Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Ore628Ixm92qYtzKKt7xzxulMMY.roa
File: Ore628Ixm92qYtzKKt7xzxulMMY.roa (raw, json)
Hash identifier: lIKo0jDriscIYccj+5QLjqLcPxBcHmssnA3AApuT2vs=
Subject key identifier: 3A:B7:BA:DB:C2:31:9B:DD:AA:62:DC:CA:2A:DE:F1:CF:1B:A5:30:C6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34A1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ore628Ixm92qYtzKKt7xzxulMMY.roa
Signing time: Fri 29 Mar 2024 18:22:05 +0000
ROA not before: Fri 29 Mar 2024 18:22:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13473 (0x34a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 18:22:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3AB7BADBC2319BDDAA62DCCA2ADEF1CF1BA530C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:04:ae:ab:b9:81:79:9e:4a:c7:c2:73:5b:e6:
d1:cb:ee:b2:c1:a5:81:73:e4:45:5c:b3:9b:2f:34:
96:00:f6:1d:5b:61:61:f7:3e:98:55:46:76:97:7f:
b7:93:fd:0f:9f:b1:af:36:c5:34:35:43:b0:bd:67:
87:27:ee:a0:4e:8c:e0:41:98:f2:64:dd:f9:76:72:
05:a8:73:e2:75:09:63:ca:82:a0:89:6c:0c:62:6c:
99:52:18:a3:3c:21:dc:6a:9f:de:ad:cd:46:b8:0c:
0e:63:23:a9:59:56:03:a0:73:c2:55:57:30:98:f0:
3b:44:25:ef:ac:74:e7:b4:99:97:0b:59:22:ca:12:
39:21:23:08:b5:a3:49:cd:ac:93:3a:9d:39:98:5b:
08:5b:cd:d0:df:23:11:4e:cb:ac:c9:c0:28:8b:fe:
7e:d5:2b:9d:7d:c4:66:c1:65:34:bf:a3:53:8c:7f:
7c:26:08:ba:07:2c:c9:c3:af:0d:e8:6d:60:e2:0f:
9b:c2:58:5e:9e:c3:fd:04:45:9f:37:ac:09:5c:34:
c4:0c:82:30:2d:55:d1:dc:53:88:17:f0:43:dc:ba:
10:04:0d:c7:f4:4b:73:17:23:7c:cb:25:c2:4c:da:
4b:35:c2:6e:fb:24:f3:81:6d:26:c6:91:ad:31:b2:
57:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B7:BA:DB:C2:31:9B:DD:AA:62:DC:CA:2A:DE:F1:CF:1B:A5:30:C6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ore628Ixm92qYtzKKt7xzxulMMY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6c:33:8f:77:68:7e:c2:2d:70:2f:d2:a7:ed:7d:df:30:ae:13:
0f:ad:8a:92:36:d9:69:df:5e:68:d3:05:a2:12:7d:68:1b:1a:
c8:05:3e:cf:be:a8:d3:f1:70:ea:05:16:42:a2:4e:bf:03:23:
b4:58:4a:52:df:ea:33:63:4f:6c:83:4b:b8:7e:2f:db:ca:b1:
8d:04:db:17:c8:47:1d:78:5e:7f:21:78:07:f3:29:82:ec:dd:
dd:f4:d5:f4:f7:24:23:1c:52:9c:19:3f:80:3b:97:1b:c7:1c:
db:87:6a:f7:af:8d:a2:b9:03:0f:38:c7:0f:74:3f:63:fb:7d:
bf:21:40:7c:82:73:87:60:ea:a4:e2:bf:0d:1b:d6:28:12:6f:
a5:fc:95:71:ec:5c:8b:26:a7:ae:3c:ff:12:7b:b1:22:79:a8:
d6:87:2e:37:4e:b6:38:8e:4e:bf:ca:d4:e2:c7:73:43:0c:20:
cd:39:46:8c:90:90:89:30:f5:a3:00:9d:9f:e1:91:e6:9d:b1:
cc:58:08:8a:ae:4a:45:31:cb:a2:f1:6d:e9:d3:7e:d2:4e:8c:
10:04:28:a4:36:ba:14:14:ae:cf:65:ba:2a:e6:b5:df:04:b8:
a5:29:41:3e:01:71:b0:3c:82:e0:34:f2:54:51:07:96:c4:23:
60:8c:c8:3b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNKEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkx
ODIyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNBQjdCQURCQzIzMTlC
RERBQTYyRENDQTJBREVGMUNGMUJBNTMwQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCYBK6ruYF5nkrHwnNb5tHL7rLBpYFz5EVcs5svNJYA9h1bYWH3
PphVRnaXf7eT/Q+fsa82xTQ1Q7C9Z4cn7qBOjOBBmPJk3fl2cgWoc+J1CWPKgqCJ
bAxibJlSGKM8Idxqn96tzUa4DA5jI6lZVgOgc8JVVzCY8DtEJe+sdOe0mZcLWSLK
EjkhIwi1o0nNrJM6nTmYWwhbzdDfIxFOy6zJwCiL/n7VK519xGbBZTS/o1OMf3wm
CLoHLMnDrw3obWDiD5vCWF6ew/0ERZ83rAlcNMQMgjAtVdHcU4gX8EPcuhAEDcf0
S3MXI3zLJcJM2ks1wm77JPOBbSbGka0xsleZAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUOre628Ixm92qYtzKKt7xzxulMMYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09yZTYyOEl4bTkycVl0
ektLdDd4enh1bE1NWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGwzj3dofsItcC/S
p+193zCuEw+tipI22WnfXmjTBaISfWgbGsgFPs++qNPxcOoFFkKiTr8DI7RYSlLf
6jNjT2yDS7h+L9vKsY0E2xfIRx14Xn8heAfzKYLs3d301fT3JCMcUpwZP4A7lxvH
HNuHavevjaK5Aw84xw90P2P7fb8hQHyCc4dg6qTivw0b1igSb6X8lXHsXIsmp648
/xJ7sSJ5qNaHLjdOtjiOTr/K1OLHc0MMIM05RoyQkIkw9aMAnZ/hkeadscxYCIqu
SkUxy6LxbenTftJOjBAEKKQ2uhQUrs9luirmtd8EuKUpQT4BcbA8guA08lRRB5bE
I2CMyDs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:10 2025 by rpki-client