Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3D2Pz4Z4ZaU1LM8j7EcA4G8H8H4.roa
File: 3D2Pz4Z4ZaU1LM8j7EcA4G8H8H4.roa (raw, json)
Hash identifier: T5TQgi5J6Zg8hSzJbrEko2m6c9rWNn+mOaRfOURHYIc=
Subject key identifier: DC:3D:8F:CF:86:78:65:A5:35:2C:CF:23:EC:47:00:E0:6F:07:F0:7E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 513D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3D2Pz4Z4ZaU1LM8j7EcA4G8H8H4.roa
Signing time: Mon 06 May 2024 21:53:52 +0000
ROA not before: Mon 06 May 2024 21:53:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20797 (0x513d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 6 21:53:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DC3D8FCF867865A5352CCF23EC4700E06F07F07E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d8:e1:c8:65:b3:9c:df:71:57:8e:ef:79:c0:
0b:36:58:62:c9:e5:0b:a0:51:64:87:d9:02:73:76:
d8:7a:94:88:2a:55:7f:ca:c9:9a:02:89:5e:42:61:
7e:f5:1f:3b:b4:7a:f4:ce:03:07:7c:3c:51:4e:7f:
e3:73:b0:f3:22:67:9f:50:28:df:fd:a5:86:77:8c:
b9:d0:58:00:07:b7:ab:71:70:23:02:59:b2:7c:bd:
69:a9:62:06:41:29:af:6c:c9:2e:74:c9:86:2d:c9:
37:b4:e5:0d:19:73:89:ef:9c:77:0c:4c:5e:44:ed:
fb:32:6c:67:89:87:de:eb:80:2f:c9:b2:b4:2f:37:
cb:0c:2b:c7:ac:13:19:ba:c8:5c:2c:e8:e5:0f:a8:
2d:9b:f9:73:17:1b:3e:f8:be:49:c3:78:9d:12:93:
ce:dd:7b:c4:69:d7:69:11:b3:67:e6:c7:b0:ea:11:
b3:34:4a:53:33:65:45:75:16:a6:02:8a:5d:59:0c:
3f:15:8e:a5:52:3a:55:a6:ae:66:99:91:da:3c:80:
9c:51:7d:1f:43:b0:d5:87:39:ce:9d:f1:e5:31:e8:
c2:18:7e:14:47:80:ab:7f:67:72:db:35:c3:30:e3:
17:4c:44:76:e7:f5:76:0b:ae:39:1f:31:cf:4b:bb:
85:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:3D:8F:CF:86:78:65:A5:35:2C:CF:23:EC:47:00:E0:6F:07:F0:7E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3D2Pz4Z4ZaU1LM8j7EcA4G8H8H4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4f:93:68:a0:18:e6:9f:28:2f:39:6c:c5:5d:51:23:bf:14:5b:
df:d2:d9:d3:55:2a:03:3b:de:df:cc:6c:6b:10:67:ec:9a:58:
69:a4:7a:53:de:e6:7d:cf:10:8b:fe:b3:47:c1:fa:be:40:84:
42:df:bc:79:7e:fe:fd:90:5f:c8:2d:23:4a:30:b9:37:66:64:
13:9b:ac:99:93:7c:85:9a:24:59:f6:91:ce:48:52:bd:83:1c:
73:7a:db:06:2a:fb:9c:3d:c2:db:a0:87:62:a1:e5:4b:67:f6:
bc:e7:b0:4e:6a:b9:9f:11:85:c7:16:81:8d:76:ad:77:4f:66:
a8:e0:86:3f:74:42:c3:9f:40:a2:b5:f6:55:c3:94:61:74:fc:
8d:53:bd:6e:2c:ca:23:d6:96:81:0a:e9:eb:b3:fd:83:1f:46:
ea:e2:3c:28:74:01:d1:16:9b:a7:d4:ff:e1:bd:c8:d7:ef:63:
70:ea:75:11:58:14:09:8e:25:5a:36:9c:eb:a0:8e:d5:02:56:
5a:d8:76:9e:9e:08:13:f3:85:ae:51:45:55:d9:28:3b:20:b9:
12:18:c2:f5:a6:4a:a6:4f:8c:6f:65:7b:00:c4:dd:b7:b2:61:
7d:f6:46:f9:c8:26:fd:11:68:6a:dc:41:8d:91:4f:fb:58:07:
76:3c:e9:b6
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUT0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYy
MTUzNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERDM0Q4RkNGODY3ODY1
QTUzNTJDQ0YyM0VDNDcwMEUwNkYwN0YwN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCW2OHIZbOc33FXju95wAs2WGLJ5QugUWSH2QJzdth6lIgqVX/K
yZoCiV5CYX71Hzu0evTOAwd8PFFOf+NzsPMiZ59QKN/9pYZ3jLnQWAAHt6txcCMC
WbJ8vWmpYgZBKa9syS50yYYtyTe05Q0Zc4nvnHcMTF5E7fsybGeJh97rgC/JsrQv
N8sMK8esExm6yFws6OUPqC2b+XMXGz74vknDeJ0Sk87de8Rp12kRs2fmx7DqEbM0
SlMzZUV1FqYCil1ZDD8VjqVSOlWmrmaZkdo8gJxRfR9DsNWHOc6d8eUx6MIYfhRH
gKt/Z3LbNcMw4xdMRHbn9XYLrjkfMc9Lu4XrAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU3D2Pz4Z4ZaU1LM8j7EcA4G8H8H4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNEMlB6NFo0WmFVMUxN
OGo3RWNBNEc4SDhINC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAE+TaKAY5p8oLzls
xV1RI78UW9/S2dNVKgM73t/MbGsQZ+yaWGmkelPe5n3PEIv+s0fB+r5AhELfvHl+
/v2QX8gtI0owuTdmZBObrJmTfIWaJFn2kc5IUr2DHHN62wYq+5w9wtugh2Kh5Utn
9rznsE5quZ8RhccWgY12rXdPZqjghj90QsOfQKK19lXDlGF0/I1TvW4syiPWloEK
6euz/YMfRuriPCh0AdEWm6fU/+G9yNfvY3DqdRFYFAmOJVo2nOugjtUCVlrYdp6e
CBPzha5RRVXZKDsguRIYwvWmSqZPjG9lewDE3beyYX32RvnIJv0RaGrcQY2RT/tY
B3Y86bY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:57 2025 by rpki-client