Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mG3yZpnIsAtRX_wZSF6hmYMi-4U.roa
File: mG3yZpnIsAtRX_wZSF6hmYMi-4U.roa (raw, json)
Hash identifier: 7psjcYBnCIWs5r/3yRj2E838rFqa06dXSOADzgv2Jvk=
Subject key identifier: 98:6D:F2:66:99:C8:B0:0B:51:5F:FC:19:48:5E:A1:99:83:22:FB:85
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4975
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mG3yZpnIsAtRX_wZSF6hmYMi-4U.roa
Signing time: Fri 26 Apr 2024 12:53:19 +0000
ROA not before: Fri 26 Apr 2024 12:53:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18805 (0x4975)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 26 12:53:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=986DF26699C8B00B515FFC19485EA1998322FB85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1d:e6:95:2c:a9:5d:5a:c8:16:dd:29:7d:07:
01:e9:f6:36:cf:f8:f8:7f:a7:1c:cc:9e:24:ad:40:
01:ce:58:3d:d9:14:23:a4:bd:31:44:4e:98:50:d4:
c0:47:e5:ae:dd:d7:1c:cf:f8:28:88:ba:46:3f:7d:
04:77:fc:68:2d:b5:c0:c0:6c:78:0e:b1:56:f2:0b:
c1:c2:3d:c4:50:f9:38:b7:d4:32:45:4a:95:36:b0:
a7:20:b3:73:89:35:fc:4c:5d:e9:30:c1:d8:b8:a8:
64:74:54:db:11:84:7e:61:e8:c5:22:10:ed:c5:8b:
e2:64:18:96:97:5d:6e:cb:25:ec:00:c7:bb:e7:06:
24:22:8f:15:09:f9:52:fd:09:3d:a4:23:de:e2:c6:
78:b8:ac:9a:6b:26:4a:c5:ed:4f:9d:30:2f:c1:fa:
51:10:e5:a6:78:1f:63:04:a6:9d:eb:e1:e1:cf:90:
5b:f8:a7:25:88:6d:1e:8b:a3:95:69:f2:e8:06:c0:
e4:3d:b5:89:7e:9b:ce:a8:3e:14:1e:75:b4:da:4f:
9d:c2:7e:18:86:4d:3a:c9:48:a8:5d:28:4b:6c:38:
09:9b:2f:19:81:b6:c9:68:80:8d:4a:d0:75:87:a8:
35:c3:9f:c8:a4:35:3c:6a:41:18:11:de:9c:52:57:
4a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6D:F2:66:99:C8:B0:0B:51:5F:FC:19:48:5E:A1:99:83:22:FB:85
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mG3yZpnIsAtRX_wZSF6hmYMi-4U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
99:fb:0e:59:ad:5b:b0:32:5d:d1:a2:65:5e:c2:6f:7f:6a:44:
c4:87:9b:a0:b1:de:d9:3f:e5:c9:61:83:ae:37:03:1c:d0:a0:
af:78:53:95:cf:97:67:43:3e:f3:30:85:d2:99:fe:26:5c:c6:
c5:fc:7b:bb:ce:0c:bd:e8:56:1c:2b:b6:70:21:42:8f:21:36:
6a:3b:b5:67:15:2c:30:a6:17:5a:05:f1:b3:ab:47:a0:e9:f7:
41:7c:38:56:73:1a:3c:85:cb:80:e7:4b:bd:75:e2:5c:48:5c:
90:b2:8f:ad:42:5b:ce:ca:46:d4:4a:48:d5:fd:9f:69:08:66:
52:64:d5:fb:f8:b7:f7:af:03:30:e2:22:ed:5f:e3:7d:b6:71:
aa:cb:14:15:26:4a:38:df:6d:8c:f6:b2:14:0c:b5:42:12:3f:
5f:63:c6:36:78:4c:5d:1d:af:a1:a4:a8:37:2e:3c:3c:6c:56:
ed:f2:ae:97:0b:62:29:1d:42:4d:af:7d:dc:1b:ed:dd:18:19:
d3:67:93:49:c0:72:7a:5f:81:4e:10:87:40:60:44:79:4d:e4:
05:c4:8c:08:55:27:1f:c7:d3:7c:a1:aa:4e:e3:28:2d:1e:ec:
34:52:9e:8f:14:60:8b:07:81:e8:13:c3:cf:6b:95:7a:d8:30:
38:3b:88:70
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSXUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjYx
MjUzMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk4NkRGMjY2OTlDOEIw
MEI1MTVGRkMxOTQ4NUVBMTk5ODMyMkZCODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWHeaVLKldWsgW3Sl9BwHp9jbP+Ph/pxzMniStQAHOWD3ZFCOk
vTFETphQ1MBH5a7d1xzP+CiIukY/fQR3/GgttcDAbHgOsVbyC8HCPcRQ+Ti31DJF
SpU2sKcgs3OJNfxMXekwwdi4qGR0VNsRhH5h6MUiEO3Fi+JkGJaXXW7LJewAx7vn
BiQijxUJ+VL9CT2kI97ixni4rJprJkrF7U+dMC/B+lEQ5aZ4H2MEpp3r4eHPkFv4
pyWIbR6Lo5Vp8ugGwOQ9tYl+m86oPhQedbTaT53CfhiGTTrJSKhdKEtsOAmbLxmB
tslogI1K0HWHqDXDn8ikNTxqQRgR3pxSV0r1AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUmG3yZpnIsAtRX/wZSF6hmYMi+4UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21HM3lacG5Jc0F0Ulhf
d1pTRjZobVlNaS00VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJn7DlmtW7AyXdGi
ZV7Cb39qRMSHm6Cx3tk/5clhg643AxzQoK94U5XPl2dDPvMwhdKZ/iZcxsX8e7vO
DL3oVhwrtnAhQo8hNmo7tWcVLDCmF1oF8bOrR6Dp90F8OFZzGjyFy4DnS7114lxI
XJCyj61CW87KRtRKSNX9n2kIZlJk1fv4t/evAzDiIu1f4322carLFBUmSjjfbYz2
shQMtUISP19jxjZ4TF0dr6GkqDcuPDxsVu3yrpcLYikdQk2vfdwb7d0YGdNnk0nA
cnpfgU4Qh0BgRHlN5AXEjAhVJx/H03yhqk7jKC0e7DRSno8UYIsHgegTw89rlXrY
MDg7iHA=
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:58:13 2025 by rpki-client