Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mZU2ocj23Bif3uZ7gCYST8-rVXk.roa
File: mZU2ocj23Bif3uZ7gCYST8-rVXk.roa (raw, json)
Hash identifier: GZpf7AURh3khPvogmZwN+dnYnGRCZgWvU4YCn10zavE=
Subject key identifier: 99:95:36:A1:C8:F6:DC:18:9F:DE:E6:7B:80:26:12:4F:CF:AB:55:79
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DF1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mZU2ocj23Bif3uZ7gCYST8-rVXk.roa
Signing time: Thu 11 Apr 2024 04:22:45 +0000
ROA not before: Thu 11 Apr 2024 04:22:45 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15857 (0x3df1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 04:22:45 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=999536A1C8F6DC189FDEE67B8026124FCFAB5579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6b:10:57:8e:2c:04:da:27:db:66:a9:04:30:
75:40:ba:81:9a:c6:20:77:98:e2:e1:95:c1:70:8c:
9b:d8:82:e1:bb:b3:69:09:ce:c8:c9:fd:88:62:60:
d7:e5:d3:43:b6:d6:4e:ef:d5:1b:02:8a:d5:fe:36:
f2:a6:71:98:c0:27:56:d3:71:32:f9:43:9b:b6:19:
03:cc:76:5a:b9:7d:0c:27:39:cb:d5:af:5f:77:33:
41:ff:fc:a3:b3:27:74:1a:cc:f6:ba:70:5a:c7:5c:
16:c6:49:2f:9a:ad:43:b4:ac:ae:0b:d5:73:23:88:
ea:d3:72:04:ab:f7:8e:12:d5:4c:b7:89:c5:c6:e9:
30:08:f2:be:6c:d0:51:21:b4:e4:14:d4:3c:e6:d3:
98:8a:85:76:ab:88:5f:87:30:ec:42:eb:df:2c:ce:
19:0f:24:94:b2:08:91:71:a3:66:5a:40:e2:e9:a3:
9a:1c:3b:77:f8:b8:c4:33:8e:39:18:ac:9e:1b:55:
e6:fc:40:c1:cf:1b:4f:0d:b6:40:42:bd:03:ca:96:
97:bb:7f:78:f0:65:98:47:6a:47:8b:20:4f:45:76:
aa:9b:cd:c7:df:8d:8f:20:75:d8:f0:d8:d3:33:54:
d2:a4:65:bc:02:dd:b4:bc:de:6c:23:93:f6:26:d5:
bd:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:95:36:A1:C8:F6:DC:18:9F:DE:E6:7B:80:26:12:4F:CF:AB:55:79
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mZU2ocj23Bif3uZ7gCYST8-rVXk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3c:c7:b8:40:9e:55:ff:96:fd:68:45:04:41:8c:7b:cb:98:0b:
b9:a3:8f:8c:76:bf:30:4c:1f:63:da:e8:ef:7e:ac:ee:41:d3:
43:b3:c9:bf:3f:0f:f0:aa:8e:8f:ab:96:73:02:24:11:b2:16:
cd:aa:c0:72:5f:d5:91:29:f4:db:7a:38:a5:d0:bb:6f:83:cb:
e2:2e:a5:b4:74:4b:2c:00:e9:28:94:42:40:90:ca:31:70:66:
3e:a1:fe:83:8c:b1:93:76:77:ec:ba:d0:db:02:ad:b8:5b:03:
e0:6d:f2:ab:f2:c4:58:d0:2c:46:5d:30:7f:30:ca:b7:5f:1e:
8b:ea:80:ed:6d:aa:54:82:09:98:24:b0:4d:65:ba:d4:4c:c1:
0d:59:5f:e6:5b:bf:4d:52:4a:36:14:b1:fd:d3:dd:ee:84:5b:
62:e0:40:4a:01:41:8d:2a:b8:02:a2:cc:e3:4d:7c:34:07:41:
a1:d4:16:ca:b9:b3:8b:1e:83:3f:b3:90:ed:8d:fb:28:cb:49:
f3:49:74:65:87:9b:f7:af:c3:a8:15:66:b8:0c:7a:0c:f6:cc:
99:d7:07:13:bb:74:9a:e6:8c:2f:c4:61:e2:51:d4:41:7a:6b:
84:9a:a4:ac:1b:21:9f:d3:65:ba:05:c1:9e:b8:17:28:da:37:
1d:2d:e8:a5
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPfEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
NDIyNDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk5OTUzNkExQzhGNkRD
MTg5RkRFRTY3QjgwMjYxMjRGQ0ZBQjU1NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoaxBXjiwE2ifbZqkEMHVAuoGaxiB3mOLhlcFwjJvYguG7s2kJ
zsjJ/YhiYNfl00O21k7v1RsCitX+NvKmcZjAJ1bTcTL5Q5u2GQPMdlq5fQwnOcvV
r193M0H//KOzJ3QazPa6cFrHXBbGSS+arUO0rK4L1XMjiOrTcgSr944S1Uy3icXG
6TAI8r5s0FEhtOQU1Dzm05iKhXariF+HMOxC698szhkPJJSyCJFxo2ZaQOLpo5oc
O3f4uMQzjjkYrJ4bVeb8QMHPG08NtkBCvQPKlpe7f3jwZZhHakeLIE9Fdqqbzcff
jY8gddjw2NMzVNKkZbwC3bS83mwjk/Ym1b0BAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUmZU2ocj23Bif3uZ7gCYST8+rVXkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21aVTJvY2oyM0JpZjN1
WjdnQ1lTVDgtclZYay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADzHuECeVf+W/WhF
BEGMe8uYC7mjj4x2vzBMH2Pa6O9+rO5B00Ozyb8/D/Cqjo+rlnMCJBGyFs2qwHJf
1ZEp9Nt6OKXQu2+Dy+IupbR0SywA6SiUQkCQyjFwZj6h/oOMsZN2d+y60NsCrbhb
A+Bt8qvyxFjQLEZdMH8wyrdfHovqgO1tqlSCCZgksE1lutRMwQ1ZX+Zbv01SSjYU
sf3T3e6EW2LgQEoBQY0quAKizONNfDQHQaHUFsq5s4segz+zkO2N+yjLSfNJdGWH
m/evw6gVZrgMegz2zJnXBxO7dJrmjC/EYeJR1EF6a4SapKwbIZ/TZboFwZ64Fyja
Nx0t6KU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:21:57 2025 by rpki-client