Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rOHcqLlp8-gywXdnFCktXzGyVW0.roa
File: rOHcqLlp8-gywXdnFCktXzGyVW0.roa (raw, json)
Hash identifier: W4pxIJJ/TzX2yTdbjKjZGkfzZq3HMNjq4KbXWMlR+bs=
Subject key identifier: AC:E1:DC:A8:B9:69:F3:E8:32:C1:77:67:14:29:2D:5F:31:B2:55:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5219
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rOHcqLlp8-gywXdnFCktXzGyVW0.roa
Signing time: Wed 08 May 2024 01:31:52 +0000
ROA not before: Wed 08 May 2024 01:31:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21017 (0x5219)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 01:31:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=ACE1DCA8B969F3E832C1776714292D5F31B2556D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:78:dd:7a:de:f5:34:b6:4e:bd:e4:97:09:4d:
0c:5d:67:77:fd:be:34:af:93:39:e8:15:55:98:7c:
03:e8:23:d4:9f:75:da:e3:ac:c5:d3:f9:e2:41:10:
45:8d:a6:b3:31:6c:45:8a:ae:9c:9f:49:58:30:b9:
43:a8:d8:65:64:b3:17:c2:7b:3b:a9:0d:5c:5e:c6:
96:cc:14:2e:9b:05:e0:42:4b:cf:1d:24:75:c7:bf:
0c:aa:db:6a:73:4e:22:49:f0:8a:ec:d7:16:89:09:
3c:7b:21:02:53:8d:6a:4e:07:9e:9a:f9:db:9e:c8:
94:5b:e9:06:7b:48:1d:96:d3:c2:30:12:df:ad:72:
ae:b0:9f:8b:5f:de:e5:39:4f:22:61:45:7a:0e:95:
ed:f9:a2:f4:ca:5a:61:d4:3f:9c:ef:22:37:19:d5:
34:ae:e7:e4:8f:a4:f5:46:ee:ab:0c:1b:2b:8f:c5:
13:2b:02:43:87:12:54:be:40:16:e0:7b:3e:6f:40:
74:46:93:d0:a1:48:3b:6d:2c:7b:dd:e1:15:5d:bf:
c5:54:9b:d8:11:9c:4b:ca:19:f1:0b:1a:9f:36:26:
eb:86:66:ff:34:ed:9c:6e:ea:a6:74:41:84:db:bd:
b1:71:d0:79:b1:c4:75:0a:3f:f8:49:f4:c9:69:3f:
f7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E1:DC:A8:B9:69:F3:E8:32:C1:77:67:14:29:2D:5F:31:B2:55:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rOHcqLlp8-gywXdnFCktXzGyVW0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b2:3d:d5:31:5d:e1:0d:ec:10:f0:64:d0:66:4d:d9:1b:9b:71:
f3:14:f2:f9:4c:f5:4b:25:e0:8f:d1:1c:ab:74:40:25:ca:7f:
e1:ab:4e:f6:96:25:fa:1a:e4:0c:5b:5b:bc:88:4e:fd:c7:53:
04:ec:e8:0c:0d:33:ec:f1:84:c0:6a:43:ab:97:b1:be:00:5e:
ca:e3:82:4f:3e:08:a3:37:96:fc:cf:64:b7:1b:56:c8:84:65:
c6:14:dd:9a:86:ed:b7:b6:7e:90:a1:71:32:fc:53:f5:7c:b9:
d3:38:47:09:0f:ac:8d:49:e7:d1:cb:c0:f6:b9:8b:2c:4c:07:
f1:15:bb:fe:99:f4:b5:ea:88:3a:02:81:20:45:2d:2e:85:83:
4c:a4:d2:49:05:4a:c0:9e:09:d1:82:95:04:e8:b5:3e:04:24:
f7:07:83:05:47:72:f5:78:7a:13:44:90:8e:4c:40:a1:49:21:
77:a7:c9:f0:79:03:95:fe:a2:4c:6d:ae:bb:9f:ca:f4:8f:73:
8f:eb:81:07:5c:0b:d1:cc:9b:b3:9e:d0:b2:1b:16:93:6c:16:
9a:a8:71:c2:2e:19:c4:42:e7:ca:fb:2d:22:2b:1b:29:32:6b:
bc:3e:70:43:9b:81:83:9d:01:08:32:1c:fe:7a:65:89:df:c4:
cc:6f:c8:9c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUhkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgw
MTMxNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFDRTFEQ0E4Qjk2OUYz
RTgzMkMxNzc2NzE0MjkyRDVGMzFCMjU1NkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOeN163vU0tk695JcJTQxdZ3f9vjSvkznoFVWYfAPoI9Sfddrj
rMXT+eJBEEWNprMxbEWKrpyfSVgwuUOo2GVksxfCezupDVxexpbMFC6bBeBCS88d
JHXHvwyq22pzTiJJ8Irs1xaJCTx7IQJTjWpOB56a+dueyJRb6QZ7SB2W08IwEt+t
cq6wn4tf3uU5TyJhRXoOle35ovTKWmHUP5zvIjcZ1TSu5+SPpPVG7qsMGyuPxRMr
AkOHElS+QBbgez5vQHRGk9ChSDttLHvd4RVdv8VUm9gRnEvKGfELGp82JuuGZv80
7Zxu6qZ0QYTbvbFx0HmxxHUKP/hJ9MlpP/etAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUrOHcqLlp8+gywXdnFCktXzGyVW0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JPSGNxTGxwOC1neXdY
ZG5GQ2t0WHpHeVZXMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALI91TFd4Q3sEPBk
0GZN2RubcfMU8vlM9Usl4I/RHKt0QCXKf+GrTvaWJfoa5AxbW7yITv3HUwTs6AwN
M+zxhMBqQ6uXsb4AXsrjgk8+CKM3lvzPZLcbVsiEZcYU3ZqG7be2fpChcTL8U/V8
udM4RwkPrI1J59HLwPa5iyxMB/EVu/6Z9LXqiDoCgSBFLS6Fg0yk0kkFSsCeCdGC
lQTotT4EJPcHgwVHcvV4ehNEkI5MQKFJIXenyfB5A5X+okxtrrufyvSPc4/rgQdc
C9HMm7Oe0LIbFpNsFpqoccIuGcRC58r7LSIrGykya7w+cEObgYOdAQgyHP56ZYnf
xMxvyJw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:31 2025 by rpki-client