Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3sJvAF5uulejCYiCk-dG1dVFeD8.roa
File: 3sJvAF5uulejCYiCk-dG1dVFeD8.roa (raw, json)
Hash identifier: nqvUQCV6q9K/Ky8t5SnP/Ho44JxTH/XB8oStBzXtjOg=
Subject key identifier: DE:C2:6F:00:5E:6E:BA:57:A3:09:88:82:93:E7:46:D5:D5:45:78:3F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DFD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3sJvAF5uulejCYiCk-dG1dVFeD8.roa
Signing time: Thu 11 Apr 2024 05:52:47 +0000
ROA not before: Thu 11 Apr 2024 05:52:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15869 (0x3dfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 05:52:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DEC26F005E6EBA57A309888293E746D5D545783F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d3:e2:05:47:3a:3f:22:91:c0:c9:e5:4c:2c:
0d:b2:1f:0a:66:e4:34:f4:c9:1c:39:2e:ac:63:7c:
5e:f6:42:25:8a:d8:c8:69:6d:71:ba:eb:46:6e:06:
44:b8:e2:31:36:23:f1:96:62:5b:d9:ec:79:cd:9f:
f5:73:f6:cd:e4:76:20:99:23:5d:65:71:ba:e7:19:
03:53:f8:6c:16:de:2c:97:40:84:d7:70:de:7c:76:
58:91:b2:e2:fc:88:cf:9a:9f:e0:84:0a:fb:ff:3f:
06:8e:d9:88:6c:75:42:ed:63:b4:b2:ac:57:ae:70:
06:55:e3:6b:2e:68:95:be:81:c7:ca:5a:b9:42:01:
fc:fc:1e:60:08:01:b7:5f:fd:30:78:b4:98:43:3f:
6f:32:29:b5:08:e6:21:f5:c1:e8:28:3d:c7:7b:af:
a1:c5:3d:d8:c0:64:c4:4c:fb:31:4b:47:fc:1f:f5:
ef:be:df:b1:5a:bd:b2:8c:dc:34:f8:75:45:44:81:
87:d3:7b:90:8d:ec:22:49:15:f4:e9:00:be:8b:06:
6c:ef:7c:d5:a4:1c:bc:13:d5:0f:ef:86:9d:21:25:
71:92:8c:b6:d9:ce:5e:96:b0:1f:32:59:ab:97:c4:
06:dc:40:38:25:ab:0f:68:b2:23:34:d3:b4:99:9e:
8d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C2:6F:00:5E:6E:BA:57:A3:09:88:82:93:E7:46:D5:D5:45:78:3F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3sJvAF5uulejCYiCk-dG1dVFeD8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
01:fc:13:4f:28:8a:1a:52:9a:9d:f9:5c:2f:e6:b6:c3:bb:3d:
a8:ea:aa:0d:1c:b7:73:d8:94:36:16:28:e6:db:41:8b:6e:b8:
9d:c4:3b:a6:bf:f9:c0:c8:76:a5:a1:6a:8f:58:41:6a:76:26:
37:a2:bd:de:e6:18:74:57:6e:f6:c3:08:0f:1c:72:d3:df:1e:
48:bf:79:75:e3:2f:e7:77:22:fe:27:ad:5b:d7:01:28:29:04:
88:63:12:eb:97:5f:4e:39:16:cc:7a:37:10:16:d3:14:af:03:
5d:fa:91:6f:ff:58:f8:01:18:cb:0f:7e:53:ca:cd:5d:d6:bf:
33:91:ad:4f:b8:2c:2a:78:98:d7:ba:75:8e:d7:18:d7:c1:c2:
12:62:9a:ae:ce:f7:a3:00:7a:88:03:c7:4a:a6:d4:27:f6:ab:
84:c1:2b:0e:7b:85:11:f8:2f:59:97:0c:fd:96:ea:81:b8:03:
e1:44:2d:bb:7f:d0:32:da:2d:6f:41:56:10:d4:9d:c3:d2:5d:
e6:f8:c5:a4:48:d2:53:a7:89:2c:d7:65:82:cb:8b:39:52:41:
09:5a:dc:1c:da:93:28:ab:1d:dc:e5:bb:22:b2:30:56:ff:a5:
53:7c:05:df:62:ad:fe:21:d2:b9:7f:3a:06:03:42:40:3f:ff:
7f:02:50:43
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPf0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
NTUyNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERFQzI2RjAwNUU2RUJB
NTdBMzA5ODg4MjkzRTc0NkQ1RDU0NTc4M0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZ0+IFRzo/IpHAyeVMLA2yHwpm5DT0yRw5LqxjfF72QiWK2Mhp
bXG660ZuBkS44jE2I/GWYlvZ7HnNn/Vz9s3kdiCZI11lcbrnGQNT+GwW3iyXQITX
cN58dliRsuL8iM+an+CECvv/PwaO2YhsdULtY7SyrFeucAZV42suaJW+gcfKWrlC
Afz8HmAIAbdf/TB4tJhDP28yKbUI5iH1wegoPcd7r6HFPdjAZMRM+zFLR/wf9e++
37FavbKM3DT4dUVEgYfTe5CN7CJJFfTpAL6LBmzvfNWkHLwT1Q/vhp0hJXGSjLbZ
zl6WsB8yWauXxAbcQDglqw9osiM007SZno2lAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU3sJvAF5uulejCYiCk+dG1dVFeD8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNzSnZBRjV1dWxlakNZ
aUNrLWRHMWRWRmVEOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAH8E08oihpSmp35
XC/mtsO7Pajqqg0ct3PYlDYWKObbQYtuuJ3EO6a/+cDIdqWhao9YQWp2Jjeivd7m
GHRXbvbDCA8cctPfHki/eXXjL+d3Iv4nrVvXASgpBIhjEuuXX045Fsx6NxAW0xSv
A136kW//WPgBGMsPflPKzV3WvzORrU+4LCp4mNe6dY7XGNfBwhJimq7O96MAeogD
x0qm1Cf2q4TBKw57hRH4L1mXDP2W6oG4A+FELbt/0DLaLW9BVhDUncPSXeb4xaRI
0lOniSzXZYLLizlSQQla3BzakyirHdzluyKyMFb/pVN8Bd9irf4h0rl/OgYDQkA/
/38CUEM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:19:22 2025 by rpki-client