Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6OhMAHUGayLMapFODBz9H6Y6i04.roa
File: 6OhMAHUGayLMapFODBz9H6Y6i04.roa (raw, json)
Hash identifier: tBpGf7k9qM6QkKPv4viiIz57DL1QQ+I8CTYGaqeGP7Y=
Subject key identifier: E8:E8:4C:00:75:06:6B:22:CC:6A:91:4E:0C:1C:FD:1F:A6:3A:8B:4E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 55ED
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6OhMAHUGayLMapFODBz9H6Y6i04.roa
Signing time: Mon 13 May 2024 03:54:26 +0000
ROA not before: Mon 13 May 2024 03:54:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21997 (0x55ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 03:54:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E8E84C0075066B22CC6A914E0C1CFD1FA63A8B4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b3:35:4b:06:80:74:b3:e1:2e:09:57:66:e7:
a8:5d:f1:8f:58:98:4d:30:94:80:3e:48:c3:f2:e5:
8c:72:68:0a:4c:bf:78:c1:5b:96:ba:b3:f7:b5:cd:
7f:9a:89:5a:64:58:2c:93:68:3f:3d:a0:3b:62:c1:
d9:79:02:71:c8:7a:5e:60:8e:71:2a:2c:4b:e3:c9:
e0:36:71:c9:d5:f4:84:46:63:59:c3:d6:fd:e7:4a:
95:7b:b4:e0:8a:3a:a0:52:05:df:16:06:a1:ac:b3:
04:74:be:0b:05:a9:9a:8f:a3:1c:0f:cd:c9:97:58:
6b:16:3f:88:0a:f1:b9:2a:b9:88:0d:05:14:6e:9d:
f5:34:7a:89:08:4f:ee:09:f7:96:e8:3f:62:9f:f0:
fd:07:fd:1c:bb:34:5e:d3:10:53:0c:5d:f9:36:31:
a9:fc:85:29:78:2f:74:f1:9b:10:2f:d4:6a:ae:92:
cc:ba:44:86:70:5a:91:9e:1f:00:04:f9:4b:9a:ca:
f5:c3:2c:57:d2:c8:06:c6:2b:41:6b:c5:c2:cc:50:
51:53:3b:41:27:02:02:ba:a4:94:cc:b5:74:1f:a8:
03:69:01:b9:aa:23:17:89:7b:b6:ed:c0:85:94:50:
3d:00:3e:56:1f:af:d6:05:fb:0d:2b:cf:c8:f5:94:
6a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E8:4C:00:75:06:6B:22:CC:6A:91:4E:0C:1C:FD:1F:A6:3A:8B:4E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6OhMAHUGayLMapFODBz9H6Y6i04.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
93:eb:22:85:87:4d:d3:6a:d7:f0:ca:9a:6c:04:87:86:e9:da:
a6:1f:59:eb:67:9f:53:cc:e1:4e:c5:33:3b:45:d6:3d:bd:a0:
a9:d7:b4:55:67:fd:6c:0e:4e:cc:34:e6:b5:a6:c2:83:41:4a:
8b:f8:e0:12:9a:d5:db:2c:92:86:70:5a:f2:2b:28:5b:b5:12:
ee:6b:1b:ea:f3:7e:ac:ba:cc:a2:60:44:4a:be:e6:7c:4d:99:
4e:dc:d2:cd:e2:0f:79:c7:dd:47:2c:a5:99:64:0b:4a:67:cb:
93:aa:7d:66:52:4e:f4:8d:ee:36:49:eb:e9:15:a4:17:4f:25:
30:f9:a0:61:54:f5:da:94:f4:b9:30:db:5c:00:34:79:23:f2:
da:d5:8e:6e:56:31:97:c1:b5:14:32:c4:d6:64:7b:d4:54:73:
9e:00:88:6c:ed:cf:c0:8f:a6:76:73:c4:75:0f:bc:87:c4:77:
d8:0b:d3:b4:13:83:53:0a:51:00:fb:4c:32:ef:e7:e9:a8:0b:
0a:bd:bb:d9:ed:ea:26:8d:1a:10:68:e1:2a:71:0c:82:04:d8:
69:12:f2:e1:6c:a4:33:a8:55:ac:ae:be:2e:b3:95:53:5d:6c:
a9:89:b5:f1:3c:7f:6e:c7:51:8e:e6:0b:a4:d6:2e:45:b7:72:
db:17:a7:2f
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVe0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMw
MzU0MjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU4RTg0QzAwNzUwNjZC
MjJDQzZBOTE0RTBDMUNGRDFGQTYzQThCNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrszVLBoB0s+EuCVdm56hd8Y9YmE0wlIA+SMPy5YxyaApMv3jB
W5a6s/e1zX+aiVpkWCyTaD89oDtiwdl5AnHIel5gjnEqLEvjyeA2ccnV9IRGY1nD
1v3nSpV7tOCKOqBSBd8WBqGsswR0vgsFqZqPoxwPzcmXWGsWP4gK8bkquYgNBRRu
nfU0eokIT+4J95boP2Kf8P0H/Ry7NF7TEFMMXfk2Man8hSl4L3TxmxAv1Gquksy6
RIZwWpGeHwAE+UuayvXDLFfSyAbGK0FrxcLMUFFTO0EnAgK6pJTMtXQfqANpAbmq
IxeJe7btwIWUUD0APlYfr9YF+w0rz8j1lGqFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU6OhMAHUGayLMapFODBz9H6Y6i04wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZPaE1BSFVHYXlMTWFw
Rk9EQno5SDZZNmkwNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJPrIoWHTdNq1/DK
mmwEh4bp2qYfWetnn1PM4U7FMztF1j29oKnXtFVn/WwOTsw05rWmwoNBSov44BKa
1dsskoZwWvIrKFu1Eu5rG+rzfqy6zKJgREq+5nxNmU7c0s3iD3nH3UcspZlkC0pn
y5OqfWZSTvSN7jZJ6+kVpBdPJTD5oGFU9dqU9Lkw21wANHkj8trVjm5WMZfBtRQy
xNZke9RUc54AiGztz8CPpnZzxHUPvIfEd9gL07QTg1MKUQD7TDLv5+moCwq9u9nt
6iaNGhBo4SpxDIIE2GkS8uFspDOoVayuvi6zlVNdbKmJtfE8f27HUY7mC6TWLkW3
ctsXpy8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:49:42 2025 by rpki-client