Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3qxb51LKJ9iAY0ntVUo-Uot5cXk.roa
File: 3qxb51LKJ9iAY0ntVUo-Uot5cXk.roa (raw, json)
Hash identifier: b3vuKi399SdLX+D/pVKDzMnAcWBILbj7M7E691Wdx2A=
Subject key identifier: DE:AC:5B:E7:52:CA:27:D8:80:63:49:ED:55:4A:3E:52:8B:79:71:79
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C41
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3qxb51LKJ9iAY0ntVUo-Uot5cXk.roa
Signing time: Mon 08 Apr 2024 22:22:36 +0000
ROA not before: Mon 08 Apr 2024 22:22:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15425 (0x3c41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 22:22:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DEAC5BE752CA27D8806349ED554A3E528B797179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e2:13:5d:29:60:45:d7:0d:78:d2:fb:15:5d:
c4:37:db:78:a6:2c:71:79:7c:05:da:2b:e3:72:26:
6e:88:0a:a1:25:f2:f0:8a:f7:26:cb:68:3e:09:8b:
eb:b7:7b:7a:40:93:01:2f:a7:bf:6f:af:f0:3c:e8:
a9:7e:98:82:71:ab:2f:9f:9b:55:25:8a:94:cc:02:
e1:dc:6e:6a:35:0e:2f:8a:62:9b:6d:3b:3e:3b:75:
0a:b4:2b:10:5b:e8:8f:44:e1:d2:51:7d:86:15:3f:
80:3e:16:c6:00:57:f8:8e:32:8e:e9:d6:db:21:c6:
e1:b1:b0:eb:ea:31:0c:51:42:db:e2:a5:6c:70:69:
ae:54:d9:42:2f:ac:e5:c8:62:88:37:99:8f:e8:c3:
5a:79:6f:68:77:e7:e3:e0:5e:ea:97:16:60:2a:bf:
bf:8e:cc:c6:bc:54:f8:dd:ca:4c:fd:4e:5f:cc:f7:
ca:94:f2:2f:4a:ee:9e:de:0f:2d:c7:76:c1:3a:1b:
ff:01:16:ca:cf:37:d7:07:2c:6b:26:8b:35:25:4f:
17:62:28:28:84:95:40:44:e1:be:9f:b0:3c:cd:d2:
ce:d4:b8:c7:b6:0f:e5:8e:b1:68:34:9b:9c:b0:d1:
0a:a5:f8:ee:95:21:3a:56:eb:32:25:d1:e8:21:62:
85:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:AC:5B:E7:52:CA:27:D8:80:63:49:ED:55:4A:3E:52:8B:79:71:79
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3qxb51LKJ9iAY0ntVUo-Uot5cXk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a2:f8:bc:b4:23:16:b7:c3:9a:79:b7:d6:13:28:31:31:fe:db:
ea:69:fb:ca:44:9a:8a:de:3d:c6:e5:32:cf:b2:25:6c:87:06:
85:80:22:f3:2c:49:b5:69:bf:de:20:04:54:ee:95:a2:4a:13:
23:23:49:4e:4a:c5:05:d3:63:7b:ae:92:5a:a8:9a:53:c6:95:
9c:a6:f3:fb:e2:7a:35:d9:57:04:8e:b8:c1:08:b1:c0:8e:89:
c5:d5:18:42:a5:06:ea:81:08:31:d4:8b:34:a1:20:58:78:b6:
15:a4:fd:5d:f7:7d:b7:ed:68:c3:3a:3d:a8:d4:a4:6a:3a:a0:
e2:74:6b:30:1d:66:54:6e:ed:fb:bb:53:46:c8:fa:f6:44:25:
fa:a3:8f:a1:a5:b1:9e:29:d4:b5:a7:6e:b9:50:85:be:41:0f:
46:37:c3:aa:b3:f3:27:78:8e:2f:6a:53:c7:d7:69:a9:3c:5d:
2f:5a:41:88:22:eb:55:26:c4:46:7d:14:29:16:9a:74:ac:4d:
14:44:a7:39:67:3c:7d:93:c9:af:81:9d:47:12:3b:ca:a2:c2:
d7:36:39:27:43:c4:88:d6:ae:52:e7:9b:d9:78:e4:e7:e0:b7:
58:f4:ab:a3:73:30:ba:a2:7b:3d:3f:5b:fd:ff:7b:b2:72:be:
82:07:5e:ba
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPEEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgy
MjIyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERFQUM1QkU3NTJDQTI3
RDg4MDYzNDlFRDU1NEEzRTUyOEI3OTcxNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDW4hNdKWBF1w140vsVXcQ323imLHF5fAXaK+NyJm6ICqEl8vCK
9ybLaD4Ji+u3e3pAkwEvp79vr/A86Kl+mIJxqy+fm1UlipTMAuHcbmo1Di+KYptt
Oz47dQq0KxBb6I9E4dJRfYYVP4A+FsYAV/iOMo7p1tshxuGxsOvqMQxRQtvipWxw
aa5U2UIvrOXIYog3mY/ow1p5b2h35+PgXuqXFmAqv7+OzMa8VPjdykz9Tl/M98qU
8i9K7p7eDy3HdsE6G/8BFsrPN9cHLGsmizUlTxdiKCiElUBE4b6fsDzN0s7UuMe2
D+WOsWg0m5yw0Qql+O6VITpW6zIl0eghYoVVAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU3qxb51LKJ9iAY0ntVUo+Uot5cXkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNxeGI1MUxLSjlpQVkw
bnRWVW8tVW90NWNYay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKL4vLQjFrfDmnm3
1hMoMTH+2+pp+8pEmorePcblMs+yJWyHBoWAIvMsSbVpv94gBFTulaJKEyMjSU5K
xQXTY3uuklqomlPGlZym8/viejXZVwSOuMEIscCOicXVGEKlBuqBCDHUizShIFh4
thWk/V33fbftaMM6PajUpGo6oOJ0azAdZlRu7fu7U0bI+vZEJfqjj6GlsZ4p1LWn
brlQhb5BD0Y3w6qz8yd4ji9qU8fXaak8XS9aQYgi61UmxEZ9FCkWmnSsTRREpzln
PH2Tya+BnUcSO8qiwtc2OSdDxIjWrlLnm9l45Ofgt1j0q6NzMLqiez0/W/3/e7Jy
voIHXro=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:55 2025 by rpki-client