Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zhRfAW7eHU6ZDIM8yORIoKfEz3k.roa
File: zhRfAW7eHU6ZDIM8yORIoKfEz3k.roa (raw, json)
Hash identifier: GahostCm4KbzOAClsfaDyCWfnU8j3oPAkxchftSUJBA=
Subject key identifier: CE:14:5F:01:6E:DE:1D:4E:99:0C:83:3C:C8:E4:48:A0:A7:C4:CF:79
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53B9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zhRfAW7eHU6ZDIM8yORIoKfEz3k.roa
Signing time: Fri 10 May 2024 05:23:59 +0000
ROA not before: Fri 10 May 2024 05:23:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21433 (0x53b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 05:23:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CE145F016EDE1D4E990C833CC8E448A0A7C4CF79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:18:d1:e3:ca:b3:df:2e:02:e5:8d:9c:eb:22:
26:3d:5d:69:68:84:4a:6a:9e:e0:0f:d8:ed:c0:88:
b4:4b:e2:75:5a:5e:3f:c7:d7:1e:4f:97:60:20:0a:
0e:f8:d8:07:a4:2d:9a:a5:e5:05:3c:3d:7b:bc:e5:
5f:b6:2c:cb:07:92:67:9b:11:87:c8:81:80:95:30:
d3:fc:53:21:6a:43:46:0b:df:a2:4f:c1:f6:1f:0b:
d2:24:4c:cd:d5:c9:12:f3:34:21:a3:47:19:83:12:
a5:01:20:d5:54:f2:9b:da:81:33:87:c9:15:a3:5e:
46:5e:f8:46:3c:43:e3:32:24:26:7b:80:5b:e9:88:
70:b4:3b:7d:c7:7b:af:dc:1e:27:0a:8f:de:b5:0b:
4e:98:b0:56:55:d2:d1:48:40:a3:92:18:91:5f:df:
71:56:59:ad:4e:57:0a:18:fd:a5:51:2d:5e:8b:98:
39:49:53:47:44:42:b3:85:43:55:a2:c8:0d:ee:72:
7c:0f:7d:f5:89:47:bf:19:6c:48:5c:3f:93:fe:a4:
f7:90:35:99:1f:d8:e8:98:1c:44:43:0f:13:33:73:
82:fa:e8:b6:e0:72:2c:36:31:7a:8b:76:95:e6:bf:
72:55:ea:66:93:5f:10:02:e4:77:43:a4:b2:87:a1:
a6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:14:5F:01:6E:DE:1D:4E:99:0C:83:3C:C8:E4:48:A0:A7:C4:CF:79
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zhRfAW7eHU6ZDIM8yORIoKfEz3k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
56:e3:80:5e:58:9b:3f:50:cd:14:72:df:54:54:88:6d:e0:46:
60:81:90:80:34:25:2f:06:fa:ba:bc:9b:f2:b1:3b:a6:c1:c5:
f3:ed:3e:31:b2:32:c1:8a:d1:82:8a:54:fb:a7:29:f2:64:89:
76:7d:5e:86:ea:ff:df:fa:2e:01:37:9f:30:ae:5d:56:5d:27:
6f:fd:91:b3:60:85:e8:f9:0f:8c:f9:33:1f:0c:49:82:d0:ff:
b1:de:2b:c6:1e:e2:07:2d:bb:36:a0:7b:e3:d6:22:b1:ce:5f:
1c:b0:de:c6:d9:bb:5f:ab:d1:14:ab:93:a2:79:d5:d4:2a:62:
f1:1e:d6:64:cf:4a:e2:66:03:ed:d2:41:ff:14:ce:4e:7c:39:
30:b0:40:a3:bb:6d:b0:08:da:40:bc:12:27:a8:32:3e:dd:c6:
3d:fa:51:f6:c4:7e:e0:e0:2b:7c:2c:3e:f7:43:47:b4:ce:af:
54:34:21:8e:f3:b3:e2:30:94:54:b1:cc:ba:77:f6:11:74:20:
00:a5:ae:fe:37:21:04:41:ef:03:0e:d3:6f:2d:90:ca:1c:bb:
31:5e:94:fa:f7:81:5c:3d:12:12:66:29:da:ae:66:6e:05:ab:
6c:c6:bd:a9:9b:51:8f:80:ab:c1:bd:a6:ee:01:5f:45:5e:3e:
1c:91:5a:95
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICU7kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
NTIzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENFMTQ1RjAxNkVERTFE
NEU5OTBDODMzQ0M4RTQ0OEEwQTdDNENGNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+GNHjyrPfLgLljZzrIiY9XWlohEpqnuAP2O3AiLRL4nVaXj/H
1x5Pl2AgCg742AekLZql5QU8PXu85V+2LMsHkmebEYfIgYCVMNP8UyFqQ0YL36JP
wfYfC9IkTM3VyRLzNCGjRxmDEqUBINVU8pvagTOHyRWjXkZe+EY8Q+MyJCZ7gFvp
iHC0O33He6/cHicKj961C06YsFZV0tFIQKOSGJFf33FWWa1OVwoY/aVRLV6LmDlJ
U0dEQrOFQ1WiyA3ucnwPffWJR78ZbEhcP5P+pPeQNZkf2OiYHERDDxMzc4L66Lbg
ciw2MXqLdpXmv3JV6maTXxAC5HdDpLKHoaZZAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUzhRfAW7eHU6ZDIM8yORIoKfEz3kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3poUmZBVzdlSFU2WkRJ
TTh5T1JJb0tmRXozay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFbjgF5Ymz9QzRRy
31RUiG3gRmCBkIA0JS8G+rq8m/KxO6bBxfPtPjGyMsGK0YKKVPunKfJkiXZ9Xobq
/9/6LgE3nzCuXVZdJ2/9kbNghej5D4z5Mx8MSYLQ/7HeK8Ye4gctuzage+PWIrHO
Xxyw3sbZu1+r0RSrk6J51dQqYvEe1mTPSuJmA+3SQf8Uzk58OTCwQKO7bbAI2kC8
EieoMj7dxj36UfbEfuDgK3wsPvdDR7TOr1Q0IY7zs+IwlFSxzLp39hF0IAClrv43
IQRB7wMO028tkMocuzFelPr3gVw9EhJmKdquZm4Fq2zGvambUY+Aq8G9pu4BX0Ve
PhyRWpU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:57 2024 by rpki-client on console-fra.rpki-client.org