Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zOk0FJzOSMSnNcDdmC1irXuAF7I.roa
File: zOk0FJzOSMSnNcDdmC1irXuAF7I.roa (raw, json)
Hash identifier: eZYNE3YRZB3HDQXqRamYLWGAlpc78WpEDawqNRlrPxY=
Subject key identifier: CC:E9:34:14:9C:CE:48:C4:A7:35:C0:DD:98:2D:62:AD:7B:80:17:B2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3AA9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zOk0FJzOSMSnNcDdmC1irXuAF7I.roa
Signing time: Sat 06 Apr 2024 19:22:28 +0000
ROA not before: Sat 06 Apr 2024 19:22:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15017 (0x3aa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 19:22:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CCE934149CCE48C4A735C0DD982D62AD7B8017B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:dd:79:b8:b4:03:a9:e3:42:98:46:61:6c:40:
d1:71:92:f9:c3:5a:b7:33:b7:dc:c9:92:92:57:e6:
3a:61:0b:2d:90:7b:46:cf:f2:2a:b3:28:aa:c4:e9:
97:89:22:97:8b:b0:e3:46:c4:97:a3:75:d5:77:a1:
88:39:41:61:3d:e5:c7:8a:ff:63:df:d9:1a:64:db:
61:7b:89:c3:2c:18:25:96:37:e3:a5:cb:aa:4a:a7:
c3:dc:ec:c5:55:46:d6:dc:88:69:ec:da:5f:f3:bd:
2c:0e:d7:42:6e:a3:8b:44:d5:ee:69:f6:93:b0:36:
d2:9a:0e:4e:44:75:e4:d7:2d:a5:c7:78:85:1c:df:
2e:9a:f9:c7:2d:63:95:88:ea:6f:5a:77:e5:0d:83:
bc:c8:dd:79:ff:f8:25:65:ac:fb:f9:54:17:a2:a5:
23:d4:01:a8:7f:73:80:00:7a:3a:ac:cc:b7:42:0b:
bc:35:79:ba:61:1d:b6:f0:fe:91:dc:3f:d5:06:b3:
e8:62:e1:59:49:86:2c:89:90:cb:4c:97:9a:88:42:
3d:ac:e9:38:a7:44:cb:4b:3f:16:dd:bb:7c:81:d8:
0a:ec:d4:d6:b3:78:d0:be:a8:4f:60:a8:9e:22:85:
dd:4e:84:e0:75:1a:48:73:cc:8c:f5:64:09:0f:11:
2c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E9:34:14:9C:CE:48:C4:A7:35:C0:DD:98:2D:62:AD:7B:80:17:B2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zOk0FJzOSMSnNcDdmC1irXuAF7I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
28:9c:fc:6a:57:35:f0:58:a6:11:29:21:c5:98:ce:20:ce:77:
2e:67:9a:6d:3b:8d:a1:32:ec:06:42:09:d3:44:d9:d7:2e:81:
53:ef:74:de:85:0e:91:12:d5:b8:ac:b2:c8:9e:c5:d5:d9:e3:
62:5c:3d:c1:a6:07:8f:be:c0:2f:1b:64:1f:45:da:47:8a:92:
85:d0:53:73:ef:8f:d6:15:ea:b9:34:a2:80:78:d0:ed:18:72:
b0:6d:d3:96:d6:90:1e:7d:38:43:ef:11:dd:55:7b:31:1e:99:
72:61:3a:36:1a:7f:84:61:0f:ee:4e:fc:04:ab:82:6a:b2:28:
d5:94:f4:22:b6:7d:ea:72:f7:b9:db:67:5a:92:0f:d7:4b:16:
8d:7b:9c:9d:51:5e:ed:28:78:ec:5e:91:e4:12:90:2a:8c:29:
f7:0f:ad:f5:62:d9:b7:31:a8:86:d1:56:d9:f7:3a:85:95:07:
8a:d5:54:9f:95:b0:40:2a:6e:de:9e:bb:c7:62:8e:c5:3a:7d:
db:b7:a1:d3:f8:36:33:11:38:b6:0b:3b:be:16:70:d9:29:f0:
8a:ce:69:27:01:c6:a9:f4:0b:49:87:f2:d5:e7:0d:02:cd:92:
42:06:8f:07:29:16:ce:23:5a:56:5f:61:4f:c3:9e:40:31:43:
19:ca:42:65
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOqkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYx
OTIyMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENDRTkzNDE0OUNDRTQ4
QzRBNzM1QzBERDk4MkQ2MkFEN0I4MDE3QjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU3Xm4tAOp40KYRmFsQNFxkvnDWrczt9zJkpJX5jphCy2Qe0bP
8iqzKKrE6ZeJIpeLsONGxJejddV3oYg5QWE95ceK/2Pf2Rpk22F7icMsGCWWN+Ol
y6pKp8Pc7MVVRtbciGns2l/zvSwO10Juo4tE1e5p9pOwNtKaDk5EdeTXLaXHeIUc
3y6a+cctY5WI6m9ad+UNg7zI3Xn/+CVlrPv5VBeipSPUAah/c4AAejqszLdCC7w1
ebphHbbw/pHcP9UGs+hi4VlJhiyJkMtMl5qIQj2s6TinRMtLPxbdu3yB2Ars1Naz
eNC+qE9gqJ4ihd1OhOB1GkhzzIz1ZAkPESyDAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUzOk0FJzOSMSnNcDdmC1irXuAF7IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3pPazBGSnpPU01Tbk5j
RGRtQzFpclh1QUY3SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACic/GpXNfBYphEp
IcWYziDOdy5nmm07jaEy7AZCCdNE2dcugVPvdN6FDpES1bisssiexdXZ42JcPcGm
B4++wC8bZB9F2keKkoXQU3Pvj9YV6rk0ooB40O0YcrBt05bWkB59OEPvEd1VezEe
mXJhOjYaf4RhD+5O/ASrgmqyKNWU9CK2fepy97nbZ1qSD9dLFo17nJ1RXu0oeOxe
keQSkCqMKfcPrfVi2bcxqIbRVtn3OoWVB4rVVJ+VsEAqbt6eu8dijsU6fdu3odP4
NjMROLYLO74WcNkp8IrOaScBxqn0C0mH8tXnDQLNkkIGjwcpFs4jWlZfYU/DnkAx
QxnKQmU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:57 2024 by rpki-client on console-fra.rpki-client.org