Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zZGoKUPsBH35IAIc_09bea3RrmE.roa
File: zZGoKUPsBH35IAIc_09bea3RrmE.roa (raw, json)
Hash identifier: ZrdbLiwKUeg3+wahr1RovMrtLU+ZQrXOxpgD5sG9ghE=
Subject key identifier: CD:91:A8:29:43:EC:04:7D:F9:20:02:1C:FF:4F:5B:79:AD:D1:AE:61
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D51
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zZGoKUPsBH35IAIc_09bea3RrmE.roa
Signing time: Wed 10 Apr 2024 08:22:40 +0000
ROA not before: Wed 10 Apr 2024 08:22:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15697 (0x3d51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 08:22:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CD91A82943EC047DF920021CFF4F5B79ADD1AE61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c9:dd:53:28:99:75:11:7d:d6:b7:bb:43:13:
c4:07:37:13:fb:2f:2b:af:80:06:c8:35:0e:4d:de:
58:2a:cb:78:f2:20:b0:cf:cd:88:da:c7:b7:e6:1f:
e6:bd:ad:25:76:0c:84:16:b8:34:18:fc:e9:b3:f1:
9d:f8:3d:49:d0:e0:5a:86:1e:e6:1a:04:9c:d0:96:
67:a1:df:af:7d:4d:22:64:18:48:e7:42:62:6d:ae:
54:7b:0f:d8:66:d5:7d:f7:49:d9:67:e4:f6:ae:de:
c5:f0:c2:2b:7b:52:96:cd:03:9a:0c:d5:2f:6f:86:
50:37:c4:9e:f2:a8:18:48:1a:de:94:75:32:f6:91:
7f:67:48:67:9c:e3:ff:05:18:64:7b:53:37:6b:1c:
b2:b7:99:36:ae:72:07:c6:bc:f0:53:59:07:c1:4f:
0a:58:80:df:4f:6d:d6:21:bc:e3:26:c7:3a:8c:7c:
21:11:d5:34:0a:9d:cd:96:1c:0f:03:d3:74:e6:32:
13:26:79:7c:9f:10:46:ae:36:4b:19:3e:67:55:f2:
2a:f9:92:d8:de:77:8a:ce:4e:45:06:2c:eb:d5:b1:
9c:58:74:39:3c:35:82:9e:d8:76:73:2c:89:dc:b6:
72:8e:c0:e1:7c:86:19:b9:95:5d:df:72:83:2c:e4:
6f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:91:A8:29:43:EC:04:7D:F9:20:02:1C:FF:4F:5B:79:AD:D1:AE:61
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zZGoKUPsBH35IAIc_09bea3RrmE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
38:f3:c3:5a:59:aa:c2:95:d0:bf:6d:dd:53:dd:6e:8d:08:4c:
97:17:b7:75:16:75:53:89:ca:e1:0a:d4:a6:37:d5:dd:2f:50:
e3:4c:93:c3:9e:69:37:00:a8:47:47:4f:c4:09:d4:a9:3f:b0:
71:10:7b:20:c9:a1:7b:64:cc:95:7d:8a:31:38:a4:26:35:bd:
d2:15:06:3b:4d:b3:c0:16:09:b6:e0:26:70:1f:9d:86:73:67:
51:2d:17:d8:ea:44:8a:a8:1a:6d:3d:f6:a7:97:2c:cc:33:db:
da:b2:16:22:04:62:e4:71:1d:53:28:d3:18:23:3e:31:6c:1d:
9e:cd:87:b8:bb:50:9e:6f:18:3d:1c:ff:bf:f8:b9:1b:67:74:
dd:47:99:6e:69:5d:73:cc:d7:ff:db:f6:1d:a4:c0:aa:aa:08:
e7:21:60:94:e4:8d:84:8f:0b:0e:c6:a4:b3:50:e3:4a:53:60:
a8:8b:86:4d:e3:54:44:e1:47:38:67:c1:f5:dc:80:3b:96:0c:
90:7c:d7:a8:c8:8e:9d:e7:a1:7f:e6:d1:51:5c:24:50:10:0b:
d8:9c:91:7b:e1:b0:20:6b:00:15:ec:8f:54:11:94:5b:55:bb:
f7:31:01:a7:ce:26:07:57:8d:80:95:0f:4f:74:35:ec:70:2a:
7d:47:ea:b9
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPVEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAw
ODIyNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENEOTFBODI5NDNFQzA0
N0RGOTIwMDIxQ0ZGNEY1Qjc5QUREMUFFNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDayd1TKJl1EX3Wt7tDE8QHNxP7LyuvgAbINQ5N3lgqy3jyILDP
zYjax7fmH+a9rSV2DIQWuDQY/Omz8Z34PUnQ4FqGHuYaBJzQlmeh3699TSJkGEjn
QmJtrlR7D9hm1X33Sdln5Pau3sXwwit7UpbNA5oM1S9vhlA3xJ7yqBhIGt6UdTL2
kX9nSGec4/8FGGR7UzdrHLK3mTaucgfGvPBTWQfBTwpYgN9PbdYhvOMmxzqMfCER
1TQKnc2WHA8D03TmMhMmeXyfEEauNksZPmdV8ir5ktjed4rOTkUGLOvVsZxYdDk8
NYKe2HZzLInctnKOwOF8hhm5lV3fcoMs5G+vAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUzZGoKUPsBH35IAIc/09bea3RrmEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3paR29LVVBzQkgzNUlB
SWNfMDliZWEzUnJtRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADjzw1pZqsKV0L9t
3VPdbo0ITJcXt3UWdVOJyuEK1KY31d0vUONMk8OeaTcAqEdHT8QJ1Kk/sHEQeyDJ
oXtkzJV9ijE4pCY1vdIVBjtNs8AWCbbgJnAfnYZzZ1EtF9jqRIqoGm099qeXLMwz
29qyFiIEYuRxHVMo0xgjPjFsHZ7Nh7i7UJ5vGD0c/7/4uRtndN1HmW5pXXPM1//b
9h2kwKqqCOchYJTkjYSPCw7GpLNQ40pTYKiLhk3jVEThRzhnwfXcgDuWDJB816jI
jp3noX/m0VFcJFAQC9ickXvhsCBrABXsj1QRlFtVu/cxAafOJgdXjYCVD090Nexw
Kn1H6rk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:57 2024 by rpki-client on console-fra.rpki-client.org