Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0xPApxLT4MAfWKVHSwA_3bZK_Y4.roa
File: 0xPApxLT4MAfWKVHSwA_3bZK_Y4.roa (raw, json)
Hash identifier: 534JLJqqLCBhb/qApx2pHpPTZ/3jej43gLf4yxZGhFc=
Subject key identifier: D3:13:C0:A7:12:D3:E0:C0:1F:58:A5:47:4B:00:3F:DD:B6:4A:FD:8E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 355D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0xPApxLT4MAfWKVHSwA_3bZK_Y4.roa
Signing time: Sat 30 Mar 2024 17:52:16 +0000
ROA not before: Sat 30 Mar 2024 17:52:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13661 (0x355d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 17:52:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D313C0A712D3E0C01F58A5474B003FDDB64AFD8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0e:02:15:de:50:23:4c:5a:b3:33:4d:c1:10:
e9:dc:7d:4d:56:08:81:cd:2e:ca:3d:5e:a0:53:a9:
b8:c6:2d:0a:97:b9:b5:a2:46:ba:35:24:09:f0:49:
71:66:e2:7b:af:0c:ae:f1:0c:ff:fe:d3:4b:82:cf:
5d:05:dd:21:7a:1e:e4:0f:ee:2e:21:0f:a1:07:7a:
e7:ef:31:b0:76:2c:67:20:b3:69:ac:9d:1a:b3:ec:
83:bc:47:43:65:35:20:ab:79:ec:e8:fd:5b:a3:24:
2a:89:65:57:50:a0:61:e8:67:e1:19:1f:6b:e6:1c:
11:b6:d4:33:a2:5f:11:72:c8:82:2a:31:8f:33:de:
0d:4e:b6:64:87:89:f6:22:c2:f7:94:e0:b5:c2:2e:
78:9a:d0:7d:0d:75:96:27:d8:44:0e:91:f0:b3:57:
2d:0a:e2:a5:7e:b4:81:fd:c9:ae:0c:5a:8d:7c:e9:
e5:4f:6e:43:91:27:42:27:91:6c:ef:e5:25:d1:c3:
40:ac:cb:60:0b:25:5c:07:a4:29:44:90:92:e3:47:
a1:5d:5a:97:87:08:03:a1:99:c9:9b:e4:80:34:32:
f1:fe:0c:7d:ef:c7:84:12:d1:b0:50:4a:ab:bb:63:
d4:9f:60:75:a8:98:d7:2a:a0:9b:cc:d5:74:f9:95:
0f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:13:C0:A7:12:D3:E0:C0:1F:58:A5:47:4B:00:3F:DD:B6:4A:FD:8E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0xPApxLT4MAfWKVHSwA_3bZK_Y4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
1a:8d:40:cd:ea:f9:d3:fd:c3:12:c0:f3:2e:7a:99:8c:4a:f8:
68:b3:b4:01:25:5a:93:15:b2:f3:27:65:a4:77:f2:48:c3:8b:
71:6e:8d:aa:21:90:ea:22:cb:79:e4:76:0d:c7:6f:c9:5c:f0:
3d:4a:96:d7:6c:38:f7:13:6a:c7:76:b7:09:49:36:2c:11:02:
e1:cb:9e:44:3f:0e:20:b2:0a:6c:cb:26:2f:e2:f8:a3:82:50:
d8:17:51:4a:f6:a3:a0:56:41:c0:8f:b7:b0:42:0c:52:60:ca:
6d:50:99:33:2a:60:42:78:c0:d2:36:a3:2d:97:3a:e7:b2:79:
25:ca:fd:5a:58:46:05:87:66:2f:33:0a:ce:4e:58:7b:31:61:
84:ae:ab:bc:5c:1c:46:68:15:bf:11:c1:be:51:06:3f:4e:18:
ff:d2:36:e0:da:a4:06:72:b7:90:96:02:27:c6:b1:75:e9:99:
a5:44:8d:42:81:46:7a:80:d4:f2:9c:c7:07:b9:93:ed:3f:fd:
31:42:58:11:0b:23:e8:a3:b4:0a:c7:4e:73:19:ff:a4:84:cf:
df:37:91:b9:dc:9a:3a:1d:b1:e9:ce:6f:75:4b:7d:01:89:a7:
4e:a3:17:26:6b:c1:0c:38:22:01:a4:fe:7f:bb:5c:a1:c8:41:
b8:cd:71:26
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
NzUyMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQzMTNDMEE3MTJEM0Uw
QzAxRjU4QTU0NzRCMDAzRkREQjY0QUZEOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClDgIV3lAjTFqzM03BEOncfU1WCIHNLso9XqBTqbjGLQqXubWi
Rro1JAnwSXFm4nuvDK7xDP/+00uCz10F3SF6HuQP7i4hD6EHeufvMbB2LGcgs2ms
nRqz7IO8R0NlNSCreezo/VujJCqJZVdQoGHoZ+EZH2vmHBG21DOiXxFyyIIqMY8z
3g1OtmSHifYiwveU4LXCLnia0H0NdZYn2EQOkfCzVy0K4qV+tIH9ya4MWo186eVP
bkORJ0InkWzv5SXRw0Csy2ALJVwHpClEkJLjR6FdWpeHCAOhmcmb5IA0MvH+DH3v
x4QS0bBQSqu7Y9SfYHWomNcqoJvM1XT5lQ9DAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU0xPApxLT4MAfWKVHSwA/3bZK/Y4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzB4UEFweExUNE1BZldL
VkhTd0FfM2JaS19ZNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABqNQM3q+dP9wxLA
8y56mYxK+GiztAElWpMVsvMnZaR38kjDi3FujaohkOoiy3nkdg3Hb8lc8D1Kltds
OPcTasd2twlJNiwRAuHLnkQ/DiCyCmzLJi/i+KOCUNgXUUr2o6BWQcCPt7BCDFJg
ym1QmTMqYEJ4wNI2oy2XOueyeSXK/VpYRgWHZi8zCs5OWHsxYYSuq7xcHEZoFb8R
wb5RBj9OGP/SNuDapAZyt5CWAifGsXXpmaVEjUKBRnqA1PKcxwe5k+0//TFCWBEL
I+ijtArHTnMZ/6SEz983kbncmjodsenOb3VLfQGJp06jFyZrwQw4IgGk/n+7XKHI
QbjNcSY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:14:46 2025 by rpki-client