Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/FzDUXMOi5sbAuUbGCD-Uj85O0G4.roa
File: FzDUXMOi5sbAuUbGCD-Uj85O0G4.roa (raw, json)
Hash identifier: /fH+wx3Gst+s7ccfwS+pA+WX5JtW50O8KuwchXKZFHY=
Subject key identifier: 17:30:D4:5C:C3:A2:E6:C6:C0:B9:46:C6:08:3F:94:8F:CE:4E:D0:6E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5061
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FzDUXMOi5sbAuUbGCD-Uj85O0G4.roa
Signing time: Sun 05 May 2024 18:24:02 +0000
ROA not before: Sun 05 May 2024 18:24:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20577 (0x5061)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 18:24:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1730D45CC3A2E6C6C0B946C6083F948FCE4ED06E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1e:3f:b6:47:a7:61:b3:6a:5d:65:5a:16:26:
fe:99:51:83:fe:e6:80:b4:9f:6f:e7:53:ea:65:6e:
3b:7a:4f:bd:a0:4f:e5:03:4a:88:f9:fd:17:15:7f:
f3:0a:df:cd:00:a3:a9:17:8f:e0:e6:3a:d9:a4:1c:
01:f9:15:87:ee:55:ea:46:66:f9:0b:05:b2:6d:3e:
67:66:46:5e:31:a5:76:70:ee:bf:ee:4a:b9:cf:33:
9d:ac:8c:6d:a1:6b:2f:a4:f5:ea:99:79:13:73:fd:
6e:ca:a3:99:c4:8b:a9:db:99:41:c6:c5:3a:08:b2:
39:f5:25:ac:bc:93:91:17:d9:dc:ed:c3:a5:d2:12:
52:60:d3:dd:18:26:26:2a:c0:b5:d3:17:4e:2f:fe:
c8:0b:e2:2e:a5:d4:d5:1d:b6:e8:71:a3:cb:c3:37:
d8:32:70:0b:55:4e:1f:25:95:3d:e2:7a:6e:72:79:
94:d0:db:20:48:e2:52:09:c8:68:c7:80:dc:fa:ad:
9a:e1:74:a3:a2:7c:b0:1f:ef:99:90:87:4b:de:c6:
18:a7:15:d6:62:51:9f:ef:57:f1:88:ab:a6:74:b2:
d1:5e:f2:e9:97:31:ab:71:03:72:dd:52:5a:71:17:
04:c2:20:99:35:97:e0:22:e8:ab:99:8a:ba:84:23:
56:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:30:D4:5C:C3:A2:E6:C6:C0:B9:46:C6:08:3F:94:8F:CE:4E:D0:6E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FzDUXMOi5sbAuUbGCD-Uj85O0G4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
89:fd:d5:bc:1e:60:05:1e:ab:e6:4d:b2:b2:67:fc:ee:de:c1:
31:b5:f3:bc:e1:22:95:c2:93:3d:72:05:95:29:17:08:24:ad:
15:60:42:74:f0:bd:8b:d3:ea:4b:54:6d:26:55:f4:0a:d5:23:
64:62:39:74:27:ba:5a:2f:a5:97:c3:11:04:a6:72:35:d5:38:
2f:b5:b4:d3:55:b8:b6:b5:16:06:88:c0:af:f3:ba:45:57:bf:
11:1e:c7:e5:4e:27:a7:85:51:60:1e:6b:4e:02:9f:dc:17:ff:
06:f9:0b:12:1b:c2:51:d6:e5:32:61:40:c7:e5:81:fe:da:c9:
d9:b8:2f:e6:81:5d:a2:09:38:f4:c1:c6:65:55:25:d6:61:96:
a6:0d:cd:5d:19:e0:c1:49:f4:06:e8:5d:72:fa:ae:4c:17:51:
08:a5:f0:cb:ae:28:f0:51:86:a3:6b:ef:a4:90:8e:d1:32:33:
25:e4:30:ba:2c:a1:e1:34:ba:bf:7c:27:07:d3:d8:be:82:88:
e3:71:ef:e1:8b:04:b7:aa:16:f3:b0:ba:1e:90:72:49:be:c0:
6f:5c:f9:44:af:d5:d3:93:bf:62:8f:db:dc:f2:f8:35:cb:01:
09:8c:e7:58:f3:ef:d1:3b:0e:75:59:cb:77:b4:f4:64:fc:b3:
12:29:dc:fd
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUGEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUx
ODI0MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE3MzBENDVDQzNBMkU2
QzZDMEI5NDZDNjA4M0Y5NDhGQ0U0RUQwNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4Hj+2R6dhs2pdZVoWJv6ZUYP+5oC0n2/nU+plbjt6T72gT+UD
Soj5/RcVf/MK380Ao6kXj+DmOtmkHAH5FYfuVepGZvkLBbJtPmdmRl4xpXZw7r/u
SrnPM52sjG2hay+k9eqZeRNz/W7Ko5nEi6nbmUHGxToIsjn1Jay8k5EX2dztw6XS
ElJg090YJiYqwLXTF04v/sgL4i6l1NUdtuhxo8vDN9gycAtVTh8llT3iem5yeZTQ
2yBI4lIJyGjHgNz6rZrhdKOifLAf75mQh0vexhinFdZiUZ/vV/GIq6Z0stFe8umX
MatxA3LdUlpxFwTCIJk1l+Ai6KuZirqEI1bJAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUFzDUXMOi5sbAuUbGCD+Uj85O0G4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Z6RFVYTU9pNXNiQXVV
YkdDRC1Vajg1TzBHNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIn91bweYAUeq+ZN
srJn/O7ewTG187zhIpXCkz1yBZUpFwgkrRVgQnTwvYvT6ktUbSZV9ArVI2RiOXQn
ulovpZfDEQSmcjXVOC+1tNNVuLa1FgaIwK/zukVXvxEex+VOJ6eFUWAea04Cn9wX
/wb5CxIbwlHW5TJhQMflgf7aydm4L+aBXaIJOPTBxmVVJdZhlqYNzV0Z4MFJ9Abo
XXL6rkwXUQil8MuuKPBRhqNr76SQjtEyMyXkMLosoeE0ur98JwfT2L6CiONx7+GL
BLeqFvOwuh6Qckm+wG9c+USv1dOTv2KP29zy+DXLAQmM51jz79E7DnVZy3e09GT8
sxIp3P0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:40 2025 by rpki-client