Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mRtuzDw7UOXnZjyVgAAWMGQ0S34.roa
File: mRtuzDw7UOXnZjyVgAAWMGQ0S34.roa (raw, json)
Hash identifier: JpOMw/QwQjUxrJa3KjabsDUzNBPsCVqgKMqso0m0+iI=
Subject key identifier: 99:1B:6E:CC:3C:3B:50:E5:E7:66:3C:95:80:00:16:30:64:34:4B:7E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B41
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mRtuzDw7UOXnZjyVgAAWMGQ0S34.roa
Signing time: Sun 07 Apr 2024 14:22:59 +0000
ROA not before: Sun 07 Apr 2024 14:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15169 (0x3b41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 14:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=991B6ECC3C3B50E5E7663C958000163064344B7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0a:55:41:dc:13:b1:56:8f:95:b3:d4:8c:b5:
37:e0:75:05:d0:2a:fc:9b:b3:1d:95:f9:3c:52:79:
a5:4c:f7:91:95:9a:4e:56:1b:56:05:2b:ee:db:42:
76:53:34:7c:a3:67:de:87:db:c2:b6:21:25:c0:3b:
69:c7:c4:5d:43:32:f7:b0:47:57:d9:15:71:bf:02:
da:00:c2:1b:08:93:ff:93:b0:1e:20:b6:dc:20:ee:
82:d6:e2:44:82:b9:d2:f0:c9:c2:c8:8e:51:57:14:
3e:3b:e5:d9:fd:ac:0d:f5:34:c1:bd:e9:da:24:b5:
b3:f7:fe:7f:31:b8:3b:04:4b:b2:ae:56:c8:06:34:
19:96:20:39:36:5f:7e:55:ab:fe:a9:78:e5:0f:9d:
bb:4c:54:ab:31:98:4d:f9:f7:29:b9:d2:a5:b4:57:
60:06:0e:d9:af:be:ba:09:a4:ec:16:e7:95:4f:3a:
9b:9c:a2:59:6e:86:42:af:d9:1c:81:50:20:27:9d:
26:7a:da:5f:e4:a4:e2:b8:b4:a3:49:19:84:15:5e:
f6:07:90:dc:33:0e:04:f4:4b:39:cf:58:01:ec:93:
fb:aa:5e:2d:a3:30:ff:0c:3e:ad:46:fe:b2:a8:02:
a8:6f:9b:6d:17:12:90:d2:71:e5:f0:97:de:71:22:
6b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:1B:6E:CC:3C:3B:50:E5:E7:66:3C:95:80:00:16:30:64:34:4B:7E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mRtuzDw7UOXnZjyVgAAWMGQ0S34.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4d:2b:f3:8d:25:43:19:fe:2a:75:61:63:04:58:79:22:dd:3c:
8b:1d:9c:ba:c6:8c:b1:34:6e:aa:93:18:65:42:e5:89:de:6f:
14:99:3e:ad:8d:0d:67:79:27:9a:80:8b:19:1b:2b:79:80:fd:
7c:e3:a7:5b:9c:86:a2:a7:d1:7b:eb:31:e7:33:cf:26:e5:33:
fa:2b:c7:30:59:95:ed:93:ff:90:6d:b4:25:b1:d7:8e:3d:87:
4a:33:37:19:fd:cb:c5:99:4b:18:2d:0d:5f:b4:c0:30:89:f0:
c1:4e:30:b3:75:1a:41:de:41:66:a6:d8:42:70:ff:46:dc:07:
ae:dc:eb:6d:71:fb:d6:e6:b6:99:82:2b:9f:77:1c:89:a3:7c:
1b:05:78:f9:42:99:03:80:4c:51:66:34:cb:33:1d:04:0c:87:
c8:68:d4:eb:1f:10:fc:f1:86:ba:21:ac:00:4e:3b:a4:3e:fd:
0c:d0:ae:c2:cf:6d:74:9e:aa:c9:c2:b5:51:85:06:16:8c:e0:
5c:15:66:57:92:d5:d8:42:7d:96:68:9e:6d:25:76:ef:4b:f5:
6f:df:c0:cb:49:fb:e0:dd:89:df:67:1b:e7:77:73:3e:72:19:
ea:3d:f4:5b:c3:57:68:e7:e3:47:3d:73:1b:e3:60:25:93:c7:
83:4d:ce:8d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICO0EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcx
NDIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk5MUI2RUNDM0MzQjUw
RTVFNzY2M0M5NTgwMDAxNjMwNjQzNDRCN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+ClVB3BOxVo+Vs9SMtTfgdQXQKvybsx2V+TxSeaVM95GVmk5W
G1YFK+7bQnZTNHyjZ96H28K2ISXAO2nHxF1DMvewR1fZFXG/AtoAwhsIk/+TsB4g
ttwg7oLW4kSCudLwycLIjlFXFD475dn9rA31NMG96doktbP3/n8xuDsES7KuVsgG
NBmWIDk2X35Vq/6peOUPnbtMVKsxmE359ym50qW0V2AGDtmvvroJpOwW55VPOpuc
olluhkKv2RyBUCAnnSZ62l/kpOK4tKNJGYQVXvYHkNwzDgT0SznPWAHsk/uqXi2j
MP8MPq1G/rKoAqhvm20XEpDSceXwl95xImv5AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUmRtuzDw7UOXnZjyVgAAWMGQ0S34wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21SdHV6RHc3VU9Yblpq
eVZnQUFXTUdRMFMzNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAE0r840lQxn+KnVh
YwRYeSLdPIsdnLrGjLE0bqqTGGVC5YnebxSZPq2NDWd5J5qAixkbK3mA/Xzjp1uc
hqKn0XvrMeczzyblM/orxzBZle2T/5BttCWx1449h0ozNxn9y8WZSxgtDV+0wDCJ
8MFOMLN1GkHeQWam2EJw/0bcB67c621x+9bmtpmCK593HImjfBsFePlCmQOATFFm
NMszHQQMh8ho1OsfEPzxhrohrABOO6Q+/QzQrsLPbXSeqsnCtVGFBhaM4FwVZleS
1dhCfZZonm0ldu9L9W/fwMtJ++Ddid9nG+d3cz5yGeo99FvDV2jn40c9cxvjYCWT
x4NNzo0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:22 2025 by rpki-client