Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/L-SkTztq4ZhRls2WoYR2EDKWWCI.roa
File: L-SkTztq4ZhRls2WoYR2EDKWWCI.roa (raw, json)
Hash identifier: Y1pjbPWXBV1aPtSQtdJnmicoTCjoCDkXE8kZ64+jjg4=
Subject key identifier: 2F:E4:A4:4F:3B:6A:E1:98:51:96:CD:96:A1:84:76:10:32:96:58:22
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35C9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/L-SkTztq4ZhRls2WoYR2EDKWWCI.roa
Signing time: Sun 31 Mar 2024 07:22:37 +0000
ROA not before: Sun 31 Mar 2024 07:22:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13769 (0x35c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 07:22:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2FE4A44F3B6AE1985196CD96A184761032965822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0c:9c:e8:31:de:b9:be:7b:66:ec:33:37:dc:
40:7e:95:66:28:c1:5e:7f:15:0c:8c:4d:7e:89:1c:
64:99:8e:09:5e:41:a9:dc:51:78:14:f0:8d:ed:97:
78:81:b9:09:ca:e2:b1:18:fa:30:ef:29:3b:94:9a:
b6:b4:2c:64:31:94:a9:35:cc:dd:35:83:2c:1b:db:
2e:2e:6e:1a:69:7e:29:e2:ee:22:dc:c9:1b:f6:ba:
58:e6:a9:75:a8:cc:f7:73:7c:88:96:8a:5e:29:c2:
e0:2a:a7:d5:e6:87:e8:15:17:ac:f1:ff:8c:93:be:
98:22:5f:d3:00:84:50:c6:8e:49:89:76:a1:9a:56:
75:59:c5:05:d2:06:7f:e6:21:45:f7:0b:d9:fb:0f:
40:0b:4e:31:6e:55:20:0e:23:e2:e4:77:a0:74:96:
cc:24:e8:d1:b6:ba:d4:3e:92:65:6f:9c:61:46:7f:
30:82:27:d9:65:76:98:de:c1:9d:dc:3d:2c:09:da:
bc:9f:39:3e:cb:22:1d:0f:d7:44:9b:d2:a8:e3:b4:
71:3a:6d:43:97:1f:46:08:ef:85:24:51:c1:5e:a2:
a7:d9:34:c2:71:ee:54:91:ba:c4:2e:42:e6:bc:ae:
06:e9:e0:0c:bc:f5:3e:72:56:50:c5:25:d9:6f:45:
20:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E4:A4:4F:3B:6A:E1:98:51:96:CD:96:A1:84:76:10:32:96:58:22
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/L-SkTztq4ZhRls2WoYR2EDKWWCI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b5:b8:e7:20:0e:e0:c4:7c:18:04:a8:ef:06:74:bd:81:5a:8e:
ff:2e:1d:05:f2:4b:2f:e6:53:79:fb:96:22:6e:9c:e7:86:5d:
24:94:48:8c:67:84:d0:61:e9:07:ab:68:a3:26:11:55:c1:2c:
34:19:49:fd:ea:fb:6e:e1:f4:4e:13:a1:92:02:62:11:f7:c8:
59:e1:45:11:fe:1d:06:f3:32:2d:06:86:3e:49:50:d0:50:d8:
cf:b5:a4:b1:67:af:b3:5c:07:d9:58:cf:14:11:fa:c5:11:71:
b6:22:4f:15:f3:29:87:5d:3b:60:01:27:1a:f4:42:37:b9:d1:
b2:d8:67:10:37:21:bd:3b:1b:13:8f:ab:02:f3:56:51:c5:c6:
c4:65:04:cf:ee:cd:7a:86:21:ff:00:06:b7:db:23:e5:65:f1:
c7:ec:a3:21:2e:7a:d6:9a:9e:68:be:8d:c4:87:42:96:0b:ff:
c1:46:38:9c:3b:49:2b:57:1a:6a:f9:95:45:db:f0:4c:d9:f2:
c1:e5:2a:45:1f:da:73:19:0d:fc:45:d2:13:d7:79:86:01:b4:
34:b6:01:83:8b:f8:49:2a:0a:b5:f3:c4:8b:ef:f7:26:ba:52:
98:11:79:a0:ff:4a:1b:ce:59:d6:c4:8a:22:89:71:7a:05:db:
f1:56:52:d6
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
NzIyMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJGRTRBNDRGM0I2QUUx
OTg1MTk2Q0Q5NkExODQ3NjEwMzI5NjU4MjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClDJzoMd65vntm7DM33EB+lWYowV5/FQyMTX6JHGSZjgleQanc
UXgU8I3tl3iBuQnK4rEY+jDvKTuUmra0LGQxlKk1zN01gywb2y4ubhppfini7iLc
yRv2uljmqXWozPdzfIiWil4pwuAqp9Xmh+gVF6zx/4yTvpgiX9MAhFDGjkmJdqGa
VnVZxQXSBn/mIUX3C9n7D0ALTjFuVSAOI+Lkd6B0lswk6NG2utQ+kmVvnGFGfzCC
J9lldpjewZ3cPSwJ2ryfOT7LIh0P10Sb0qjjtHE6bUOXH0YI74UkUcFeoqfZNMJx
7lSRusQuQua8rgbp4Ay89T5yVlDFJdlvRSARAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUL+SkTztq4ZhRls2WoYR2EDKWWCIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0wtU2tUenRxNFpoUmxz
MldvWVIyRURLV1dDSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALW45yAO4MR8GASo
7wZ0vYFajv8uHQXySy/mU3n7liJunOeGXSSUSIxnhNBh6QeraKMmEVXBLDQZSf3q
+27h9E4ToZICYhH3yFnhRRH+HQbzMi0Ghj5JUNBQ2M+1pLFnr7NcB9lYzxQR+sUR
cbYiTxXzKYddO2ABJxr0Qje50bLYZxA3Ib07GxOPqwLzVlHFxsRlBM/uzXqGIf8A
BrfbI+Vl8cfsoyEuetaanmi+jcSHQpYL/8FGOJw7SStXGmr5lUXb8EzZ8sHlKkUf
2nMZDfxF0hPXeYYBtDS2AYOL+EkqCrXzxIvv9ya6UpgReaD/ShvOWdbEiiKJcXoF
2/FWUtY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:35:01 2025 by rpki-client