Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zW2FzJBEOGQ5GqxOmAsO-Vrs4wQ.roa
File: zW2FzJBEOGQ5GqxOmAsO-Vrs4wQ.roa (raw, json)
Hash identifier: /NVRHhvH/gVF1kYZKTa8VmXYCkarH1NgRAs1UxAfJJE=
Subject key identifier: CD:6D:85:CC:90:44:38:64:39:1A:AC:4E:98:0B:0E:F9:5A:EC:E3:04
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3145
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zW2FzJBEOGQ5GqxOmAsO-Vrs4wQ.roa
Signing time: Sat 03 Feb 2024 02:49:42 +0000
ROA not before: Sat 03 Feb 2024 02:49:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12613 (0x3145)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Feb 3 02:49:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CD6D85CC90443864391AAC4E980B0EF95AECE304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:81:c0:4e:23:14:ec:dd:d7:22:7d:1b:c8:59:
2e:69:d6:e3:90:b9:f8:0f:be:f1:07:e6:1e:8f:74:
b4:9c:b7:e2:2f:17:79:55:00:45:b3:80:74:34:b1:
08:36:33:62:fd:1f:f8:75:2f:34:25:9f:db:d9:e2:
32:3d:43:c1:43:b0:41:21:c5:5d:f8:9f:94:fd:bd:
76:94:45:9f:3d:cd:3e:7d:91:a7:70:cc:67:24:d2:
07:b1:22:b4:39:fe:b0:6f:81:b7:89:a9:78:b1:69:
aa:32:ed:a3:a4:92:89:d8:be:2a:7e:8e:7a:fc:7f:
e8:f3:8c:6a:ac:f7:20:ac:d0:2d:a9:0d:41:2a:63:
85:52:c0:db:2a:f1:68:00:ed:1a:52:03:a7:46:d6:
c2:bd:92:f0:1b:6f:d9:f5:0e:2b:33:7a:29:0b:01:
6f:08:bf:ff:c2:bf:81:2e:4d:4f:82:da:5f:d2:41:
de:52:aa:c0:5f:6d:c8:31:5b:90:3e:6d:00:db:7f:
df:5c:cd:b9:9d:d8:a6:4e:ab:af:0a:a5:c8:e6:3f:
ac:b1:18:47:29:37:9c:61:bc:68:bc:fa:74:0c:ee:
ed:7b:33:82:f4:e6:42:43:60:02:4d:a6:0d:08:31:
02:dd:12:33:c6:2f:e4:4e:63:c0:15:30:91:b0:ab:
8c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:6D:85:CC:90:44:38:64:39:1A:AC:4E:98:0B:0E:F9:5A:EC:E3:04
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zW2FzJBEOGQ5GqxOmAsO-Vrs4wQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
21:cf:f0:c9:89:48:b5:d4:e5:e9:04:2a:ef:5f:9a:fc:bf:70:
a5:81:6c:7b:f2:5a:e8:8f:6b:66:8b:7a:4a:f0:0b:c9:58:4c:
9a:34:73:2d:23:97:55:90:c9:f8:5b:ec:0f:34:f3:b6:71:f3:
e4:c7:7f:c7:0e:00:6f:43:3f:c3:f3:b4:41:de:6c:6f:b6:44:
24:c9:b0:1a:d8:0d:6e:6c:33:1d:fc:00:d4:6f:a4:40:fd:07:
dc:70:65:02:94:2c:10:4c:f4:b0:63:3e:1b:54:e7:14:22:69:
d1:cb:ed:a9:97:45:85:35:95:4d:49:1b:ee:89:69:06:7a:2a:
f3:ad:e8:6d:4a:ef:05:b9:16:24:e9:17:16:e4:21:b8:86:3d:
26:ee:70:66:10:66:5e:10:46:c1:8e:3f:c1:43:fd:a1:4b:d1:
53:04:e5:6b:e6:ac:31:98:76:f9:78:3b:6d:ac:65:84:72:fe:
9d:ad:9b:c8:28:14:77:06:b7:07:e7:5c:75:dd:05:06:32:10:
9d:5e:d9:f5:5b:cf:51:e4:97:a3:cd:2f:c1:64:fb:ba:b8:42:
82:b4:79:16:46:98:0d:6e:20:9a:15:de:5a:62:b6:0b:1f:27:
66:64:a6:e1:46:d4:54:32:92:42:6a:a8:05:c7:97:9a:8b:2f:
4f:a6:b8:49
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICMUUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAyMDMw
MjQ5NDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENENkQ4NUNDOTA0NDM4
NjQzOTFBQUM0RTk4MEIwRUY5NUFFQ0UzMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrgcBOIxTs3dcifRvIWS5p1uOQufgPvvEH5h6PdLSct+IvF3lV
AEWzgHQ0sQg2M2L9H/h1LzQln9vZ4jI9Q8FDsEEhxV34n5T9vXaURZ89zT59kadw
zGck0gexIrQ5/rBvgbeJqXixaaoy7aOkkonYvip+jnr8f+jzjGqs9yCs0C2pDUEq
Y4VSwNsq8WgA7RpSA6dG1sK9kvAbb9n1DiszeikLAW8Iv//Cv4EuTU+C2l/SQd5S
qsBfbcgxW5A+bQDbf99czbmd2KZOq68KpcjmP6yxGEcpN5xhvGi8+nQM7u17M4L0
5kJDYAJNpg0IMQLdEjPGL+ROY8AVMJGwq4zRAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUzW2FzJBEOGQ5GqxOmAsO+Vrs4wQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3pXMkZ6SkJFT0dRNUdx
eE9tQXNPLVZyczR3US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACHP8MmJSLXU5ekE
Ku9fmvy/cKWBbHvyWuiPa2aLekrwC8lYTJo0cy0jl1WQyfhb7A8087Zx8+THf8cO
AG9DP8PztEHebG+2RCTJsBrYDW5sMx38ANRvpED9B9xwZQKULBBM9LBjPhtU5xQi
adHL7amXRYU1lU1JG+6JaQZ6KvOt6G1K7wW5FiTpFxbkIbiGPSbucGYQZl4QRsGO
P8FD/aFL0VME5WvmrDGYdvl4O22sZYRy/p2tm8goFHcGtwfnXHXdBQYyEJ1e2fVb
z1Hkl6PNL8Fk+7q4QoK0eRZGmA1uIJoV3lpitgsfJ2ZkpuFG1FQykkJqqAXHl5qL
L0+muEk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:57 2024 by rpki-client on console-fra.rpki-client.org