Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Y27e3-prBpMixK3V7A_FgUtnv5E.roa
File: Y27e3-prBpMixK3V7A_FgUtnv5E.roa (raw, json)
Hash identifier: CGj6SKURVCAE/7RCqo3KIb4TOgv8u/ph/hJfYFRSLXo=
Subject key identifier: 63:6E:DE:DF:EA:6B:06:93:22:C4:AD:D5:EC:0F:C5:81:4B:67:BF:91
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DC1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Y27e3-prBpMixK3V7A_FgUtnv5E.roa
Signing time: Wed 10 Apr 2024 22:22:46 +0000
ROA not before: Wed 10 Apr 2024 22:22:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15809 (0x3dc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 22:22:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=636EDEDFEA6B069322C4ADD5EC0FC5814B67BF91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:27:0e:70:3e:7a:7a:78:ff:a3:c5:4c:dc:a7:
e7:8c:02:bc:a3:c9:1b:65:e6:b3:20:55:a9:ee:c2:
58:08:e8:f5:1a:ab:da:b0:6a:0d:c5:c0:0a:0e:b7:
8a:94:ca:1a:76:bc:ad:68:25:f3:b3:12:94:f3:25:
39:a8:02:48:43:9f:ce:ef:11:92:2c:bc:40:06:2a:
eb:b7:38:40:67:87:9d:70:06:5b:e2:bd:f6:ae:38:
79:aa:96:89:5f:66:3e:81:f2:7d:0d:4f:ee:95:88:
ba:d1:da:9c:e7:a8:ff:d4:aa:e3:5e:c0:db:a4:30:
dd:ab:e0:03:f6:91:2f:c1:e5:c3:f3:f9:2c:77:a9:
1f:67:ae:6a:f9:ac:31:00:13:6b:7e:de:17:c9:d5:
ed:d9:40:f5:57:80:1f:93:71:2a:15:a8:15:b1:2b:
01:3b:30:c6:33:3b:fe:7a:1f:bb:9b:5c:c9:94:b0:
11:78:e8:af:a4:c3:90:34:4d:23:03:e0:05:5a:a3:
ff:45:c3:fa:ca:0c:ea:97:13:34:04:ae:4e:22:cd:
74:42:87:e7:17:28:e0:0a:47:58:12:f8:4d:31:a4:
b7:17:42:4f:92:32:44:76:07:1a:66:88:42:98:70:
e5:e6:88:4f:d6:3f:37:a6:45:f8:1e:fa:aa:1c:11:
4a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:6E:DE:DF:EA:6B:06:93:22:C4:AD:D5:EC:0F:C5:81:4B:67:BF:91
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Y27e3-prBpMixK3V7A_FgUtnv5E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
98:49:67:0d:7b:56:f2:0a:e7:d2:6c:bd:6b:95:fe:5d:92:b4:
35:73:8c:38:20:64:25:ad:6a:7b:c6:be:f3:61:5d:e0:12:fe:
e3:22:a2:40:8f:10:0d:4d:13:d2:90:e1:9c:de:9c:7b:bd:5d:
cc:35:4b:39:62:2f:ec:b1:56:04:d9:a7:95:82:b3:79:a3:c6:
9e:6e:94:b7:6a:b1:e0:f8:3a:aa:4c:84:fc:a1:0d:58:0d:ff:
4e:00:ef:80:9f:7c:05:39:a0:d8:70:55:2b:7c:73:66:97:31:
2c:e2:37:fb:aa:39:c4:2e:e8:b9:43:2f:ef:11:ed:38:79:81:
81:e8:f5:9f:86:06:fa:b7:bd:e2:48:59:65:ec:c0:97:c8:a6:
c4:a4:bf:11:f9:ab:10:8e:5f:4e:2e:b0:b9:f4:c6:b4:ad:dd:
eb:31:e0:77:33:7f:ef:83:e5:be:fe:fa:de:18:91:3c:2f:79:
61:1c:7a:11:ab:a7:79:d9:9e:e4:17:7a:ba:9d:fc:3e:be:2b:
8a:7f:12:ff:08:02:c7:61:c2:22:57:ae:0c:d2:a5:de:85:cd:
d5:63:6e:1f:4e:10:c8:82:60:77:24:23:7a:04:09:da:2f:69:
88:4c:3b:c2:bf:4c:46:65:10:97:a0:94:16:ee:ca:0b:31:96:
ee:b9:0e:4b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPcEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAy
MjIyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYzNkVERURGRUE2QjA2
OTMyMkM0QURENUVDMEZDNTgxNEI2N0JGOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfJw5wPnp6eP+jxUzcp+eMAryjyRtl5rMgVanuwlgI6PUaq9qw
ag3FwAoOt4qUyhp2vK1oJfOzEpTzJTmoAkhDn87vEZIsvEAGKuu3OEBnh51wBlvi
vfauOHmqlolfZj6B8n0NT+6ViLrR2pznqP/UquNewNukMN2r4AP2kS/B5cPz+Sx3
qR9nrmr5rDEAE2t+3hfJ1e3ZQPVXgB+TcSoVqBWxKwE7MMYzO/56H7ubXMmUsBF4
6K+kw5A0TSMD4AVao/9Fw/rKDOqXEzQErk4izXRCh+cXKOAKR1gS+E0xpLcXQk+S
MkR2BxpmiEKYcOXmiE/WPzemRfge+qocEUqVAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUY27e3+prBpMixK3V7A/FgUtnv5EwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1kyN2UzLXByQnBNaXhL
M1Y3QV9GZ1V0bnY1RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJhJZw17VvIK59Js
vWuV/l2StDVzjDggZCWtanvGvvNhXeAS/uMiokCPEA1NE9KQ4ZzenHu9Xcw1Szli
L+yxVgTZp5WCs3mjxp5ulLdqseD4OqpMhPyhDVgN/04A74CffAU5oNhwVSt8c2aX
MSziN/uqOcQu6LlDL+8R7Th5gYHo9Z+GBvq3veJIWWXswJfIpsSkvxH5qxCOX04u
sLn0xrSt3esx4Hczf++D5b7++t4YkTwveWEcehGrp3nZnuQXerqd/D6+K4p/Ev8I
AsdhwiJXrgzSpd6FzdVjbh9OEMiCYHckI3oECdovaYhMO8K/TEZlEJeglBbuygsx
lu65Dks=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:09:48 2025 by rpki-client