Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zLU0jsrtYTigzKPbyUjm7EU2Zqc.roa
File: zLU0jsrtYTigzKPbyUjm7EU2Zqc.roa (raw, json)
Hash identifier: EyPS79z4/UBbSy+q8QWWvNkNqqNgnR2GKzdDzuj1Kgo=
Subject key identifier: CC:B5:34:8E:CA:ED:61:38:A0:CC:A3:DB:C9:48:E6:EC:45:36:66:A7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 475D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zLU0jsrtYTigzKPbyUjm7EU2Zqc.roa
Signing time: Tue 23 Apr 2024 17:53:12 +0000
ROA not before: Tue 23 Apr 2024 17:53:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18269 (0x475d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 23 17:53:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CCB5348ECAED6138A0CCA3DBC948E6EC453666A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f3:8f:b0:b9:2b:9c:a8:28:b1:e5:63:29:c1:
1b:f4:bb:40:b8:a8:ec:93:e9:f4:bc:71:70:d8:62:
fd:8a:3a:2d:50:5b:f2:96:7e:b0:c6:75:bd:07:29:
13:aa:b5:21:81:c6:3f:2a:91:36:6b:7b:f1:88:35:
ec:79:d3:d1:64:7f:14:43:7d:7b:37:04:f2:ce:72:
1a:74:ff:3c:01:57:10:7f:eb:78:49:2b:2b:3a:13:
f1:0e:b1:95:67:88:31:66:b2:8d:bc:8b:70:45:27:
d0:10:a3:2e:d2:5d:bf:a2:1b:d2:db:66:9f:98:72:
03:5a:33:6e:1d:c9:d9:83:58:fe:92:aa:99:0c:8c:
3b:6f:48:08:12:61:9c:37:53:c4:6d:37:39:7c:d2:
f3:43:87:5d:1c:50:cb:f9:24:17:b0:cd:5b:71:90:
91:08:f6:c6:1e:7f:39:53:de:f0:1e:f2:bb:57:38:
25:7d:93:d2:5c:ff:be:c9:e3:c0:c7:fb:1c:f1:ee:
23:60:13:1d:ef:5d:8b:7b:4a:6d:38:ef:a6:18:62:
78:80:c2:8b:c0:f7:4b:32:05:0d:10:52:7a:6d:40:
8c:9f:45:15:24:e6:36:2f:9e:08:a7:ce:f2:2b:32:
cd:fc:71:0f:9d:03:8b:94:8e:e1:76:66:98:9f:26:
f0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B5:34:8E:CA:ED:61:38:A0:CC:A3:DB:C9:48:E6:EC:45:36:66:A7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zLU0jsrtYTigzKPbyUjm7EU2Zqc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5b:a7:57:50:5b:30:28:8c:f2:da:9a:16:86:90:6c:58:93:0b:
97:b2:1c:ab:0b:17:91:80:34:6c:83:36:df:d0:f3:4b:1f:46:
8d:87:7b:3f:e4:21:59:c8:9f:d8:c3:8b:19:a1:d0:21:2e:cf:
c5:a5:36:65:60:3b:4b:f2:51:ce:1f:4e:15:3b:81:57:29:3d:
01:18:8f:b0:46:87:7e:52:43:49:ac:30:cf:b3:ed:39:55:62:
cd:06:80:eb:0e:c3:fa:42:50:75:dd:e3:79:f4:15:2e:bc:a7:
f4:8a:58:c8:2c:60:83:21:f0:82:7a:a8:ef:7f:8c:9c:d0:34:
58:b2:76:c8:c2:f4:31:f1:ca:1e:5d:76:8f:21:dc:d0:13:e9:
cc:99:cc:62:5c:63:a9:78:63:d4:b9:25:e1:57:b1:25:89:e4:
2d:21:2e:54:f2:13:0d:65:85:f1:19:d2:00:20:67:b9:0e:40:
f3:64:ac:83:a9:83:24:c4:79:95:48:de:96:9f:73:86:d1:5d:
84:3a:67:ba:71:cf:2c:3b:fe:28:cf:f1:9b:04:ae:3f:9b:4d:
2e:c8:9d:1d:a5:a5:0e:1c:f7:66:db:2b:27:d6:c9:fd:5e:5e:
70:8e:a5:2d:de:c7:b9:0d:28:c7:85:b8:99:1e:83:51:b5:8d:
d2:74:b4:73
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICR10wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjMx
NzUzMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENDQjUzNDhFQ0FFRDYx
MzhBMENDQTNEQkM5NDhFNkVDNDUzNjY2QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy84+wuSucqCix5WMpwRv0u0C4qOyT6fS8cXDYYv2KOi1QW/KW
frDGdb0HKROqtSGBxj8qkTZre/GINex509FkfxRDfXs3BPLOchp0/zwBVxB/63hJ
Kys6E/EOsZVniDFmso28i3BFJ9AQoy7SXb+iG9LbZp+YcgNaM24dydmDWP6SqpkM
jDtvSAgSYZw3U8RtNzl80vNDh10cUMv5JBewzVtxkJEI9sYefzlT3vAe8rtXOCV9
k9Jc/77J48DH+xzx7iNgEx3vXYt7Sm0476YYYniAwovA90syBQ0QUnptQIyfRRUk
5jYvnginzvIrMs38cQ+dA4uUjuF2ZpifJvA/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUzLU0jsrtYTigzKPbyUjm7EU2ZqcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3pMVTBqc3J0WVRpZ3pL
UGJ5VWptN0VVMlpxYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFunV1BbMCiM8tqa
FoaQbFiTC5eyHKsLF5GANGyDNt/Q80sfRo2Hez/kIVnIn9jDixmh0CEuz8WlNmVg
O0vyUc4fThU7gVcpPQEYj7BGh35SQ0msMM+z7TlVYs0GgOsOw/pCUHXd43n0FS68
p/SKWMgsYIMh8IJ6qO9/jJzQNFiydsjC9DHxyh5ddo8h3NAT6cyZzGJcY6l4Y9S5
JeFXsSWJ5C0hLlTyEw1lhfEZ0gAgZ7kOQPNkrIOpgyTEeZVI3pafc4bRXYQ6Z7px
zyw7/ijP8ZsErj+bTS7InR2lpQ4c92bbKyfWyf1eXnCOpS3ex7kNKMeFuJkeg1G1
jdJ0tHM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:57 2024 by rpki-client on console-fra.rpki-client.org