Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/M1NydFQNUNjv3S2XBVv3CJwuouo.roa
File: M1NydFQNUNjv3S2XBVv3CJwuouo.roa (raw, json)
Hash identifier: pnfiJw4S5qlO4HJl2vnjsAd7jLR7BX4f2hY78LL1km0=
Subject key identifier: 33:53:72:74:54:0D:50:D8:EF:DD:2D:97:05:5B:F7:08:9C:2E:A2:EA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3441
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/M1NydFQNUNjv3S2XBVv3CJwuouo.roa
Signing time: Fri 29 Mar 2024 06:22:32 +0000
ROA not before: Fri 29 Mar 2024 06:22:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13377 (0x3441)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 06:22:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=33537274540D50D8EFDD2D97055BF7089C2EA2EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:3c:c4:89:2f:28:76:e4:90:65:eb:a6:b8:3f:
5c:04:6f:0e:4c:35:f5:1a:d0:8e:28:5f:b0:5b:35:
af:e1:6a:57:05:d8:e5:60:59:c4:51:65:fe:50:86:
9e:3e:be:1f:cb:d3:05:b2:79:97:f4:61:72:3e:93:
56:47:42:33:ef:8b:11:2d:90:da:e2:f8:ea:fd:53:
f3:c7:93:39:2f:4b:11:ad:22:aa:f9:84:84:72:9d:
72:e8:df:6e:04:a4:4f:22:ba:38:5c:9f:e7:dc:46:
d7:5d:c9:ea:a6:e3:b9:d2:7b:f4:99:b7:4e:a2:bf:
05:e6:c5:4b:98:39:d2:d0:88:04:b5:50:1e:e1:c5:
85:0d:29:00:d3:4f:ae:10:ff:39:37:6b:3e:95:95:
9c:4a:fb:88:0d:9f:ef:f6:b8:0c:1b:d3:7f:25:de:
a5:aa:16:aa:fa:f3:7c:5f:b3:33:6e:40:3b:2a:cb:
0c:c3:97:81:f0:53:72:51:75:ee:6d:3d:ee:4c:6d:
61:2e:96:0a:bc:81:b7:78:70:17:00:bd:7a:69:d9:
35:32:e6:f2:4d:bb:2e:73:fb:fa:53:1c:2f:ac:38:
45:26:ca:81:76:21:50:f6:7e:eb:8b:30:53:84:5f:
9a:b0:70:28:25:dc:ba:a6:39:bf:1d:62:12:ef:62:
41:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:53:72:74:54:0D:50:D8:EF:DD:2D:97:05:5B:F7:08:9C:2E:A2:EA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/M1NydFQNUNjv3S2XBVv3CJwuouo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5c:32:dd:9e:d9:1b:d1:8e:9c:3a:b2:03:96:54:58:d7:66:2d:
8a:34:57:e5:73:11:90:5f:ad:7d:02:42:e2:36:04:61:33:cc:
28:d3:50:26:f3:a0:60:fc:34:16:d5:ad:0e:3c:39:89:e9:21:
68:39:f4:6f:e8:5e:9a:51:c7:f4:48:ed:ea:6f:22:46:ec:8d:
1d:6b:ad:2a:a4:c1:b6:62:f7:53:75:5d:16:5f:51:d5:a4:8c:
72:c0:5c:bf:f1:49:1e:41:f9:24:be:68:0c:5e:5a:1a:13:46:
ed:28:f4:9c:d6:2d:05:42:9d:11:56:3c:65:28:96:75:53:61:
cd:61:10:b9:1a:57:96:dd:66:a5:4d:fd:78:24:41:a6:b2:87:
56:d9:b7:77:c5:04:54:62:f4:ef:cc:cf:6d:42:0a:82:bb:5f:
a4:be:f9:55:62:17:b1:7c:6f:07:a0:7f:6a:84:4b:74:e6:85:
38:09:d8:08:eb:00:28:a4:b4:e0:d1:fe:b5:45:25:c4:43:75:
a5:e9:eb:80:af:2c:3c:28:c9:95:27:01:a7:5b:df:4f:d9:a3:
11:c2:81:7c:0e:2d:81:30:f6:95:6b:58:55:4a:a9:f1:d4:77:
c6:c5:8b:48:4e:0f:b6:2f:e4:86:2b:cf:aa:42:31:31:8c:c5:
3e:79:52:cf
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNEEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
NjIyMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMzNTM3Mjc0NTQwRDUw
RDhFRkREMkQ5NzA1NUJGNzA4OUMyRUEyRUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVPMSJLyh25JBl66a4P1wEbw5MNfUa0I4oX7BbNa/halcF2OVg
WcRRZf5Qhp4+vh/L0wWyeZf0YXI+k1ZHQjPvixEtkNri+Or9U/PHkzkvSxGtIqr5
hIRynXLo324EpE8iujhcn+fcRtddyeqm47nSe/SZt06ivwXmxUuYOdLQiAS1UB7h
xYUNKQDTT64Q/zk3az6VlZxK+4gNn+/2uAwb038l3qWqFqr683xfszNuQDsqywzD
l4HwU3JRde5tPe5MbWEulgq8gbd4cBcAvXpp2TUy5vJNuy5z+/pTHC+sOEUmyoF2
IVD2fuuLMFOEX5qwcCgl3LqmOb8dYhLvYkF7AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUM1NydFQNUNjv3S2XBVv3CJwuouowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L00xTnlkRlFOVU5qdjNT
MlhCVnYzQ0p3dW91by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFwy3Z7ZG9GOnDqy
A5ZUWNdmLYo0V+VzEZBfrX0CQuI2BGEzzCjTUCbzoGD8NBbVrQ48OYnpIWg59G/o
XppRx/RI7epvIkbsjR1rrSqkwbZi91N1XRZfUdWkjHLAXL/xSR5B+SS+aAxeWhoT
Ru0o9JzWLQVCnRFWPGUolnVTYc1hELkaV5bdZqVN/XgkQaayh1bZt3fFBFRi9O/M
z21CCoK7X6S++VViF7F8bwegf2qES3TmhTgJ2AjrACiktODR/rVFJcRDdaXp64Cv
LDwoyZUnAadb30/ZoxHCgXwOLYEw9pVrWFVKqfHUd8bFi0hOD7Yv5IYrz6pCMTGM
xT55Us8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:35:18 2025 by rpki-client