Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kR4n8HwmUJTRnUQsiRROEKjkS4U.roa
File: kR4n8HwmUJTRnUQsiRROEKjkS4U.roa (raw, json)
Hash identifier: 30ExuzVPkRUGhOF/dc3EEhkMP6XSuvYJ5OGvlbi2W3o=
Subject key identifier: 91:1E:27:F0:7C:26:50:94:D1:9D:44:2C:89:14:4E:10:A8:E4:4B:85
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 404D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kR4n8HwmUJTRnUQsiRROEKjkS4U.roa
Signing time: Sun 14 Apr 2024 07:52:53 +0000
ROA not before: Sun 14 Apr 2024 07:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16461 (0x404d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 07:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=911E27F07C265094D19D442C89144E10A8E44B85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cd:5c:90:a3:4c:6b:f1:48:c2:45:7b:e9:fc:
b7:db:f8:32:0b:cd:c3:fc:04:3f:c0:5a:9b:68:7e:
3c:3e:f9:9a:47:54:20:eb:16:7e:e4:07:ab:df:cb:
6e:58:e4:10:b0:ca:2b:d3:73:1f:c2:f7:a3:8f:09:
e1:c0:c3:fa:e6:02:ce:fd:c4:80:e9:cd:48:b5:58:
f7:f3:f2:d4:34:15:92:cf:65:76:c3:0d:69:f4:f0:
b0:6c:b1:92:91:74:23:3a:74:e8:4d:1e:f5:21:33:
69:7a:4e:10:73:8a:53:83:db:a3:e5:b2:a2:f4:44:
a3:b9:b7:65:aa:30:12:a9:4b:82:6b:f4:68:7b:50:
94:26:17:66:da:da:03:e2:cb:cd:3e:49:95:03:e4:
fc:c5:57:5d:c2:83:ce:2b:4f:78:01:88:02:38:9c:
5a:ae:91:eb:72:91:bb:01:a5:16:94:79:04:d8:cb:
f8:6c:87:eb:f6:c3:af:c2:f5:9e:11:f1:5f:84:f8:
fb:d8:03:d9:fd:6c:77:b6:a1:8a:e5:a1:76:1e:70:
3b:df:97:7b:7e:6e:0f:c9:26:e4:18:d4:2d:f1:b6:
ee:f0:73:44:c6:77:d5:54:9b:f0:39:e7:58:99:0d:
4a:5f:e4:ff:7c:60:c2:16:3d:28:a3:3f:3c:dc:c4:
75:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1E:27:F0:7C:26:50:94:D1:9D:44:2C:89:14:4E:10:A8:E4:4B:85
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kR4n8HwmUJTRnUQsiRROEKjkS4U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
52:89:d0:14:57:a5:73:c2:27:36:e9:3c:19:ef:aa:bf:ba:26:
ab:c3:e6:f5:fc:af:ef:44:ca:b4:f5:16:ba:34:88:1d:14:aa:
12:07:a2:6d:32:de:69:22:ed:fa:34:65:11:dc:b0:09:55:12:
4d:98:4d:5a:4b:93:de:dd:48:32:dc:c2:c5:90:2b:b9:16:7b:
4c:fa:03:de:c8:8e:53:6e:9a:70:66:1f:32:53:ab:2f:b9:09:
de:31:4e:24:fe:ba:eb:28:8a:7f:10:9b:77:c4:12:8f:c5:4c:
36:cb:01:02:00:72:d5:37:ec:ac:b9:27:0b:fb:f7:4a:00:24:
33:58:9b:d3:3c:31:ae:2b:48:52:73:0d:7c:cd:16:79:c4:3d:
88:92:a4:f7:f2:f0:13:1d:e7:4c:f3:e5:4c:71:9d:80:fc:e9:
d9:84:c4:e5:97:6e:e8:71:c8:92:9f:74:2b:db:0d:23:ad:ed:
7a:5f:fd:80:59:33:d2:43:30:d8:d9:63:47:6c:64:4e:83:22:
c4:86:6f:43:79:ff:70:b8:ed:b7:e1:07:fe:f6:d2:e0:26:df:
b0:b3:f8:fe:83:8d:89:0e:fc:77:4d:4f:f2:e2:94:59:e8:64:
e5:85:3a:32:60:5d:b6:47:83:c8:10:35:80:54:e1:8f:48:ed:
12:40:b7:66
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQE0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQw
NzUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkxMUUyN0YwN0MyNjUw
OTREMTlENDQyQzg5MTQ0RTEwQThFNDRCODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNzVyQo0xr8UjCRXvp/Lfb+DILzcP8BD/AWptofjw++ZpHVCDr
Fn7kB6vfy25Y5BCwyivTcx/C96OPCeHAw/rmAs79xIDpzUi1WPfz8tQ0FZLPZXbD
DWn08LBssZKRdCM6dOhNHvUhM2l6ThBzilOD26PlsqL0RKO5t2WqMBKpS4Jr9Gh7
UJQmF2ba2gPiy80+SZUD5PzFV13Cg84rT3gBiAI4nFquketykbsBpRaUeQTYy/hs
h+v2w6/C9Z4R8V+E+PvYA9n9bHe2oYrloXYecDvfl3t+bg/JJuQY1C3xtu7wc0TG
d9VUm/A551iZDUpf5P98YMIWPSijPzzcxHUJAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUkR4n8HwmUJTRnUQsiRROEKjkS4UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tSNG44SHdtVUpUUm5V
UXNpUlJPRUtqa1M0VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFKJ0BRXpXPCJzbp
PBnvqr+6JqvD5vX8r+9EyrT1Fro0iB0UqhIHom0y3mki7fo0ZRHcsAlVEk2YTVpL
k97dSDLcwsWQK7kWe0z6A97IjlNumnBmHzJTqy+5Cd4xTiT+uusoin8Qm3fEEo/F
TDbLAQIActU37Ky5Jwv790oAJDNYm9M8Ma4rSFJzDXzNFnnEPYiSpPfy8BMd50zz
5UxxnYD86dmExOWXbuhxyJKfdCvbDSOt7Xpf/YBZM9JDMNjZY0dsZE6DIsSGb0N5
/3C47bfhB/720uAm37Cz+P6DjYkO/HdNT/LilFnoZOWFOjJgXbZHg8gQNYBU4Y9I
7RJAt2Y=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:08 2025 by rpki-client