Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8fRelBr_DukJQdl7WZcc-2jnxpY.roa
File: 8fRelBr_DukJQdl7WZcc-2jnxpY.roa (raw, json)
Hash identifier: lIOhY0Xb6pLD+DaK3Mfa8g0KtKY+XgUx/8BrkxK2Gwc=
Subject key identifier: F1:F4:5E:94:1A:FF:0E:E9:09:41:D9:7B:59:97:1C:FB:68:E7:C6:96
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B61
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8fRelBr_DukJQdl7WZcc-2jnxpY.roa
Signing time: Mon 29 Apr 2024 02:23:28 +0000
ROA not before: Mon 29 Apr 2024 02:23:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19297 (0x4b61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 02:23:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F1F45E941AFF0EE90941D97B59971CFB68E7C696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:06:b7:34:eb:33:21:2e:09:bc:7c:9b:e8:40:
ab:fb:ad:92:e4:fc:1d:4b:ff:9b:da:13:10:7f:4c:
7e:c5:bb:6c:be:b7:2e:21:17:9a:22:c3:0f:ef:9b:
4b:04:f6:b6:1a:dc:60:45:e0:86:85:c2:0a:73:2c:
91:03:75:00:3b:24:00:1b:03:0e:cf:2c:6d:4f:c5:
25:e4:1b:8e:a8:1d:ec:60:ef:85:69:6a:1f:b8:84:
3f:e5:87:48:78:19:b6:fa:b1:c2:32:1e:63:c7:ae:
8e:38:3a:64:7a:f1:d3:44:23:b8:d5:5f:ee:68:70:
b9:f8:23:2c:63:ca:3e:f7:ac:c3:4f:7d:01:03:2c:
1b:01:88:06:04:15:88:90:0f:06:97:ff:14:94:5c:
56:2a:6b:61:70:92:ca:79:b9:00:44:49:47:31:2d:
13:3e:5d:93:05:76:d0:21:d1:98:2a:e0:9a:09:3d:
4e:38:28:fb:8f:d8:b2:d0:0c:3d:c4:23:f1:20:2c:
54:10:70:61:2d:a4:21:4b:92:2b:46:15:0b:1a:a9:
35:e5:37:3c:a6:a7:b8:74:98:6e:4e:5c:e5:1c:7d:
d0:91:6f:18:2b:74:2d:15:3e:18:50:e7:cc:9f:86:
f0:89:79:ea:5f:bd:d9:28:1a:d0:d7:12:ee:7f:69:
f1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:F4:5E:94:1A:FF:0E:E9:09:41:D9:7B:59:97:1C:FB:68:E7:C6:96
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8fRelBr_DukJQdl7WZcc-2jnxpY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3d:96:7a:bc:b8:9c:d0:0a:b8:67:ed:03:8d:fc:b9:d7:e6:e4:
93:21:4a:d8:eb:9f:45:ef:77:b2:f4:a2:a1:b9:b7:09:06:b6:
7c:bd:2e:82:0a:3f:4c:ab:99:04:dd:b5:91:c6:2e:8e:16:75:
bd:94:e8:0a:fd:95:ed:61:07:dd:f8:37:ba:a5:1d:c1:bd:db:
c2:84:15:ec:45:8f:c2:bd:3b:43:f2:b5:5d:09:14:f2:2a:8b:
7f:ee:f2:b7:e6:9e:aa:63:e8:f0:a8:3a:66:c7:9e:e4:89:60:
2a:0e:2d:ce:cd:2a:2e:3b:ce:14:e7:8e:63:af:bc:b9:35:89:
21:81:8c:a2:07:94:11:9f:60:99:5d:ee:0b:97:50:e2:2b:54:
fa:a1:40:2f:a6:ed:42:8c:b1:22:c0:92:89:ae:dc:93:dc:75:
ee:82:c6:d7:7d:3c:ab:15:f2:4c:a8:bb:a1:bc:21:7e:f3:d6:
67:e8:13:64:b5:e8:ba:cc:3c:57:34:96:4a:be:14:32:fe:dc:
5d:e6:24:ee:1c:bc:d8:d8:d8:38:72:74:af:ce:18:89:9a:91:
f1:65:ed:fd:e9:fe:52:88:01:a4:32:fa:d5:f2:2d:29:42:ea:
c9:d9:e3:a9:2f:99:bc:c9:f1:e4:e0:f5:89:a7:eb:1c:f9:e1:
57:d4:7b:4e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICS2EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjkw
MjIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYxRjQ1RTk0MUFGRjBF
RTkwOTQxRDk3QjU5OTcxQ0ZCNjhFN0M2OTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnBrc06zMhLgm8fJvoQKv7rZLk/B1L/5vaExB/TH7Fu2y+ty4h
F5oiww/vm0sE9rYa3GBF4IaFwgpzLJEDdQA7JAAbAw7PLG1PxSXkG46oHexg74Vp
ah+4hD/lh0h4Gbb6scIyHmPHro44OmR68dNEI7jVX+5ocLn4Iyxjyj73rMNPfQED
LBsBiAYEFYiQDwaX/xSUXFYqa2Fwksp5uQBESUcxLRM+XZMFdtAh0Zgq4JoJPU44
KPuP2LLQDD3EI/EgLFQQcGEtpCFLkitGFQsaqTXlNzymp7h0mG5OXOUcfdCRbxgr
dC0VPhhQ58yfhvCJeepfvdkoGtDXEu5/afHfAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU8fRelBr/DukJQdl7WZcc+2jnxpYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhmUmVsQnJfRHVrSlFk
bDdXWmNjLTJqbnhwWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAD2Wery4nNAKuGft
A438udfm5JMhStjrn0Xvd7L0oqG5twkGtny9LoIKP0yrmQTdtZHGLo4Wdb2U6Ar9
le1hB934N7qlHcG928KEFexFj8K9O0PytV0JFPIqi3/u8rfmnqpj6PCoOmbHnuSJ
YCoOLc7NKi47zhTnjmOvvLk1iSGBjKIHlBGfYJld7guXUOIrVPqhQC+m7UKMsSLA
komu3JPcde6Cxtd9PKsV8kyou6G8IX7z1mfoE2S16LrMPFc0lkq+FDL+3F3mJO4c
vNjY2DhydK/OGImakfFl7f3p/lKIAaQy+tXyLSlC6snZ46kvmbzJ8eTg9Ymn6xz5
4VfUe04=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:19:28 2025 by rpki-client