Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/nWjTCB0BguVqNVoSRcXbaU_GUls.roa
File: nWjTCB0BguVqNVoSRcXbaU_GUls.roa (raw, json)
Hash identifier: uM7jaUTYttYUR3oXn39oDMHECkxCoXTAhA7CHtGmI14=
Subject key identifier: 9D:68:D3:08:1D:01:82:E5:6A:35:5A:12:45:C5:DB:69:4F:C6:52:5B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D19
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nWjTCB0BguVqNVoSRcXbaU_GUls.roa
Signing time: Wed 10 Apr 2024 01:22:38 +0000
ROA not before: Wed 10 Apr 2024 01:22:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15641 (0x3d19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 01:22:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9D68D3081D0182E56A355A1245C5DB694FC6525B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d4:0a:02:cf:78:8c:f3:e9:c3:6e:cc:2a:bc:
61:d5:fa:2d:2d:3d:15:d3:6b:36:4a:5f:1b:35:d8:
01:6b:be:4f:86:5d:16:70:5a:2e:b7:f3:f7:d2:0b:
16:f0:0f:4d:b0:ef:2b:a7:b4:8e:d2:7b:1e:43:1d:
ec:92:41:ea:02:3e:28:7d:96:45:bf:3e:a9:ae:61:
c6:e9:dc:2a:c1:96:73:fb:0b:7c:45:9c:78:3f:35:
ba:dd:0f:d0:f8:ec:c9:0b:2d:dd:0b:90:e2:02:34:
e3:a7:ed:76:b0:4d:f0:28:a5:d1:9b:9e:1e:1b:39:
5d:94:ea:99:f1:af:53:37:55:65:b3:6d:37:c9:17:
e0:3c:9c:ae:7a:1a:6c:a0:0d:a4:14:71:f8:65:98:
5b:64:52:a7:d1:3b:2b:9f:5a:6e:2f:3f:a1:f0:0c:
64:69:44:21:f0:1a:04:a1:77:a4:c6:43:df:0a:86:
a9:a1:88:07:cc:6b:63:0c:6b:86:2a:0e:81:96:a7:
23:ae:dc:03:cb:1f:79:22:33:d0:1a:2a:eb:06:89:
bb:81:a3:10:57:9c:90:69:12:72:4c:e4:5c:74:82:
92:46:25:82:19:b2:f3:a9:fa:9d:97:67:b6:d3:9c:
d6:f2:ee:1b:41:d2:4d:1f:ca:26:28:90:fc:82:e5:
50:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:68:D3:08:1D:01:82:E5:6A:35:5A:12:45:C5:DB:69:4F:C6:52:5B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nWjTCB0BguVqNVoSRcXbaU_GUls.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
17:f1:7b:29:b2:20:4c:60:b5:23:b3:4c:22:d1:eb:fe:51:81:
c8:91:ca:0c:4c:9b:6e:0a:22:e3:7e:9f:f1:9b:da:6f:27:ee:
4b:5e:9e:0c:1a:f7:40:98:f2:f4:dd:52:e5:de:62:4c:cf:bc:
77:2f:ed:3f:be:ed:a8:49:06:22:4c:fa:28:11:6e:e0:be:22:
d0:71:fa:39:8b:94:bc:d0:b0:bf:70:a3:ae:4b:25:4e:a1:20:
b8:b2:f4:6b:ea:80:02:d0:4b:6d:11:c4:7d:0d:68:92:3c:44:
e8:fe:16:59:0a:aa:93:c7:8e:a1:39:e5:bd:82:4a:25:fd:49:
1c:da:7a:61:c0:14:a3:ca:0a:8d:e9:8b:7e:be:0d:a4:51:77:
42:2b:0f:ed:52:62:c5:8b:2a:26:58:f4:ee:89:de:06:d3:36:
83:21:21:f6:54:f4:28:ce:02:45:1e:e5:34:00:2c:0b:68:7f:
b1:27:7b:ac:a2:7e:0e:b0:eb:27:69:ef:95:eb:c2:15:09:c0:
4d:1f:dc:4f:9a:cd:83:ee:98:1f:56:99:e5:63:64:bf:ff:4b:
8e:57:97:83:30:b1:a2:43:a5:85:2e:fc:26:98:2c:4d:f9:19:
7d:b4:06:59:1e:2e:67:e5:fa:49:d2:75:af:05:44:4e:ad:3e:
d4:71:e1:c9
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPRkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAw
MTIyMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlENjhEMzA4MUQwMTgy
RTU2QTM1NUExMjQ1QzVEQjY5NEZDNjUyNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDq1AoCz3iM8+nDbswqvGHV+i0tPRXTazZKXxs12AFrvk+GXRZw
Wi638/fSCxbwD02w7yuntI7Sex5DHeySQeoCPih9lkW/PqmuYcbp3CrBlnP7C3xF
nHg/NbrdD9D47MkLLd0LkOICNOOn7XawTfAopdGbnh4bOV2U6pnxr1M3VWWzbTfJ
F+A8nK56GmygDaQUcfhlmFtkUqfROyufWm4vP6HwDGRpRCHwGgShd6TGQ98Khqmh
iAfMa2MMa4YqDoGWpyOu3APLH3kiM9AaKusGibuBoxBXnJBpEnJM5Fx0gpJGJYIZ
svOp+p2XZ7bTnNby7htB0k0fyiYokPyC5VBHAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUnWjTCB0BguVqNVoSRcXbaU/GUlswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25XalRDQjBCZ3VWcU5W
b1NSY1hiYVVfR1Vscy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABfxeymyIExgtSOz
TCLR6/5RgciRygxMm24KIuN+n/Gb2m8n7ktengwa90CY8vTdUuXeYkzPvHcv7T++
7ahJBiJM+igRbuC+ItBx+jmLlLzQsL9wo65LJU6hILiy9GvqgALQS20RxH0NaJI8
ROj+FlkKqpPHjqE55b2CSiX9SRzaemHAFKPKCo3pi36+DaRRd0IrD+1SYsWLKiZY
9O6J3gbTNoMhIfZU9CjOAkUe5TQALAtof7Ene6yifg6w6ydp75XrwhUJwE0f3E+a
zYPumB9WmeVjZL//S45Xl4MwsaJDpYUu/CaYLE35GX20BlkeLmfl+knSda8FRE6t
PtRx4ck=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:45 2024 by rpki-client on console-fra.rpki-client.org