Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/O7OdyPvvtHsK2K-2dKYuGo9CfcM.roa
File: O7OdyPvvtHsK2K-2dKYuGo9CfcM.roa (raw, json)
Hash identifier: QHLTALumFVr/gUttVaHPjgg3hUl++NYjUNpPnqsnkCs=
Subject key identifier: 3B:B3:9D:C8:FB:EF:B4:7B:0A:D8:AF:B6:74:A6:2E:1A:8F:42:7D:C3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FB1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/O7OdyPvvtHsK2K-2dKYuGo9CfcM.roa
Signing time: Sat 04 May 2024 20:23:48 +0000
ROA not before: Sat 04 May 2024 20:23:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20401 (0x4fb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 20:23:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3BB39DC8FBEFB47B0AD8AFB674A62E1A8F427DC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5f:1e:58:76:ec:07:f1:6e:10:25:62:bd:01:
72:06:7f:1a:4f:df:46:d9:ea:11:87:f0:1c:ab:e8:
3b:89:ef:a2:72:ab:a1:49:62:48:d1:c8:09:cd:ba:
f9:bb:d1:c4:3b:7e:63:ea:1f:05:1f:5b:50:ef:22:
d8:80:dd:9b:95:e7:11:d7:27:bd:a7:30:ba:75:99:
67:10:f9:f3:fc:77:5e:65:cd:2c:89:e4:0f:c3:4c:
0d:6c:84:5d:d6:e2:21:82:2c:8b:9d:3d:7b:f8:67:
cc:fc:26:f2:b0:7f:b2:c8:d4:ed:49:d5:7d:da:38:
a5:be:54:a9:37:cf:12:d2:34:2a:c7:b0:71:e6:d1:
87:2f:2a:67:ee:c1:78:d9:5f:bf:41:54:fc:60:da:
97:ad:16:12:ab:43:88:b0:bd:8c:2a:47:b2:51:94:
95:90:b7:26:48:73:78:ce:fa:60:db:2b:55:fd:48:
0f:4d:bb:ab:4d:da:ce:c7:1f:73:e2:b4:f4:83:1a:
a8:86:a7:d5:6f:99:d9:3c:68:e1:09:66:1c:c3:d9:
40:bc:ad:ce:82:ba:4d:9b:63:ca:a7:0b:b0:c4:2e:
89:2c:f0:6b:97:4f:8a:18:54:76:62:5c:5d:c7:cf:
68:2f:d6:22:6d:6d:8c:02:60:e9:b3:c6:bd:de:38:
43:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B3:9D:C8:FB:EF:B4:7B:0A:D8:AF:B6:74:A6:2E:1A:8F:42:7D:C3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/O7OdyPvvtHsK2K-2dKYuGo9CfcM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
29:11:4d:95:05:c4:42:03:29:25:e4:8a:22:64:62:df:36:ef:
1a:74:48:15:d2:f1:77:87:17:68:60:5e:12:d5:ee:8b:1a:4c:
17:00:2a:36:dc:62:f5:dc:74:03:e2:5c:74:08:61:21:8d:b2:
2d:28:38:6f:7b:7c:0c:9b:c9:2a:90:ac:81:6b:d5:9a:0e:fe:
f0:d6:b0:b1:8a:3f:22:dc:38:76:21:61:e6:d5:5e:22:74:2b:
c7:ec:1f:fd:9a:34:cd:e8:68:16:ab:0b:21:11:fd:d2:4f:7d:
22:9c:f5:55:87:8d:01:71:fa:23:79:e8:38:14:0c:7a:a2:7c:
4e:84:51:a2:35:8f:8b:0b:91:d4:00:22:7f:b2:e6:e5:2d:38:
98:cc:7e:62:d6:e2:ad:77:e7:5e:f4:0c:fd:86:f2:d2:2e:ef:
5e:28:e3:51:df:60:d4:01:30:5d:73:35:4a:41:d5:d2:dd:3f:
1c:f7:7e:ae:4c:4c:7b:7c:36:06:53:38:90:81:0c:98:15:a4:
f7:56:6d:e3:14:2c:c2:ac:24:1f:7d:34:55:7d:e0:1a:8f:fb:
4a:dd:b2:a5:6b:7e:b9:11:3b:94:ae:b1:4d:b3:a7:15:86:be:
90:60:c6:a2:f8:21:07:6d:ba:0f:26:64:73:f6:c7:0b:0b:cf:
2f:1e:46:8f
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICT7EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQy
MDIzNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNCQjM5REM4RkJFRkI0
N0IwQUQ4QUZCNjc0QTYyRTFBOEY0MjdEQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRXx5YduwH8W4QJWK9AXIGfxpP30bZ6hGH8Byr6DuJ76Jyq6FJ
YkjRyAnNuvm70cQ7fmPqHwUfW1DvItiA3ZuV5xHXJ72nMLp1mWcQ+fP8d15lzSyJ
5A/DTA1shF3W4iGCLIudPXv4Z8z8JvKwf7LI1O1J1X3aOKW+VKk3zxLSNCrHsHHm
0YcvKmfuwXjZX79BVPxg2petFhKrQ4iwvYwqR7JRlJWQtyZIc3jO+mDbK1X9SA9N
u6tN2s7HH3PitPSDGqiGp9Vvmdk8aOEJZhzD2UC8rc6Cuk2bY8qnC7DELoks8GuX
T4oYVHZiXF3Hz2gv1iJtbYwCYOmzxr3eOEN3AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUO7OdyPvvtHsK2K+2dKYuGo9CfcMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L083T2R5UHZ2dEhzSzJL
LTJkS1l1R285Q2ZjTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACkRTZUFxEIDKSXk
iiJkYt827xp0SBXS8XeHF2hgXhLV7osaTBcAKjbcYvXcdAPiXHQIYSGNsi0oOG97
fAybySqQrIFr1ZoO/vDWsLGKPyLcOHYhYebVXiJ0K8fsH/2aNM3oaBarCyER/dJP
fSKc9VWHjQFx+iN56DgUDHqifE6EUaI1j4sLkdQAIn+y5uUtOJjMfmLW4q135170
DP2G8tIu714o41HfYNQBMF1zNUpB1dLdPxz3fq5MTHt8NgZTOJCBDJgVpPdWbeMU
LMKsJB99NFV94BqP+0rdsqVrfrkRO5SusU2zpxWGvpBgxqL4IQdtug8mZHP2xwsL
zy8eRo8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:19:20 2025 by rpki-client