Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UWh3rPybJZsf3q-GQ6sLm7fF1jY.roa
File: UWh3rPybJZsf3q-GQ6sLm7fF1jY.roa (raw, json)
Hash identifier: 9TPq+iDlOwmqm3OAfyXJL2Vx4Jl30w2fivRYHKXo4Ts=
Subject key identifier: 51:68:77:AC:FC:9B:25:9B:1F:DE:AF:86:43:AB:0B:9B:B7:C5:D6:36
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3855
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UWh3rPybJZsf3q-GQ6sLm7fF1jY.roa
Signing time: Wed 03 Apr 2024 16:52:19 +0000
ROA not before: Wed 03 Apr 2024 16:52:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14421 (0x3855)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 16:52:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=516877ACFC9B259B1FDEAF8643AB0B9BB7C5D636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5e:98:a6:e3:65:be:34:ea:db:55:52:f9:0c:
08:db:52:55:b9:14:2f:71:c5:04:24:bf:fa:3d:29:
60:fd:12:60:9a:9a:14:54:72:a0:86:d7:61:6d:61:
07:21:b0:30:29:b6:e8:27:12:1f:1b:a5:0f:3c:e9:
cf:71:41:a6:ce:b9:85:dc:0a:b4:d8:c2:a1:74:5c:
ba:32:88:c6:cf:fd:dc:b5:8c:9e:6e:75:6f:09:02:
8d:d1:fc:42:53:a2:29:39:ae:4f:33:28:7c:45:00:
0a:3b:d8:28:7a:01:9b:ae:c3:3f:ef:e2:e9:c6:81:
a7:5c:07:d7:8e:93:91:48:e2:22:40:4b:0b:a5:ce:
18:55:53:4a:9c:71:75:d7:a0:d6:04:17:b5:99:5a:
45:5c:5d:2e:f0:0a:38:6e:90:e9:e7:2d:d1:b1:92:
a3:15:5b:a3:59:1a:58:e1:ae:88:72:1e:04:39:0a:
5c:11:5d:7c:41:44:c8:17:0a:9a:9a:0a:dc:8f:81:
dc:be:b9:10:30:a1:df:49:62:7d:60:7b:4a:4e:0b:
51:2f:ce:8b:96:e4:6b:85:66:c3:ce:08:ff:71:59:
65:1b:a3:5e:83:23:f0:f0:f4:7e:22:9d:46:b5:8a:
9f:4f:f8:68:2f:b8:7f:cf:08:b9:4b:f2:ec:a5:9b:
4e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:68:77:AC:FC:9B:25:9B:1F:DE:AF:86:43:AB:0B:9B:B7:C5:D6:36
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UWh3rPybJZsf3q-GQ6sLm7fF1jY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
14:20:b8:90:24:db:27:ee:c5:d7:15:c8:71:39:e5:5b:8a:81:
94:70:24:b8:cc:75:4e:19:bf:7b:5d:a0:6a:a5:96:6b:c4:5e:
2a:91:fe:69:42:76:d7:64:50:67:28:d4:89:b4:cc:64:69:2a:
0d:d8:1f:c9:8f:0d:df:9e:88:bc:54:5b:6c:0a:e8:3f:f3:19:
42:87:63:41:1f:09:96:ab:b5:e8:bf:28:c5:f9:f4:8a:9f:a5:
52:fe:b1:ee:a5:d8:af:87:df:e7:93:1f:89:ca:68:5e:44:f4:
d3:6d:a0:38:fa:7c:48:ee:dd:8e:36:a9:56:c2:d1:11:9e:ad:
8f:54:a3:c0:9d:bf:bc:fb:47:f3:08:22:bd:e2:cd:b1:f3:da:
8f:d9:42:ca:d9:f8:b0:ab:e1:d7:e9:a7:9f:6b:94:d3:29:3a:
f4:c0:97:f7:09:3c:56:1c:d1:86:e6:70:83:a6:33:a1:fb:6b:
fe:c2:36:3e:c3:86:e4:77:2a:93:23:5f:64:8d:a3:ff:f9:e2:
18:10:bb:e1:b3:69:87:3b:ae:a6:25:5c:5f:0c:0e:3c:18:db:
04:4d:83:f3:83:9f:f9:29:06:7c:8d:65:68:2c:13:82:35:47:
50:bc:04:60:75:8b:67:15:cb:bd:e5:c6:3e:65:88:33:9a:56:
50:07:44:1e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOFUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMx
NjUyMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUxNjg3N0FDRkM5QjI1
OUIxRkRFQUY4NjQzQUIwQjlCQjdDNUQ2MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+Xpim42W+NOrbVVL5DAjbUlW5FC9xxQQkv/o9KWD9EmCamhRU
cqCG12FtYQchsDAptugnEh8bpQ886c9xQabOuYXcCrTYwqF0XLoyiMbP/dy1jJ5u
dW8JAo3R/EJToik5rk8zKHxFAAo72Ch6AZuuwz/v4unGgadcB9eOk5FI4iJASwul
zhhVU0qccXXXoNYEF7WZWkVcXS7wCjhukOnnLdGxkqMVW6NZGljhrohyHgQ5ClwR
XXxBRMgXCpqaCtyPgdy+uRAwod9JYn1ge0pOC1EvzouW5GuFZsPOCP9xWWUbo16D
I/Dw9H4inUa1ip9P+GgvuH/PCLlL8uylm06fAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUUWh3rPybJZsf3q+GQ6sLm7fF1jYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VXaDNyUHliSlpzZjNx
LUdRNnNMbTdmRjFqWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABQguJAk2yfuxdcV
yHE55VuKgZRwJLjMdU4Zv3tdoGqllmvEXiqR/mlCdtdkUGco1Im0zGRpKg3YH8mP
Dd+eiLxUW2wK6D/zGUKHY0EfCZartei/KMX59IqfpVL+se6l2K+H3+eTH4nKaF5E
9NNtoDj6fEju3Y42qVbC0RGerY9Uo8Cdv7z7R/MIIr3izbHz2o/ZQsrZ+LCr4dfp
p59rlNMpOvTAl/cJPFYc0YbmcIOmM6H7a/7CNj7DhuR3KpMjX2SNo//54hgQu+Gz
aYc7rqYlXF8MDjwY2wRNg/ODn/kpBnyNZWgsE4I1R1C8BGB1i2cVy73lxj5liDOa
VlAHRB4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:14 2025 by rpki-client