc:
4c:ca:35:3a:07:16:33:9c:7c:33:62:10:00:86:38:82:42:29:
64:44:ee:fe:f5:f8:05:db:83:dc:78:35:de:7b:ec:48:c0:46:
72:bc:75:aa:15:52:1b:cf:5a:3d:95:8e:84:c9:ae:68:50:d6:
4f:81:0d:e9:13:4f:d0:68:cb:6f:8e:10:d6:fa:2f:c4:2c:49:
d7:ee:97:d6:6e:55:94:bf:1c:f5:00:79:06:96:8f:47:04:f8:
69:b9:99:bc
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRNUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
ODUzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk2QkUwQUYxNkJBNjc4
Q0I1QzkyNDA3QTg5NTdDMzkyNDM1QzMzMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT33RIYp5bP58vdMLYPqCAl+u9PucCVaKIcGsBVu5Hjo/OXoXP
kCoNZwhv+/WXXxKL0Ums6DMskPPmlG1pSHGFdRkz0s6Pd9+anUW2msc79q7/EZGS
4RNsAws+q8jg8Pl1uYt/jY4peW8+nekr9WXD71mhVgjknbgunB6sudaKhQDL+Ruj
65Ve8ssPnd8yNcuptNxE5Ik+dRPR5KsSrNyWL85DObbz8xt8mM6W3/1esHIqYy+V
OsyPs2lNIEEmWsECZPhjLEgs+7VId16YB+nzz4z0P0Lr4Zgt39bhWxrkJFldC1Gr
A3IC+le6J8bZbyKcbRuBPx/TL39WCOASkPHnAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUlr4K8WumeMtckkB6iVfDkkNcMwMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xyNEs4V3VtZU10Y2tr
QjZpVmZEa2tOY013TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGuvgqEQVZaAl1Rj
rl4PFKteB/ljTPrVbiEXNvBU81SAEU1sGzZ5xZJz2e8uFLVmICjQq9n8DehEukHL
rhaKz4LwRVAuZuLXCCemzh8bzCQfzhAsa4a6Anvn7X63NCkd/TUaGPN3n6h2itzu
asCcByeeAUX4VoKikwsv2DrbKJk/OJTJV16IH4k+3xmrXJgytM1xsHU9rUi8dTfg
GtbSL/W1vEzKNToHFjOcfDNiEACGOIJCKWRE7v71+AXbg9x4Nd577EjARnK8daoV
UhvPWj2VjoTJrmhQ1k+BDekTT9Boy2+OENb6L8QsSdful9ZuVZS/HPUAeQaWj0cE
+Gm5mbw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:44 2024 by rpki-client on console-fra.rpki-client.org