Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/oOxdOPbYdaIWJbS4U2_d5ZntGO0.roa
File: oOxdOPbYdaIWJbS4U2_d5ZntGO0.roa (raw, json)
Hash identifier: gd7vnP3htd/+NoyKCnvNyfa6dj9OMKAwx6SssplbZ28=
Subject key identifier: A0:EC:5D:38:F6:D8:75:A2:16:25:B4:B8:53:6F:DD:E5:99:ED:18:ED
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53C9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oOxdOPbYdaIWJbS4U2_d5ZntGO0.roa
Signing time: Fri 10 May 2024 07:24:02 +0000
ROA not before: Fri 10 May 2024 07:24:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21449 (0x53c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 07:24:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A0EC5D38F6D875A21625B4B8536FDDE599ED18ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:90:33:b7:82:4f:f1:06:1d:93:04:5e:8d:d1:
18:ea:7e:2d:bb:42:2c:84:d1:72:23:49:41:ec:d7:
51:98:d7:8f:ba:1e:d1:65:a7:2f:81:00:13:01:c5:
8b:b4:bc:cf:41:f8:71:6a:37:ad:96:97:f1:08:92:
be:81:ff:21:79:b8:7b:cf:e5:52:02:a7:ad:3c:72:
71:8a:6d:27:ba:e6:a2:ae:83:d4:20:28:09:70:54:
ad:cc:07:c3:5a:87:3c:b5:00:8c:cb:8e:88:44:f7:
e3:17:49:37:cf:b6:e4:c9:a7:f9:8d:93:a9:e1:1b:
12:f0:f2:bd:5a:c0:9c:c0:42:6f:0f:1c:83:60:55:
f1:66:ce:bf:92:cb:34:9d:98:51:6d:00:73:8b:26:
af:d2:a5:29:26:7d:69:08:ae:54:30:76:8d:58:5a:
c9:8e:01:90:02:f2:8d:b1:67:ee:39:cf:26:43:90:
f7:9c:7d:c8:9a:8b:9f:89:95:79:be:3e:0e:11:ed:
f1:de:9e:4f:d8:4e:52:8b:47:8a:fb:d9:76:44:a2:
78:bb:32:ad:72:4a:2e:d3:23:18:17:1c:4e:31:09:
19:3f:68:68:f0:f5:6b:02:f0:36:64:66:a6:94:64:
d8:42:b8:a9:db:dd:ab:00:89:51:09:76:ff:c2:44:
c0:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:EC:5D:38:F6:D8:75:A2:16:25:B4:B8:53:6F:DD:E5:99:ED:18:ED
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oOxdOPbYdaIWJbS4U2_d5ZntGO0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7d:dd:70:bc:f4:91:85:fa:0c:5a:d1:88:5c:f4:3a:4f:59:38:
29:ed:5b:14:f3:e1:4d:e1:ab:fb:a7:74:d9:43:13:82:80:53:
40:4c:e5:bc:bd:42:a9:f8:a2:1e:19:1e:05:c0:3e:1d:0f:67:
e4:f0:71:9d:77:f4:9f:76:39:d0:49:b8:b3:8b:ab:4e:6d:86:
c6:58:d0:91:62:aa:f9:d0:c1:3a:f9:3c:05:53:67:39:9b:1d:
23:54:7d:7c:d4:41:e6:e5:04:66:37:83:84:49:b1:5e:44:14:
d0:33:c3:ae:f3:97:2c:5d:0c:81:64:f7:c0:87:e9:42:6e:de:
08:f5:3e:70:fc:44:24:48:9f:ae:8c:46:71:fe:f3:d9:33:da:
d4:a3:d4:e6:e9:9c:4b:70:e9:72:b0:8a:6d:78:60:7d:ac:02:
2a:60:ca:57:78:fc:89:5f:16:13:e6:5b:a7:7c:8b:ef:7d:57:
68:18:65:bc:00:be:c8:0d:96:1e:69:18:14:81:19:bc:e9:c4:
c7:92:8c:dd:fb:5a:d9:d6:3a:dd:09:87:f9:4e:95:b9:ad:e1:
97:79:c8:a8:ff:95:18:b1:a3:21:c8:bb:94:fd:5d:ac:f0:60:
f3:cb:fd:ee:ec:03:b4:80:c5:55:fd:d6:37:07:af:3c:70:f1:
f4:21:b7:c9
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICU8kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
NzI0MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEwRUM1RDM4RjZEODc1
QTIxNjI1QjRCODUzNkZEREU1OTlFRDE4RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpkDO3gk/xBh2TBF6N0Rjqfi27QiyE0XIjSUHs11GY14+6HtFl
py+BABMBxYu0vM9B+HFqN62Wl/EIkr6B/yF5uHvP5VICp608cnGKbSe65qKug9Qg
KAlwVK3MB8Nahzy1AIzLjohE9+MXSTfPtuTJp/mNk6nhGxLw8r1awJzAQm8PHINg
VfFmzr+SyzSdmFFtAHOLJq/SpSkmfWkIrlQwdo1YWsmOAZAC8o2xZ+45zyZDkPec
fciai5+JlXm+Pg4R7fHenk/YTlKLR4r72XZEoni7Mq1ySi7TIxgXHE4xCRk/aGjw
9WsC8DZkZqaUZNhCuKnb3asAiVEJdv/CRMBRAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUoOxdOPbYdaIWJbS4U2/d5ZntGO0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29PeGRPUGJZZGFJV0pi
UzRVMl9kNVpudEdPMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAH3dcLz0kYX6DFrR
iFz0Ok9ZOCntWxTz4U3hq/undNlDE4KAU0BM5by9Qqn4oh4ZHgXAPh0PZ+TwcZ13
9J92OdBJuLOLq05thsZY0JFiqvnQwTr5PAVTZzmbHSNUfXzUQeblBGY3g4RJsV5E
FNAzw67zlyxdDIFk98CH6UJu3gj1PnD8RCRIn66MRnH+89kz2tSj1ObpnEtw6XKw
im14YH2sAipgyld4/IlfFhPmW6d8i+99V2gYZbwAvsgNlh5pGBSBGbzpxMeSjN37
WtnWOt0Jh/lOlbmt4Zd5yKj/lRixoyHIu5T9XazwYPPL/e7sA7SAxVX91jcHrzxw
8fQht8k=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:27 2025 by rpki-client