Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DV-2pxgM-2ZZYKMikki8CYUhkcE.roa
File: DV-2pxgM-2ZZYKMikki8CYUhkcE.roa (raw, json)
Hash identifier: 4vWMgN+Cn9XUtQ0GbVWaDMU2j/svCu/vY5UFDiihSV0=
Subject key identifier: 0D:5F:B6:A7:18:0C:FB:66:59:60:A3:22:92:48:BC:09:85:21:91:C1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3345
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DV-2pxgM-2ZZYKMikki8CYUhkcE.roa
Signing time: Wed 27 Mar 2024 22:52:01 +0000
ROA not before: Wed 27 Mar 2024 22:52:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13125 (0x3345)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 22:52:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0D5FB6A7180CFB665960A3229248BC09852191C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a0:6a:55:91:f6:de:b3:c2:4c:ec:d6:84:19:
a0:b0:9a:aa:39:bb:63:52:0a:da:2f:ae:63:cf:4f:
a5:02:7a:92:cd:31:24:4b:bb:50:3d:0e:05:bd:4a:
9c:bf:6d:0a:71:37:54:10:0a:b6:53:85:42:6f:d4:
68:37:21:cc:6b:1e:66:86:90:e9:1f:7b:2f:c8:7e:
a2:9c:61:99:99:60:44:41:69:3e:f0:16:07:93:73:
3e:cf:f4:9b:83:5c:07:ca:81:53:d7:38:67:8a:4f:
ce:c6:59:d6:f6:f7:bb:0e:4f:d7:15:22:83:1d:a6:
8a:48:4f:25:84:05:be:bf:c7:ce:0a:a4:cc:da:31:
20:31:15:4f:ef:80:2e:ca:01:0c:f4:12:48:f8:20:
ba:be:3c:ea:eb:04:af:68:08:0a:51:dd:0c:d1:93:
d0:ff:23:3c:bd:a5:83:97:1c:77:d6:1e:00:3c:52:
a6:a4:e5:ee:48:8d:44:39:c1:73:d6:80:92:5c:00:
28:61:8d:8f:4b:c2:1a:86:dd:ec:90:f3:d7:36:29:
45:f4:30:3f:f3:5f:e5:53:68:35:ea:44:b0:4a:ea:
1d:08:8f:8b:d3:28:13:e6:4d:4a:b5:c5:e7:ee:23:
fa:c7:f6:7f:95:6b:3d:0b:49:37:77:3f:51:0e:b0:
19:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:5F:B6:A7:18:0C:FB:66:59:60:A3:22:92:48:BC:09:85:21:91:C1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DV-2pxgM-2ZZYKMikki8CYUhkcE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
ba:8b:2e:5a:22:38:50:ac:37:3b:42:69:5b:7f:67:74:fb:f9:
c6:c0:bd:a2:25:cb:ef:97:a2:00:91:de:f6:68:3a:aa:01:98:
89:97:e4:bc:3f:08:71:87:85:29:f2:44:9f:aa:14:55:f4:84:
2c:cb:d2:38:f6:06:8c:1e:f4:91:15:93:34:ce:c3:e7:bb:4d:
ac:a5:39:1d:ac:bf:78:11:31:d0:8a:3e:3e:52:3e:46:c2:ae:
01:09:25:43:f9:c9:f7:5e:38:56:73:54:e7:61:d3:8a:cd:03:
9e:cb:99:3a:f3:07:c1:18:0a:0e:1f:81:c2:65:51:fb:a4:d7:
5c:82:5f:21:a5:04:44:55:67:b1:e3:d2:8c:2f:0a:ff:ba:79:
4e:db:ca:cd:40:e7:5d:5c:59:14:1d:4a:9b:05:81:21:d1:26:
c6:65:ba:bf:29:0d:76:54:f7:d2:fb:5e:35:bf:62:a9:82:e5:
e2:5f:1e:63:90:10:af:83:08:b1:87:53:a2:f6:82:0c:bf:ea:
b8:7a:c3:64:3e:b2:de:e9:10:c2:37:84:0d:97:00:e5:ed:78:
71:4d:f6:28:91:bf:e7:ed:e0:25:9f:4a:7a:93:76:c8:b9:b2:
fe:cf:bd:ed:ed:a0:f5:62:fd:ce:7a:63:5b:5c:36:6f:9f:16:
a7:d3:f2:00
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICM0UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcy
MjUyMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBENUZCNkE3MTgwQ0ZC
NjY1OTYwQTMyMjkyNDhCQzA5ODUyMTkxQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDoGpVkfbes8JM7NaEGaCwmqo5u2NSCtovrmPPT6UCepLNMSRL
u1A9DgW9Spy/bQpxN1QQCrZThUJv1Gg3IcxrHmaGkOkfey/IfqKcYZmZYERBaT7w
FgeTcz7P9JuDXAfKgVPXOGeKT87GWdb297sOT9cVIoMdpopITyWEBb6/x84KpMza
MSAxFU/vgC7KAQz0Ekj4ILq+POrrBK9oCApR3QzRk9D/Izy9pYOXHHfWHgA8Uqak
5e5IjUQ5wXPWgJJcAChhjY9LwhqG3eyQ89c2KUX0MD/zX+VTaDXqRLBK6h0Ij4vT
KBPmTUq1xefuI/rH9n+Vaz0LSTd3P1EOsBmbAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUDV+2pxgM+2ZZYKMikki8CYUhkcEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RWLTJweGdNLTJaWllL
TWlra2k4Q1lVaGtjRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALqLLloiOFCsNztC
aVt/Z3T7+cbAvaIly++XogCR3vZoOqoBmImX5Lw/CHGHhSnyRJ+qFFX0hCzL0jj2
Bowe9JEVkzTOw+e7TaylOR2sv3gRMdCKPj5SPkbCrgEJJUP5yfdeOFZzVOdh04rN
A57LmTrzB8EYCg4fgcJlUfuk11yCXyGlBERVZ7Hj0owvCv+6eU7bys1A511cWRQd
SpsFgSHRJsZlur8pDXZU99L7XjW/YqmC5eJfHmOQEK+DCLGHU6L2ggy/6rh6w2Q+
st7pEMI3hA2XAOXteHFN9iiRv+ft4CWfSnqTdsi5sv7Pve3toPVi/c56Y1tcNm+f
FqfT8gA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:06 2025 by rpki-client