Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/z_UndKEVo8HGh1SNjR7-KgsMjnQ.roa
File: z_UndKEVo8HGh1SNjR7-KgsMjnQ.roa (raw, json)
Hash identifier: B3E3xp+REMjahSq5gf9RhMT8XDxzHwwAa1BJG4Wqfsg=
Subject key identifier: CF:F5:27:74:A1:15:A3:C1:C6:87:54:8D:8D:1E:FE:2A:0B:0C:8E:74
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43CD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/z_UndKEVo8HGh1SNjR7-KgsMjnQ.roa
Signing time: Thu 18 Apr 2024 23:52:59 +0000
ROA not before: Thu 18 Apr 2024 23:52:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17357 (0x43cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 23:52:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CFF52774A115A3C1C687548D8D1EFE2A0B0C8E74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b2:69:25:41:d8:b9:fa:16:1e:e8:b7:08:91:
c0:03:95:4b:2b:5b:17:c5:1f:bd:8b:eb:2c:c1:78:
49:a2:b5:e5:22:bb:9c:21:e1:8b:9c:a6:1f:9d:cd:
64:cc:fc:d5:54:94:96:3f:39:5a:d6:57:2f:90:42:
00:00:9c:ef:d7:05:95:22:03:3b:9d:00:98:0b:0b:
c1:b7:74:2d:2b:a4:73:28:08:ee:5a:d4:11:81:00:
68:6e:0a:57:24:44:7c:1e:42:d8:d5:49:7f:e7:47:
c1:8a:89:73:75:80:1c:87:3c:5b:d1:99:a3:51:94:
5d:fd:85:c5:3f:5e:3a:6b:57:20:7e:8d:4c:b8:9c:
a1:fc:64:a3:a2:1e:a2:f3:f7:34:17:73:1a:ce:c2:
0c:b2:a2:d9:73:74:e8:0c:c9:1b:47:8a:3a:99:e5:
0b:97:70:02:5e:7f:b7:82:48:89:84:48:79:e7:b8:
ee:32:88:ff:ac:83:ab:f2:a2:33:3a:cb:a3:4d:2d:
c0:43:9d:fb:92:58:1b:e8:78:9a:5d:6d:d9:2e:ff:
f9:39:5d:43:76:e6:b2:15:26:24:72:4b:4a:4e:74:
b8:a6:ea:8b:77:1c:b8:e8:56:9a:c5:55:00:64:07:
ba:88:2a:ec:5a:38:eb:91:db:dd:76:14:12:77:0b:
a7:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F5:27:74:A1:15:A3:C1:C6:87:54:8D:8D:1E:FE:2A:0B:0C:8E:74
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/z_UndKEVo8HGh1SNjR7-KgsMjnQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2f:7d:01:cd:0e:f0:d9:c0:e9:67:b5:0a:a9:a4:a5:26:f1:31:
50:50:b9:dc:e6:29:27:69:79:49:9b:18:78:f5:95:6b:d0:a1:
72:ce:16:1f:b4:08:72:73:04:6c:bb:aa:90:2e:05:43:da:c9:
5d:78:8f:11:5f:0d:2f:79:09:2d:8b:59:10:29:0d:3a:b1:30:
95:df:0b:0a:1a:ee:3f:44:08:c4:b3:34:6d:94:2d:90:20:ff:
8b:f7:29:26:06:29:17:15:47:89:5d:6f:50:42:30:d5:20:68:
9c:70:e7:a6:69:f5:00:cb:37:30:af:be:81:c3:ed:e7:1e:ff:
be:b9:34:68:94:68:c9:89:46:1f:42:92:7b:d3:c7:65:64:33:
95:ad:d7:19:2f:75:a8:45:32:5e:58:2b:01:a0:5d:4e:5f:7a:
0c:40:39:34:34:bf:ca:a0:89:b8:38:68:55:94:52:d7:61:94:
f8:9d:96:0b:6e:ad:80:f9:b5:01:64:a4:62:6c:2e:b6:31:65:
28:22:24:73:50:ec:3e:8e:4f:4d:63:0a:ed:ba:bc:50:4d:45:
be:fc:a4:fc:34:19:03:31:fd:51:1e:7e:1f:1f:9f:51:01:00:
10:6f:1f:69:2c:eb:56:6b:7a:2a:6d:13:04:86:78:d9:36:00:
5d:fa:a3:81
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQ80wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgy
MzUyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENGRjUyNzc0QTExNUEz
QzFDNjg3NTQ4RDhEMUVGRTJBMEIwQzhFNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCusmklQdi5+hYe6LcIkcADlUsrWxfFH72L6yzBeEmiteUiu5wh
4Yucph+dzWTM/NVUlJY/OVrWVy+QQgAAnO/XBZUiAzudAJgLC8G3dC0rpHMoCO5a
1BGBAGhuClckRHweQtjVSX/nR8GKiXN1gByHPFvRmaNRlF39hcU/XjprVyB+jUy4
nKH8ZKOiHqLz9zQXcxrOwgyyotlzdOgMyRtHijqZ5QuXcAJef7eCSImESHnnuO4y
iP+sg6vyojM6y6NNLcBDnfuSWBvoeJpdbdku//k5XUN25rIVJiRyS0pOdLim6ot3
HLjoVprFVQBkB7qIKuxaOOuR2912FBJ3C6efAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUz/UndKEVo8HGh1SNjR7+KgsMjnQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3pfVW5kS0VWbzhIR2gx
U05qUjctS2dzTWpuUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAC99Ac0O8NnA6We1
CqmkpSbxMVBQudzmKSdpeUmbGHj1lWvQoXLOFh+0CHJzBGy7qpAuBUPayV14jxFf
DS95CS2LWRApDTqxMJXfCwoa7j9ECMSzNG2ULZAg/4v3KSYGKRcVR4ldb1BCMNUg
aJxw56Zp9QDLNzCvvoHD7ece/765NGiUaMmJRh9CknvTx2VkM5Wt1xkvdahFMl5Y
KwGgXU5fegxAOTQ0v8qgibg4aFWUUtdhlPidlgturYD5tQFkpGJsLrYxZSgiJHNQ
7D6OT01jCu26vFBNRb78pPw0GQMx/VEefh8fn1EBABBvH2ks61ZreiptEwSGeNk2
AF36o4E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:57 2024 by rpki-client on console-fra.rpki-client.org