Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mjlTzxYSWMs0mody41kyl5_T2x0.roa
File: mjlTzxYSWMs0mody41kyl5_T2x0.roa (raw, json)
Hash identifier: hhIz1huZrd7snR6IMNZ+cHt1Q0/V1E//865kCFJ6JQ4=
Subject key identifier: 9A:39:53:CF:16:12:58:CB:34:9A:87:72:E3:59:32:97:9F:D3:DB:1D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C71
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mjlTzxYSWMs0mody41kyl5_T2x0.roa
Signing time: Tue 09 Apr 2024 04:22:34 +0000
ROA not before: Tue 09 Apr 2024 04:22:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15473 (0x3c71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 04:22:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9A3953CF161258CB349A8772E35932979FD3DB1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:65:37:ab:fd:78:f2:62:a9:33:1f:ca:cc:35:
33:d6:ef:84:b4:97:54:18:f9:f0:0f:42:3a:0b:27:
4d:da:2f:8c:2f:aa:bc:e8:21:78:4c:32:56:27:55:
e8:ed:4a:d1:a6:6f:a4:01:d7:e1:07:ac:fe:a5:cc:
f9:ea:b4:92:bb:8f:0d:81:cd:cb:28:9a:39:ef:d8:
fe:29:bb:13:c5:17:1e:38:e0:cc:af:32:2c:75:72:
1e:4d:b1:70:78:56:04:d1:df:a7:6b:8f:2f:cf:6b:
99:5b:47:27:9b:38:67:ab:81:3c:b4:ac:f9:12:bc:
dd:d0:d9:9d:90:ba:92:5c:93:a2:34:0d:71:01:b9:
ff:93:ff:77:88:56:be:a2:8b:e6:23:2f:da:0e:58:
65:1d:61:1e:dd:6d:e3:ae:d0:db:00:74:63:2c:75:
33:86:7b:a9:3c:a0:c1:a6:5d:f3:66:08:12:df:84:
eb:69:db:9a:29:b1:a2:04:e7:e3:f2:65:a1:1e:89:
a4:4b:fc:4c:6f:97:cb:a9:77:1f:52:6e:87:94:ae:
ab:7a:97:da:0e:e6:c6:05:1c:6e:55:eb:68:9e:00:
a0:ea:0b:1f:57:76:a9:b9:c7:e0:2b:8a:ec:5d:f3:
ad:17:83:62:a6:12:24:8d:ff:f1:86:ad:57:6b:f6:
48:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:39:53:CF:16:12:58:CB:34:9A:87:72:E3:59:32:97:9F:D3:DB:1D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mjlTzxYSWMs0mody41kyl5_T2x0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
02:39:f8:37:f9:0f:4c:98:1c:09:2b:67:e1:9f:7d:d9:11:3a:
8c:42:3a:5a:09:be:87:c2:2f:b8:96:1e:79:5a:bd:e1:dd:70:
23:23:a2:5f:ab:a2:87:90:6e:2a:62:20:15:27:de:47:b8:ca:
01:14:31:be:7a:4a:7f:52:85:b8:e9:b9:eb:a3:1b:9a:fc:c3:
d8:38:14:92:26:23:3e:2f:d0:ed:d1:2f:82:86:9e:3f:12:87:
c1:5f:b8:74:9f:b0:17:29:b6:1e:93:2e:75:93:6e:56:88:ed:
40:18:51:75:c1:b4:df:4a:52:6f:5a:65:44:42:85:9d:f9:f6:
ca:52:60:52:0e:70:73:5d:8d:27:46:59:5f:d8:2f:ad:e6:7d:
87:69:20:05:7b:08:9e:25:b7:47:ba:4e:ff:06:b2:e7:95:8b:
5a:87:ef:19:ed:b5:e1:06:ff:e2:58:d4:ec:64:82:07:d9:59:
a0:cf:77:54:d5:44:85:da:bc:ce:a3:fb:c0:93:5c:e3:94:22:
90:5b:62:d1:9a:76:bb:b3:cd:0f:22:92:5c:bd:37:f8:33:83:
d1:1a:e1:2b:01:4c:9e:53:1f:12:af:3e:c1:f7:c0:3d:45:b2:
0b:16:e7:9b:c5:87:44:1f:92:47:06:c3:9a:9d:ca:53:e3:72:
a4:99:09:5f
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPHEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkw
NDIyMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlBMzk1M0NGMTYxMjU4
Q0IzNDlBODc3MkUzNTkzMjk3OUZEM0RCMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLZTer/XjyYqkzH8rMNTPW74S0l1QY+fAPQjoLJ03aL4wvqrzo
IXhMMlYnVejtStGmb6QB1+EHrP6lzPnqtJK7jw2Bzcsomjnv2P4puxPFFx444Myv
Mix1ch5NsXB4VgTR36drjy/Pa5lbRyebOGergTy0rPkSvN3Q2Z2QupJck6I0DXEB
uf+T/3eIVr6ii+YjL9oOWGUdYR7dbeOu0NsAdGMsdTOGe6k8oMGmXfNmCBLfhOtp
25opsaIE5+PyZaEeiaRL/Exvl8updx9SboeUrqt6l9oO5sYFHG5V62ieAKDqCx9X
dqm5x+Ariuxd860Xg2KmEiSN//GGrVdr9kh9AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUmjlTzxYSWMs0mody41kyl5/T2x0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21qbFR6eFlTV01zMG1v
ZHk0MWt5bDVfVDJ4MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAI5+Df5D0yYHAkr
Z+GffdkROoxCOloJvofCL7iWHnlaveHdcCMjol+rooeQbipiIBUn3ke4ygEUMb56
Sn9ShbjpueujG5r8w9g4FJImIz4v0O3RL4KGnj8Sh8FfuHSfsBcpth6TLnWTblaI
7UAYUXXBtN9KUm9aZURChZ359spSYFIOcHNdjSdGWV/YL63mfYdpIAV7CJ4lt0e6
Tv8GsueVi1qH7xntteEG/+JY1OxkggfZWaDPd1TVRIXavM6j+8CTXOOUIpBbYtGa
druzzQ8ikly9N/gzg9Ea4SsBTJ5THxKvPsH3wD1FsgsW55vFh0QfkkcGw5qdylPj
cqSZCV8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:27 2025 by rpki-client