Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8sKrRlg5BzQrknmQvOgWGPKRr-w.roa
File: 8sKrRlg5BzQrknmQvOgWGPKRr-w.roa (raw, json)
Hash identifier: 8uq1XHgNX12SXuCXpq4P5B1TOPNCRJpn/7Azcuvyh0o=
Subject key identifier: F2:C2:AB:46:58:39:07:34:2B:92:79:90:BC:E8:16:18:F2:91:AF:EC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3641
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8sKrRlg5BzQrknmQvOgWGPKRr-w.roa
Signing time: Sun 31 Mar 2024 22:22:11 +0000
ROA not before: Sun 31 Mar 2024 22:22:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13889 (0x3641)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 22:22:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F2C2AB46583907342B927990BCE81618F291AFEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b0:83:3f:67:27:7c:41:5b:5f:e6:ee:81:f9:
23:79:ad:ce:5f:29:fb:d8:78:51:9a:74:51:16:34:
0a:2c:6e:48:5a:c6:94:58:53:3b:dc:60:9f:8a:98:
e4:5e:ba:c7:0a:a4:37:30:0f:df:6e:d9:d5:0f:7a:
2c:14:fc:56:76:27:f7:b4:fb:02:a4:40:18:47:4e:
17:fe:60:a1:99:69:ac:85:d7:b9:ab:52:73:70:68:
8d:20:e6:6c:91:1b:99:97:04:bf:c6:7a:c6:9d:15:
2a:3a:26:38:b0:7d:b8:b4:34:cd:c0:1d:7c:65:ce:
b0:ce:27:9a:af:26:a4:56:9a:0c:ec:13:43:3c:c8:
c3:29:fa:13:30:27:a4:17:75:e4:2a:15:c0:a1:6a:
10:a6:71:43:d7:13:77:e2:4e:22:5f:c0:a6:d2:54:
d5:0e:53:c4:f4:8d:b5:17:e4:1b:e6:ac:f8:80:1d:
45:75:e9:84:cf:e0:20:ec:7f:4c:cd:38:c1:10:fa:
e0:19:93:3b:ae:a6:6e:5d:64:78:5c:47:83:2c:13:
e3:68:4e:70:9e:ef:04:37:8a:7f:04:3e:a1:fa:70:
f2:74:39:e4:03:cc:4b:86:cf:57:f3:6d:35:d5:a4:
b8:cc:38:3c:b4:08:1b:e2:a9:63:b8:8c:a4:7c:ce:
d1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:C2:AB:46:58:39:07:34:2B:92:79:90:BC:E8:16:18:F2:91:AF:EC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8sKrRlg5BzQrknmQvOgWGPKRr-w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
43:5e:13:89:d5:19:d3:56:4f:c1:13:47:59:1f:f4:7b:74:0f:
bf:82:e5:3f:d5:1d:43:03:a1:de:ba:c7:f1:a6:35:0c:b0:40:
42:ab:96:5e:01:94:42:18:34:46:db:9c:89:cb:74:72:36:5d:
9a:73:71:99:f8:35:d8:d8:92:b7:c3:81:06:fd:66:3c:13:c6:
8d:2e:88:9f:a2:58:06:ba:b7:3e:c6:67:1b:78:06:87:33:6b:
52:26:a8:ea:11:9c:d0:20:fd:e2:ec:99:ed:42:f9:65:6e:44:
82:04:4a:8d:bf:5b:d2:95:d9:20:ff:5b:b4:2f:64:9d:14:ad:
24:88:d0:f1:a0:90:0e:89:1e:e6:78:2b:fb:3e:38:26:f7:e7:
79:b6:4d:d3:a2:2c:c1:36:e3:44:11:62:c9:71:e4:f8:ee:ab:
75:cf:56:ad:a8:c9:1a:de:d0:83:b6:e0:2f:f1:79:3a:6b:68:
91:55:01:70:28:95:06:d5:06:b8:18:1a:7b:47:1e:15:f4:9f:
33:59:ba:3f:e0:63:54:79:f3:a5:1d:83:4d:20:e5:e8:69:15:
69:70:98:70:fa:6a:2a:fa:8d:a8:d4:a8:e8:0d:b3:f4:aa:80:
f5:d5:0a:36:08:a5:3d:52:f2:fa:45:80:ac:f1:b2:44:35:68:
33:c5:b0:9b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNkEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEy
MjIyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYyQzJBQjQ2NTgzOTA3
MzQyQjkyNzk5MEJDRTgxNjE4RjI5MUFGRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9sIM/Zyd8QVtf5u6B+SN5rc5fKfvYeFGadFEWNAosbkhaxpRY
UzvcYJ+KmOReuscKpDcwD99u2dUPeiwU/FZ2J/e0+wKkQBhHThf+YKGZaayF17mr
UnNwaI0g5myRG5mXBL/GesadFSo6Jjiwfbi0NM3AHXxlzrDOJ5qvJqRWmgzsE0M8
yMMp+hMwJ6QXdeQqFcChahCmcUPXE3fiTiJfwKbSVNUOU8T0jbUX5BvmrPiAHUV1
6YTP4CDsf0zNOMEQ+uAZkzuupm5dZHhcR4MsE+NoTnCe7wQ3in8EPqH6cPJ0OeQD
zEuGz1fzbTXVpLjMODy0CBviqWO4jKR8ztEZAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU8sKrRlg5BzQrknmQvOgWGPKRr+wwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhzS3JSbGc1QnpRcmtu
bVF2T2dXR1BLUnItdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAENeE4nVGdNWT8ET
R1kf9Ht0D7+C5T/VHUMDod66x/GmNQywQEKrll4BlEIYNEbbnInLdHI2XZpzcZn4
NdjYkrfDgQb9ZjwTxo0uiJ+iWAa6tz7GZxt4Bocza1ImqOoRnNAg/eLsme1C+WVu
RIIESo2/W9KV2SD/W7QvZJ0UrSSI0PGgkA6JHuZ4K/s+OCb353m2TdOiLME240QR
Yslx5Pjuq3XPVq2oyRre0IO24C/xeTpraJFVAXAolQbVBrgYGntHHhX0nzNZuj/g
Y1R586Udg00g5ehpFWlwmHD6air6jajUqOgNs/SqgPXVCjYIpT1S8vpFgKzxskQ1
aDPFsJs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:36 2025 by rpki-client