Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xLfyaCqq9NKt9U2pvfz4MHTx4Cw.roa
File: xLfyaCqq9NKt9U2pvfz4MHTx4Cw.roa (raw, json)
Hash identifier: D1Y4VKRIG2wzEthgokkSg400DXUDNZasCljn/s1n22g=
Subject key identifier: C4:B7:F2:68:2A:AA:F4:D2:AD:F5:4D:A9:BD:FC:F8:30:74:F1:E0:2C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3349
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xLfyaCqq9NKt9U2pvfz4MHTx4Cw.roa
Signing time: Wed 27 Mar 2024 23:22:00 +0000
ROA not before: Wed 27 Mar 2024 23:22:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13129 (0x3349)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 23:22:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C4B7F2682AAAF4D2ADF54DA9BDFCF83074F1E02C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c6:c8:0d:4b:31:54:25:eb:08:fb:c1:96:fd:
cf:3b:47:3c:96:00:20:08:cd:bb:71:17:de:82:87:
6d:f6:bd:82:cc:bb:4e:a0:3b:3c:7e:e7:e2:83:6a:
a4:88:30:11:7d:01:de:60:05:65:21:84:dd:75:0c:
cd:f4:c7:74:1b:b7:13:62:2a:ce:02:86:cc:f2:24:
c6:f6:52:7b:09:b4:e2:41:b4:e7:97:31:fc:9f:55:
eb:a2:02:6c:ef:11:ac:1e:22:9d:d0:53:99:ee:8f:
e5:a7:51:14:b2:47:4d:ab:c4:54:7a:a8:c2:65:d8:
90:c8:b8:67:88:2e:62:2d:9e:87:cd:df:63:9d:3d:
18:22:3f:d7:68:de:68:f3:7c:dc:c9:4c:58:f6:e4:
f7:5d:78:15:a6:2d:19:55:44:47:ac:35:a9:70:02:
b2:33:33:e1:1b:f5:8e:f8:87:09:18:65:18:99:7a:
0d:0e:44:e3:fb:25:0f:a1:d7:f0:cd:a1:dd:62:db:
f3:13:2b:1e:51:0b:95:45:f0:18:ab:a0:36:8a:9b:
4c:04:ec:9a:95:f2:c0:1c:4a:50:ca:64:cd:b8:5e:
7c:36:99:26:99:b7:ae:5c:9c:54:96:6a:10:7a:e2:
41:27:16:85:2f:34:e0:9d:5a:04:85:09:08:38:b7:
be:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B7:F2:68:2A:AA:F4:D2:AD:F5:4D:A9:BD:FC:F8:30:74:F1:E0:2C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xLfyaCqq9NKt9U2pvfz4MHTx4Cw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
00:ae:2d:6d:fa:8d:3a:e7:f3:a7:76:a5:af:e4:9d:5f:a9:37:
b0:f3:81:0e:74:78:c8:87:54:8a:39:c4:31:dc:78:21:1d:42:
85:91:fa:28:31:2f:87:66:71:81:0a:96:ed:0f:28:7d:44:a7:
98:6e:ac:85:1b:5a:3f:32:ad:2e:12:ec:3b:bb:55:79:a3:ea:
45:61:95:07:a7:50:6a:85:48:4b:88:3a:1d:1e:8a:b5:b4:cc:
33:de:eb:e4:c5:63:b4:4b:f4:a0:98:95:af:1d:85:dc:78:fe:
7e:e4:42:ae:e4:b8:ac:b9:7e:19:56:0c:ed:45:ab:28:1c:89:
01:f2:9b:4b:11:ff:d8:76:10:d5:0f:16:7a:dd:8e:21:6a:cf:
ba:ed:e6:82:bd:c1:9c:97:84:2b:97:82:27:cb:c8:1e:94:b8:
85:bb:79:0e:fc:84:64:2a:35:08:ec:11:d0:76:8b:5a:03:19:
86:02:07:81:8b:7d:53:d4:33:c6:14:db:9f:52:95:25:9c:ec:
10:53:19:0d:65:69:04:04:08:41:52:8e:51:6b:8b:22:d3:7b:
d6:fa:cb:f4:31:00:07:98:6b:98:a2:74:de:04:8e:c2:ae:4c:
02:4d:22:41:e3:8c:61:47:3b:8d:62:ec:65:c7:92:41:84:c4:
1b:6e:c6:55
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICM0kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcy
MzIyMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM0QjdGMjY4MkFBQUY0
RDJBREY1NERBOUJERkNGODMwNzRGMUUwMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjxsgNSzFUJesI+8GW/c87RzyWACAIzbtxF96Ch232vYLMu06g
Ozx+5+KDaqSIMBF9Ad5gBWUhhN11DM30x3QbtxNiKs4ChszyJMb2UnsJtOJBtOeX
MfyfVeuiAmzvEaweIp3QU5nuj+WnURSyR02rxFR6qMJl2JDIuGeILmItnofN32Od
PRgiP9do3mjzfNzJTFj25PddeBWmLRlVREesNalwArIzM+Eb9Y74hwkYZRiZeg0O
ROP7JQ+h1/DNod1i2/MTKx5RC5VF8BiroDaKm0wE7JqV8sAcSlDKZM24Xnw2mSaZ
t65cnFSWahB64kEnFoUvNOCdWgSFCQg4t74TAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUxLfyaCqq9NKt9U2pvfz4MHTx4CwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hMZnlhQ3FxOU5LdDlV
MnB2Zno0TUhUeDRDdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAACuLW36jTrn86d2
pa/knV+pN7DzgQ50eMiHVIo5xDHceCEdQoWR+igxL4dmcYEKlu0PKH1Ep5hurIUb
Wj8yrS4S7Du7VXmj6kVhlQenUGqFSEuIOh0eirW0zDPe6+TFY7RL9KCYla8dhdx4
/n7kQq7kuKy5fhlWDO1FqygciQHym0sR/9h2ENUPFnrdjiFqz7rt5oK9wZyXhCuX
gifLyB6UuIW7eQ78hGQqNQjsEdB2i1oDGYYCB4GLfVPUM8YU259SlSWc7BBTGQ1l
aQQECEFSjlFriyLTe9b6y/QxAAeYa5iidN4EjsKuTAJNIkHjjGFHO41i7GXHkkGE
xBtuxlU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:55 2024 by rpki-client on console-fra.rpki-client.org