Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Db-eOD6YjVnrOkv3TEepvmIp_Jg.roa
File: Db-eOD6YjVnrOkv3TEepvmIp_Jg.roa (raw, json)
Hash identifier: H2MuCXgDFieWL2PXaxSpFaBBq8vyqacdgp3ddoMvZyU=
Subject key identifier: 0D:BF:9E:38:3E:98:8D:59:EB:3A:4B:F7:4C:47:A9:BE:62:29:FC:98
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34D1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Db-eOD6YjVnrOkv3TEepvmIp_Jg.roa
Signing time: Sat 30 Mar 2024 00:22:07 +0000
ROA not before: Sat 30 Mar 2024 00:22:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13521 (0x34d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 00:22:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0DBF9E383E988D59EB3A4BF74C47A9BE6229FC98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:13:4e:fb:7c:f4:ed:9b:2a:72:1a:2b:c5:c5:
53:d5:69:46:33:70:50:67:fc:ab:6e:a5:01:83:68:
61:c7:fa:cf:17:f7:a1:33:e0:86:cb:36:d1:3c:42:
b5:32:ad:c6:c4:b9:96:cb:52:a2:ed:b5:88:96:d3:
2a:c6:fd:b0:fc:8e:5d:2e:39:28:86:73:b5:ae:ba:
1f:c0:0d:7e:92:8c:4d:bb:54:08:0a:94:b8:36:86:
65:5f:3a:0b:0c:32:2a:07:66:7a:c1:3b:5c:f3:d5:
c3:ec:29:06:87:31:f3:95:69:7e:73:2f:c4:f0:80:
34:bf:81:28:a9:90:7d:6f:28:55:7a:27:f2:23:7e:
47:cd:a7:d3:3d:15:03:2c:b2:13:a6:48:4b:b8:9e:
cd:27:46:c5:21:b8:b0:29:d3:e7:66:58:55:06:1a:
c2:39:48:c2:7e:bf:b8:62:ee:30:bb:73:b6:67:08:
16:cd:38:7b:e1:34:76:f3:cf:00:7d:a0:09:d5:0c:
7e:45:7f:0c:59:fe:2c:66:62:2f:7a:a3:96:cc:b3:
bf:9a:12:3f:34:04:c9:6e:7f:1d:6e:a9:67:e3:a8:
b6:a8:1b:97:31:71:3d:fa:22:03:03:0b:ce:3e:75:
b9:16:f1:87:94:3f:dc:c5:0a:1a:2e:e1:dc:72:8d:
d7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:BF:9E:38:3E:98:8D:59:EB:3A:4B:F7:4C:47:A9:BE:62:29:FC:98
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Db-eOD6YjVnrOkv3TEepvmIp_Jg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
90:e9:a3:47:33:79:f6:a6:a3:10:4d:a0:24:f3:f8:47:92:ee:
06:28:e4:e6:e3:45:e4:77:c2:77:1e:5a:56:92:ca:98:5f:25:
2e:d0:6a:49:39:a1:a6:38:d1:55:83:71:7d:5b:fe:bf:65:b2:
6e:ec:49:61:63:ae:fc:11:b5:d7:8c:f8:fe:43:3b:20:94:a1:
70:84:d8:df:b1:83:d7:f0:c0:c7:f5:d6:8a:9b:6d:5b:ef:b6:
4a:67:cf:cf:cb:ab:f6:bd:ef:36:23:80:3f:a0:92:f1:4b:fa:
d5:52:47:80:53:c3:26:58:0f:b0:b5:c7:9e:6a:1c:da:01:bd:
3a:32:a1:e6:3f:69:d4:43:9e:e1:8a:50:95:d3:77:18:3f:d3:
15:f9:a4:52:ea:6f:da:58:fb:1a:fb:71:37:dd:cb:b3:52:9d:
5f:e7:bb:54:49:ee:04:99:17:60:09:8d:bb:81:63:0c:f5:49:
a3:35:07:c7:27:04:01:d0:c3:b4:3b:88:a9:ca:5f:ab:2a:88:
15:c7:ed:dd:54:1c:35:e6:9a:6d:5e:59:33:d8:86:84:2a:3d:
84:25:20:a8:ab:3b:db:01:1b:14:3b:29:8d:38:96:7f:6d:bb:
f0:9c:62:cb:6b:40:01:6e:7d:f1:3e:a1:95:4c:d4:49:29:14:
cf:57:63:e2
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNNEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
MDIyMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBEQkY5RTM4M0U5ODhE
NTlFQjNBNEJGNzRDNDdBOUJFNjIyOUZDOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwE077fPTtmypyGivFxVPVaUYzcFBn/KtupQGDaGHH+s8X96Ez
4IbLNtE8QrUyrcbEuZbLUqLttYiW0yrG/bD8jl0uOSiGc7Wuuh/ADX6SjE27VAgK
lLg2hmVfOgsMMioHZnrBO1zz1cPsKQaHMfOVaX5zL8TwgDS/gSipkH1vKFV6J/Ij
fkfNp9M9FQMsshOmSEu4ns0nRsUhuLAp0+dmWFUGGsI5SMJ+v7hi7jC7c7ZnCBbN
OHvhNHbzzwB9oAnVDH5FfwxZ/ixmYi96o5bMs7+aEj80BMlufx1uqWfjqLaoG5cx
cT36IgMDC84+dbkW8YeUP9zFChou4dxyjdfXAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUDb+eOD6YjVnrOkv3TEepvmIp/JgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RiLWVPRDZZalZuck9r
djNURWVwdm1JcF9KZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJDpo0czefamoxBN
oCTz+EeS7gYo5ObjReR3wnceWlaSyphfJS7Qakk5oaY40VWDcX1b/r9lsm7sSWFj
rvwRtdeM+P5DOyCUoXCE2N+xg9fwwMf11oqbbVvvtkpnz8/Lq/a97zYjgD+gkvFL
+tVSR4BTwyZYD7C1x55qHNoBvToyoeY/adRDnuGKUJXTdxg/0xX5pFLqb9pY+xr7
cTfdy7NSnV/nu1RJ7gSZF2AJjbuBYwz1SaM1B8cnBAHQw7Q7iKnKX6sqiBXH7d1U
HDXmmm1eWTPYhoQqPYQlIKirO9sBGxQ7KY04ln9tu/CcYstrQAFuffE+oZVM1Ekp
FM9XY+I=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:56 2025 by rpki-client