Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zNSfeOuFrgqp-TUjbzWtFudCQ1g.roa
File: zNSfeOuFrgqp-TUjbzWtFudCQ1g.roa (raw, json)
Hash identifier: Fe6rMv67IzeQRNd33hZwf6uRDXIvszaIDxkk3gzBMvE=
Subject key identifier: CC:D4:9F:78:EB:85:AE:0A:A9:F9:35:23:6F:35:AD:16:E7:42:43:58
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C4D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zNSfeOuFrgqp-TUjbzWtFudCQ1g.roa
Signing time: Mon 08 Apr 2024 23:52:35 +0000
ROA not before: Mon 08 Apr 2024 23:52:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15437 (0x3c4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 23:52:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CCD49F78EB85AE0AA9F935236F35AD16E7424358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1d:a5:8b:f5:05:b1:70:fc:08:2b:ab:fe:65:
61:d8:b5:e8:a0:d7:7a:ce:f5:bf:ad:88:fc:47:e0:
a7:63:74:e4:1e:03:82:a8:67:35:fc:ea:9a:f2:74:
05:03:64:73:39:8c:4f:50:76:be:bf:99:58:36:af:
0b:d6:75:47:ed:e2:f1:c5:b5:68:04:a2:5d:b7:c4:
d6:49:55:15:0c:d0:44:41:65:39:4f:ce:3e:46:c1:
d8:20:0c:e2:92:b9:e5:55:aa:2e:11:5b:ae:47:f5:
24:5a:0b:ce:ad:59:30:d3:12:4c:e5:9f:44:8c:d7:
86:9c:f7:6c:db:89:21:26:c5:a9:80:bf:20:e3:15:
5e:ca:46:01:bf:fa:41:28:af:30:60:cd:e3:d0:cc:
d5:3d:ea:ea:7f:01:c6:4a:89:c1:7c:70:9a:64:97:
b8:6d:7f:5e:6e:76:7e:e1:a6:2a:fb:a7:b7:a3:0e:
32:7c:9b:5b:72:34:e5:70:62:0c:83:29:11:ca:dc:
05:2d:0a:80:56:c3:ef:2a:b4:93:51:ad:15:37:f2:
3f:ab:70:9b:4f:94:d7:26:a8:eb:6c:d9:31:b3:86:
e9:fd:81:85:50:f0:2c:4c:37:5f:5b:a8:ac:7a:e3:
1a:89:cb:5a:ed:32:db:1d:16:8b:a2:ac:99:3c:9d:
99:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D4:9F:78:EB:85:AE:0A:A9:F9:35:23:6F:35:AD:16:E7:42:43:58
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zNSfeOuFrgqp-TUjbzWtFudCQ1g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7e:07:e0:d1:33:72:2d:ea:17:22:ef:8c:0f:cf:a5:27:0c:e7:
f1:ce:9a:7b:f6:da:e7:93:b9:38:2d:97:58:c1:15:66:21:60:
9a:8c:e9:81:8d:42:9b:b8:e5:c9:c0:36:7e:87:01:77:ba:1f:
b7:4b:f4:3c:fb:55:de:75:60:17:11:a8:92:b3:06:c3:29:2c:
51:52:3f:4c:7d:75:4f:75:12:f1:48:ec:90:35:e7:20:2f:99:
9c:96:d7:db:87:59:33:17:06:9f:fa:27:bd:e8:35:3f:09:79:
9e:42:29:ad:52:47:7a:6c:e9:13:99:6b:3c:91:f0:7f:b3:dd:
48:4d:75:cd:57:87:70:0d:37:07:9b:dc:f6:ab:40:45:d6:71:
71:9d:c5:57:b3:96:91:e4:27:1d:5d:44:0a:af:8c:34:33:92:
e0:82:e7:60:bb:3f:e3:0e:04:d1:f4:67:cb:75:d4:b7:39:fe:
a9:21:4d:19:5a:2a:62:78:ea:80:05:c7:71:2b:43:45:a7:f1:
18:e1:d5:00:4f:02:f4:28:87:06:d2:de:84:12:21:c2:86:80:
35:4d:b2:6f:15:12:f1:8e:57:a2:0e:61:01:c0:58:d1:0e:ef:
b3:fb:3e:96:ac:83:77:0f:64:02:79:c4:5c:90:85:63:88:47:
ad:9b:d8:95
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPE0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgy
MzUyMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENDRDQ5Rjc4RUI4NUFF
MEFBOUY5MzUyMzZGMzVBRDE2RTc0MjQzNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyHaWL9QWxcPwIK6v+ZWHYteig13rO9b+tiPxH4KdjdOQeA4Ko
ZzX86prydAUDZHM5jE9Qdr6/mVg2rwvWdUft4vHFtWgEol23xNZJVRUM0ERBZTlP
zj5GwdggDOKSueVVqi4RW65H9SRaC86tWTDTEkzln0SM14ac92zbiSEmxamAvyDj
FV7KRgG/+kEorzBgzePQzNU96up/AcZKicF8cJpkl7htf15udn7hpir7p7ejDjJ8
m1tyNOVwYgyDKRHK3AUtCoBWw+8qtJNRrRU38j+rcJtPlNcmqOts2TGzhun9gYVQ
8CxMN19bqKx64xqJy1rtMtsdFouirJk8nZmrAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUzNSfeOuFrgqp+TUjbzWtFudCQ1gwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3pOU2ZlT3VGcmdxcC1U
VWpield0RnVkQ1ExZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAH4H4NEzci3qFyLv
jA/PpScM5/HOmnv22ueTuTgtl1jBFWYhYJqM6YGNQpu45cnANn6HAXe6H7dL9Dz7
Vd51YBcRqJKzBsMpLFFSP0x9dU91EvFI7JA15yAvmZyW19uHWTMXBp/6J73oNT8J
eZ5CKa1SR3ps6ROZazyR8H+z3UhNdc1Xh3ANNweb3ParQEXWcXGdxVezlpHkJx1d
RAqvjDQzkuCC52C7P+MOBNH0Z8t11Lc5/qkhTRlaKmJ46oAFx3ErQ0Wn8Rjh1QBP
AvQohwbS3oQSIcKGgDVNsm8VEvGOV6IOYQHAWNEO77P7Ppasg3cPZAJ5xFyQhWOI
R62b2JU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:57 2024 by rpki-client on console-fra.rpki-client.org