Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/FnpGCEdZ8UcdZq_k25nFd_PLZSw.roa
File: FnpGCEdZ8UcdZq_k25nFd_PLZSw.roa (raw, json)
Hash identifier: 3Fvu13+lP6DRCArkW737YuhZodf/RcUL30DPklXpsC8=
Subject key identifier: 16:7A:46:08:47:59:F1:47:1D:66:AF:E4:DB:99:C5:77:F3:CB:65:2C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37F5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FnpGCEdZ8UcdZq_k25nFd_PLZSw.roa
Signing time: Wed 03 Apr 2024 04:52:17 +0000
ROA not before: Wed 03 Apr 2024 04:52:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14325 (0x37f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 04:52:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=167A46084759F1471D66AFE4DB99C577F3CB652C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0b:2c:35:b2:24:fd:2d:e2:5e:ea:bc:3d:a7:
74:8a:e7:b4:7d:a2:d9:35:64:0d:05:0d:e3:33:d7:
2b:bf:8d:87:8e:33:64:f3:6c:1b:0b:c3:fe:b6:8b:
23:03:f9:02:05:cc:da:05:b2:80:18:67:e0:ad:44:
a9:a9:62:05:d5:64:d6:5d:b7:a9:fa:c3:dc:97:6e:
27:69:80:07:81:23:64:63:7d:55:67:02:51:74:c0:
44:fa:e7:dd:48:8d:e3:61:04:8e:c4:57:4b:11:78:
3e:82:28:61:86:7c:bf:60:a6:15:80:e8:9c:7b:32:
ee:6f:83:d1:9b:e5:2f:19:2f:ce:b4:fb:1d:8b:3d:
e1:26:b4:75:54:8d:58:0a:4d:64:9c:98:21:cd:46:
4e:d7:c8:08:c9:07:fe:ca:51:b5:33:ec:f1:e3:9e:
dc:ba:bb:a2:12:02:fa:80:a2:d9:e9:fa:04:f6:13:
62:a9:29:2f:1d:78:60:8b:1b:6e:6d:30:60:58:1a:
30:59:8d:5d:b5:60:27:d4:35:3f:39:5a:16:f9:2b:
5a:25:f0:af:65:a1:81:94:e9:1e:bd:41:6c:06:69:
df:a2:34:b4:43:4b:98:6d:87:e1:ed:02:91:4e:a5:
4d:ce:12:45:f2:f3:59:8b:60:9e:17:e2:ce:a3:e4:
16:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7A:46:08:47:59:F1:47:1D:66:AF:E4:DB:99:C5:77:F3:CB:65:2C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FnpGCEdZ8UcdZq_k25nFd_PLZSw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2f:4c:8c:d5:e9:30:d2:f4:63:15:c3:e8:6f:73:dd:0b:27:ab:
66:af:96:a2:9b:a1:a0:05:10:17:76:9f:ec:55:25:64:69:56:
40:bf:a7:58:8c:4d:de:c3:7d:b7:1d:f8:de:30:4a:e3:a3:1f:
4d:7c:78:f9:70:96:3c:f3:78:82:51:09:9d:e9:24:99:c7:2b:
08:28:a0:cf:aa:ae:fa:29:2b:97:c0:f8:60:b3:b2:50:ff:41:
74:d5:8e:51:19:4c:bd:36:61:67:ab:7d:ea:5f:2b:e9:d8:cb:
04:6a:a1:c7:1a:bc:48:25:99:13:19:90:bb:0f:7f:3a:0e:53:
a9:56:99:f8:52:61:c6:02:76:ad:93:9c:a0:dd:2b:b1:af:69:
77:53:db:54:86:a9:67:e5:a4:06:8d:26:9e:74:c9:e1:93:36:
d5:45:42:fc:66:da:07:00:45:29:fb:31:8e:37:aa:ad:8f:6d:
7d:79:85:bf:f9:f8:83:81:2b:47:41:58:e9:f2:34:66:e1:c5:
b5:3b:47:ec:2e:b2:3e:2c:72:17:2a:89:c4:b6:08:a5:4d:7d:
06:ba:2e:0f:01:3c:06:6d:f4:39:0c:93:7c:53:54:62:23:01:
7c:dd:da:0d:07:c8:d4:5f:ac:e9:42:2d:0a:32:b9:b1:45:cf:
23:cf:99:74
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICN/UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMw
NDUyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE2N0E0NjA4NDc1OUYx
NDcxRDY2QUZFNERCOTlDNTc3RjNDQjY1MkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfCyw1siT9LeJe6rw9p3SK57R9otk1ZA0FDeMz1yu/jYeOM2Tz
bBsLw/62iyMD+QIFzNoFsoAYZ+CtRKmpYgXVZNZdt6n6w9yXbidpgAeBI2RjfVVn
AlF0wET6591IjeNhBI7EV0sReD6CKGGGfL9gphWA6Jx7Mu5vg9Gb5S8ZL860+x2L
PeEmtHVUjVgKTWScmCHNRk7XyAjJB/7KUbUz7PHjnty6u6ISAvqAotnp+gT2E2Kp
KS8deGCLG25tMGBYGjBZjV21YCfUNT85Whb5K1ol8K9loYGU6R69QWwGad+iNLRD
S5hth+HtApFOpU3OEkXy81mLYJ4X4s6j5BbfAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUFnpGCEdZ8UcdZq/k25nFd/PLZSwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ZucEdDRWRaOFVjZFpx
X2syNW5GZF9QTFpTdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAC9MjNXpMNL0YxXD
6G9z3Qsnq2avlqKboaAFEBd2n+xVJWRpVkC/p1iMTd7Dfbcd+N4wSuOjH018ePlw
ljzzeIJRCZ3pJJnHKwgooM+qrvopK5fA+GCzslD/QXTVjlEZTL02YWerfepfK+nY
ywRqoccavEglmRMZkLsPfzoOU6lWmfhSYcYCdq2TnKDdK7GvaXdT21SGqWflpAaN
Jp50yeGTNtVFQvxm2gcARSn7MY43qq2PbX15hb/5+IOBK0dBWOnyNGbhxbU7R+wu
sj4schcqicS2CKVNfQa6Lg8BPAZt9DkMk3xTVGIjAXzd2g0HyNRfrOlCLQoyubFF
zyPPmXQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:17:24 2025 by rpki-client