Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zNxvZG_nsGKk3hjFbTKoBxwjPxk.roa
File: zNxvZG_nsGKk3hjFbTKoBxwjPxk.roa (raw, json)
Hash identifier: hy5bLjOOBWsHc8KSBgqBfaC39UHLbs7AKBsK2fkT62w=
Subject key identifier: CC:DC:6F:64:6F:E7:B0:62:A4:DE:18:C5:6D:32:A8:07:1C:23:3F:19
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FD1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zNxvZG_nsGKk3hjFbTKoBxwjPxk.roa
Signing time: Sun 05 May 2024 00:23:53 +0000
ROA not before: Sun 05 May 2024 00:23:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20433 (0x4fd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 00:23:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CCDC6F646FE7B062A4DE18C56D32A8071C233F19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:94:6c:97:12:9b:3e:4f:90:05:68:ef:9f:a7:
76:10:64:a3:65:35:1b:42:2d:f1:c3:81:55:17:ee:
e2:7e:28:19:f1:80:6d:bf:84:7e:a3:6b:77:e1:55:
b7:1b:c0:ff:c5:f7:9d:38:18:45:6b:af:07:93:d6:
fb:b7:55:31:6d:a9:78:70:ce:66:ae:f9:dd:f4:ca:
7b:dc:a6:70:75:da:ee:1f:d7:df:b2:29:ae:8c:0f:
7e:51:01:0c:8f:5b:e8:9e:ba:c0:54:16:21:3b:14:
74:52:3c:5f:f6:a0:aa:3e:2c:c2:a1:50:d0:a3:a9:
5a:91:3a:1b:2a:1a:47:a9:e5:f0:46:a5:b1:ae:3e:
51:83:62:d8:a0:68:5e:06:36:02:a1:67:7d:1c:4c:
78:19:8f:53:46:47:fb:3a:9f:f7:6d:5e:be:d8:38:
20:47:ee:fe:34:86:e9:8d:8f:9c:92:39:d9:44:12:
cf:92:d3:cf:77:92:fa:07:0e:eb:86:3f:92:aa:c8:
6c:48:57:36:1e:fc:50:31:eb:af:a7:c0:19:99:e7:
27:ae:4d:9a:b2:db:10:f6:1a:e5:d6:e1:90:51:f7:
31:8b:be:81:d3:71:b4:05:57:02:47:b3:7b:f3:2d:
b7:06:ff:6c:c2:a4:25:b3:d2:6a:d4:b2:4e:5f:b7:
0d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:DC:6F:64:6F:E7:B0:62:A4:DE:18:C5:6D:32:A8:07:1C:23:3F:19
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zNxvZG_nsGKk3hjFbTKoBxwjPxk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
34:0e:78:ab:77:40:a5:af:da:49:58:ff:a5:10:9d:db:b0:8e:
6c:35:e4:76:c6:3d:b4:ef:e7:1c:29:42:37:f2:7f:ca:65:8c:
05:c9:d2:9d:f2:d6:db:75:4a:bb:e0:2e:06:4a:e7:84:02:fa:
91:40:45:12:91:3f:78:8f:75:43:83:cb:65:d5:3d:d1:5d:84:
2a:48:af:b3:fd:85:e6:57:32:b1:b4:0a:e3:aa:65:a0:0d:1e:
af:ba:e1:d3:6d:38:51:5a:24:f1:47:68:ac:f6:6a:f6:4b:66:
7a:00:a1:51:1b:1a:7e:7a:81:66:66:6e:45:7c:98:59:fd:df:
4f:3c:5a:2b:d6:56:d4:18:47:b3:a2:7e:71:d0:21:a3:93:61:
f9:f0:67:00:d0:5d:f1:17:e4:b6:d0:36:11:cf:5d:f9:f0:0f:
7e:95:51:72:26:84:68:ab:93:53:86:57:b4:bb:72:f6:25:c9:
83:34:e1:d1:ae:10:1c:e9:4b:2b:52:df:5d:72:07:be:5f:6e:
1a:98:5d:40:40:3f:5f:99:75:90:fe:2a:f2:8c:0f:29:60:c5:
c0:fa:1c:df:80:43:06:f0:ca:a0:8e:aa:34:4c:20:ba:93:62:
9f:19:ee:31:26:10:16:cb:e1:bd:44:56:fe:60:a5:a7:92:c8:
14:59:1f:0c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICT9EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUw
MDIzNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENDREM2RjY0NkZFN0Iw
NjJBNERFMThDNTZEMzJBODA3MUMyMzNGMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKlGyXEps+T5AFaO+fp3YQZKNlNRtCLfHDgVUX7uJ+KBnxgG2/
hH6ja3fhVbcbwP/F9504GEVrrweT1vu3VTFtqXhwzmau+d30ynvcpnB12u4f19+y
Ka6MD35RAQyPW+ieusBUFiE7FHRSPF/2oKo+LMKhUNCjqVqROhsqGkep5fBGpbGu
PlGDYtigaF4GNgKhZ30cTHgZj1NGR/s6n/dtXr7YOCBH7v40humNj5ySOdlEEs+S
0893kvoHDuuGP5KqyGxIVzYe/FAx66+nwBmZ5yeuTZqy2xD2GuXW4ZBR9zGLvoHT
cbQFVwJHs3vzLbcG/2zCpCWz0mrUsk5ftw3BAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUzNxvZG/nsGKk3hjFbTKoBxwjPxkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3pOeHZaR19uc0dLazNo
akZiVEtvQnh3alB4ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADQOeKt3QKWv2klY
/6UQnduwjmw15HbGPbTv5xwpQjfyf8pljAXJ0p3y1tt1SrvgLgZK54QC+pFARRKR
P3iPdUODy2XVPdFdhCpIr7P9heZXMrG0CuOqZaANHq+64dNtOFFaJPFHaKz2avZL
ZnoAoVEbGn56gWZmbkV8mFn93088WivWVtQYR7OifnHQIaOTYfnwZwDQXfEX5LbQ
NhHPXfnwD36VUXImhGirk1OGV7S7cvYlyYM04dGuEBzpSytS311yB75fbhqYXUBA
P1+ZdZD+KvKMDylgxcD6HN+AQwbwyqCOqjRMILqTYp8Z7jEmEBbL4b1EVv5gpaeS
yBRZHww=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:36 2025 by rpki-client