Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/1Omqb6rG4B8C5hYiDZE8PW8PpZw.roa
File: 1Omqb6rG4B8C5hYiDZE8PW8PpZw.roa (raw, json)
Hash identifier: AZgkSTRV+EiNeMMINAJEhkBaA5Xdz5YJAXmXzpwOwDQ=
Subject key identifier: D4:E9:AA:6F:AA:C6:E0:1F:02:E6:16:22:0D:91:3C:3D:6F:0F:A5:9C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53D1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1Omqb6rG4B8C5hYiDZE8PW8PpZw.roa
Signing time: Fri 10 May 2024 08:24:00 +0000
ROA not before: Fri 10 May 2024 08:24:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21457 (0x53d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 08:24:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D4E9AA6FAAC6E01F02E616220D913C3D6F0FA59C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e4:76:21:1b:bf:56:67:65:69:66:9b:4e:8f:
3e:9a:b5:26:ab:c9:84:9d:b8:e7:88:fc:e1:a1:5d:
fb:c9:62:43:d0:89:6d:10:47:38:5e:ac:6f:a2:ea:
09:d8:da:00:04:5e:1d:84:d6:ec:c0:f0:a6:06:c9:
0e:38:4a:e5:cd:dd:1d:16:2f:f0:26:2b:ad:78:f4:
86:d0:3a:ff:c0:64:af:ff:b9:44:e9:8f:01:da:1c:
9a:d1:26:e2:78:d5:5a:52:65:36:a5:d1:34:28:eb:
e1:f3:8e:2a:37:ca:a2:1c:ef:77:22:d3:d7:ea:27:
12:c6:e6:e4:ee:20:18:b3:a2:d8:64:8e:76:24:69:
dd:97:56:e0:f5:87:31:47:fc:26:09:24:e6:e1:d4:
1e:b6:9e:0d:25:94:a1:15:69:1e:43:8f:41:1f:b9:
82:75:aa:7a:5e:0b:bb:7a:e1:4f:41:b3:fc:6f:1a:
7c:0b:81:d1:64:28:f5:71:6f:52:a6:17:43:15:de:
5b:05:bd:56:bd:08:fe:91:b2:db:f3:ce:df:8b:96:
c0:dc:5d:51:74:28:fd:64:87:34:ab:c5:c8:f3:d2:
d1:b6:62:4a:52:8c:b2:b7:09:f1:21:fe:d4:e4:93:
7f:1b:fb:42:de:d6:bb:c4:3c:6e:4b:7d:0b:03:08:
4a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E9:AA:6F:AA:C6:E0:1F:02:E6:16:22:0D:91:3C:3D:6F:0F:A5:9C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1Omqb6rG4B8C5hYiDZE8PW8PpZw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2b:8a:55:e3:88:02:b3:4f:29:e5:19:9a:79:c7:17:fe:8c:40:
13:ae:2b:a1:8e:4d:ca:35:2e:95:a3:16:aa:e1:98:bd:05:9e:
b6:2e:be:39:ac:50:45:c5:ca:ca:1f:f5:78:fd:dd:46:69:3f:
27:f4:aa:fd:de:58:d7:ba:1c:33:27:9a:19:bb:d9:87:e7:82:
ca:b4:1e:c0:32:1c:66:98:a7:62:ed:7c:56:3c:9c:22:1f:11:
be:c9:6c:a2:d0:e7:83:e3:3e:06:14:2e:3f:92:74:72:33:59:
6e:37:8a:55:91:f0:d5:08:df:e7:0b:8e:61:70:ef:49:b7:03:
f9:32:24:8a:80:63:8b:c3:f7:a5:55:11:bd:10:77:3f:2e:8d:
09:53:51:c5:7d:59:61:46:bf:d3:40:eb:d2:bd:0b:b6:74:50:
c2:b0:55:39:29:08:5e:f5:84:4d:d9:84:f0:99:d5:5c:b9:96:
77:12:2c:23:f7:76:4e:82:a4:0e:c4:ca:0a:ce:07:c0:ea:1d:
16:07:6e:1b:f1:d7:e8:c2:22:5b:90:00:f0:98:47:89:de:e5:
30:6c:70:77:13:b7:26:61:3f:04:08:2a:54:c9:e8:d0:65:90:
e2:95:b7:c6:31:44:f6:bf:07:fc:b2:e3:93:9e:10:29:8d:ec:
af:e0:31:e2
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICU9EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
ODI0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ0RTlBQTZGQUFDNkUw
MUYwMkU2MTYyMjBEOTEzQzNENkYwRkE1OUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDR5HYhG79WZ2VpZptOjz6atSaryYSduOeI/OGhXfvJYkPQiW0Q
RzherG+i6gnY2gAEXh2E1uzA8KYGyQ44SuXN3R0WL/AmK6149IbQOv/AZK//uUTp
jwHaHJrRJuJ41VpSZTal0TQo6+Hzjio3yqIc73ci09fqJxLG5uTuIBizothkjnYk
ad2XVuD1hzFH/CYJJObh1B62ng0llKEVaR5Dj0EfuYJ1qnpeC7t64U9Bs/xvGnwL
gdFkKPVxb1KmF0MV3lsFvVa9CP6Rstvzzt+LlsDcXVF0KP1khzSrxcjz0tG2YkpS
jLK3CfEh/tTkk38b+0Le1rvEPG5LfQsDCEqzAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU1Omqb6rG4B8C5hYiDZE8PW8PpZwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzFPbXFiNnJHNEI4QzVo
WWlEWkU4UFc4UHBady5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACuKVeOIArNPKeUZ
mnnHF/6MQBOuK6GOTco1LpWjFqrhmL0FnrYuvjmsUEXFysof9Xj93UZpPyf0qv3e
WNe6HDMnmhm72Yfngsq0HsAyHGaYp2LtfFY8nCIfEb7JbKLQ54PjPgYULj+SdHIz
WW43ilWR8NUI3+cLjmFw70m3A/kyJIqAY4vD96VVEb0Qdz8ujQlTUcV9WWFGv9NA
69K9C7Z0UMKwVTkpCF71hE3ZhPCZ1Vy5lncSLCP3dk6CpA7EygrOB8DqHRYHbhvx
1+jCIluQAPCYR4ne5TBscHcTtyZhPwQIKlTJ6NBlkOKVt8YxRPa/B/yy45OeECmN
7K/gMeI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:56:08 2025 by rpki-client