Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rNwyZub2doOegEk_vCHXRF10tdM.roa
File: rNwyZub2doOegEk_vCHXRF10tdM.roa (raw, json)
Hash identifier: 9zduPE2UoG2GOv3mRlXqmT6Cu+8EZ9QE7nZJ1MASxOo=
Subject key identifier: AC:DC:32:66:E6:F6:76:83:9E:80:49:3F:BC:21:D7:44:5D:74:B5:D3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 433D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rNwyZub2doOegEk_vCHXRF10tdM.roa
Signing time: Thu 18 Apr 2024 05:53:00 +0000
ROA not before: Thu 18 Apr 2024 05:53:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17213 (0x433d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 05:53:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=ACDC3266E6F676839E80493FBC21D7445D74B5D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:57:4b:c4:fb:1c:05:ac:e0:fb:97:92:d9:53:
11:c0:6e:8d:15:b9:af:9a:ea:be:59:15:7f:8b:2d:
72:f1:fb:88:b1:c5:19:12:14:52:9d:c9:15:09:e3:
b2:04:a9:b8:7c:93:d3:c4:ce:3f:9d:f2:63:c1:ae:
1e:a1:bf:5f:f2:a2:cc:ac:58:6f:1a:a9:71:e3:46:
2a:f3:83:97:8b:da:09:63:4c:7d:c1:b2:4f:25:34:
9f:1a:7f:d6:f5:d9:70:b9:cd:27:1d:2e:5a:55:bf:
62:1d:81:c8:27:e7:bd:18:86:f2:8f:e9:70:9a:97:
53:69:7e:84:2a:69:f9:75:58:88:b4:07:8a:86:0d:
09:83:08:af:29:52:95:82:1f:d8:56:0c:f9:ca:1a:
c1:b1:de:d2:0a:eb:e2:b7:5d:63:57:35:6b:93:65:
87:67:28:42:0d:e9:1d:f6:9c:32:80:a8:9d:9d:19:
36:db:a1:bb:6a:3d:6e:21:9f:90:a8:4e:0c:d6:4c:
e3:17:b2:1f:f4:e5:0b:bd:34:ef:73:dd:e8:37:d5:
a5:d3:51:d4:60:cb:5e:1c:bf:38:25:ff:9d:4f:79:
e1:9d:d0:a8:d5:03:e9:38:f6:b5:53:4d:2c:d2:26:
a2:7e:80:18:76:1b:9a:8b:ae:ed:5a:7e:4c:e7:c8:
4e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:DC:32:66:E6:F6:76:83:9E:80:49:3F:BC:21:D7:44:5D:74:B5:D3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rNwyZub2doOegEk_vCHXRF10tdM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
58:e0:ec:70:b2:5e:18:79:64:63:9e:fc:1d:c8:3e:66:84:56:
2d:fe:a6:1e:17:e0:96:33:33:d7:67:5e:49:72:9f:52:ef:07:
3f:a3:5b:96:7c:99:d5:2b:60:a8:dd:60:85:57:f7:48:a9:4a:
37:e3:85:0a:5e:84:c4:51:eb:0b:44:72:20:51:f6:83:25:bf:
24:07:23:e5:0a:54:57:4d:e2:cf:0a:8b:4f:78:87:42:29:0d:
e4:c8:17:6a:42:7d:bf:7e:81:74:dd:b1:5e:5f:22:11:81:92:
f7:31:87:ae:7e:d9:d7:2d:d7:e5:83:38:d9:ab:8e:2b:51:d3:
47:93:fc:28:3f:95:87:b2:10:f3:be:af:f0:5d:2f:6b:8b:81:
50:6f:23:07:2d:48:65:d2:7b:87:7b:1e:88:bb:6a:80:9f:2b:
7b:21:f8:90:f1:bd:12:df:b5:ec:44:80:de:65:a7:26:17:f5:
64:1c:1f:50:52:11:19:ad:bb:c1:94:b1:09:6e:af:5c:6a:c1:
ad:58:da:95:b2:7c:f3:62:77:0d:f0:60:44:31:a8:bf:2e:f8:
b6:41:4a:a0:ae:de:f1:15:95:a1:ad:44:d3:76:ea:38:a1:69:
0c:77:d1:f4:e9:8e:9f:01:af:8e:ba:5b:78:fb:9b:a2:74:82:
07:11:25:a0
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQz0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgw
NTUzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFDREMzMjY2RTZGNjc2
ODM5RTgwNDkzRkJDMjFENzQ0NUQ3NEI1RDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0V0vE+xwFrOD7l5LZUxHAbo0Vua+a6r5ZFX+LLXLx+4ixxRkS
FFKdyRUJ47IEqbh8k9PEzj+d8mPBrh6hv1/yosysWG8aqXHjRirzg5eL2gljTH3B
sk8lNJ8af9b12XC5zScdLlpVv2Idgcgn570YhvKP6XCal1NpfoQqafl1WIi0B4qG
DQmDCK8pUpWCH9hWDPnKGsGx3tIK6+K3XWNXNWuTZYdnKEIN6R32nDKAqJ2dGTbb
obtqPW4hn5CoTgzWTOMXsh/05Qu9NO9z3eg31aXTUdRgy14cvzgl/51PeeGd0KjV
A+k49rVTTSzSJqJ+gBh2G5qLru1afkznyE5TAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUrNwyZub2doOegEk/vCHXRF10tdMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JOd3ladWIyZG9PZWdF
a192Q0hYUkYxMHRkTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFjg7HCyXhh5ZGOe
/B3IPmaEVi3+ph4X4JYzM9dnXklyn1LvBz+jW5Z8mdUrYKjdYIVX90ipSjfjhQpe
hMRR6wtEciBR9oMlvyQHI+UKVFdN4s8Ki094h0IpDeTIF2pCfb9+gXTdsV5fIhGB
kvcxh65+2dct1+WDONmrjitR00eT/Cg/lYeyEPO+r/BdL2uLgVBvIwctSGXSe4d7
Hoi7aoCfK3sh+JDxvRLftexEgN5lpyYX9WQcH1BSERmtu8GUsQlur1xqwa1Y2pWy
fPNidw3wYEQxqL8u+LZBSqCu3vEVlaGtRNN26jihaQx30fTpjp8Br466W3j7m6J0
ggcRJaA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:49 2024 by rpki-client on console-fra.rpki-client.org