Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sxItbgPXuXveKXQF6t9U-RDf5Rc.roa
File: sxItbgPXuXveKXQF6t9U-RDf5Rc.roa (raw, json)
Hash identifier: kQzIwtYo7V0YO//PpQS+sdVNzHFvkR4cq16hy2yAseY=
Subject key identifier: B3:12:2D:6E:03:D7:B9:7B:DE:29:74:05:EA:DF:54:F9:10:DF:E5:17
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40A1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sxItbgPXuXveKXQF6t9U-RDf5Rc.roa
Signing time: Sun 14 Apr 2024 18:22:55 +0000
ROA not before: Sun 14 Apr 2024 18:22:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16545 (0x40a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 18:22:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B3122D6E03D7B97BDE297405EADF54F910DFE517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c6:2b:9b:a4:8a:c8:2e:21:be:87:97:24:cb:
31:ef:49:e1:a4:79:40:16:85:94:14:c5:96:23:04:
eb:b2:89:b8:81:a4:2d:e3:c0:0a:15:fd:35:2d:56:
42:15:dd:c4:ef:fc:69:ab:39:5a:6c:96:02:29:fe:
ae:9a:96:19:00:07:43:b8:e7:20:04:8d:09:21:a9:
10:3e:a7:e8:21:7a:9f:db:3c:48:ff:99:6a:df:5b:
84:40:53:57:d6:0c:b3:78:bc:6f:4c:29:3d:6f:36:
3c:80:d4:0c:87:b4:19:9a:9b:e8:e3:8a:cc:c5:70:
db:f7:8c:fd:ed:0f:86:c3:01:9a:3d:40:6b:50:0e:
4d:82:55:95:7f:db:18:9c:1e:a2:b5:2a:3d:85:28:
22:9d:97:e2:37:f4:6b:78:bc:35:b5:3f:88:9d:c0:
db:f2:02:1b:8e:ec:c5:9b:86:6d:6d:30:b1:e6:7e:
47:3b:16:77:33:15:3f:ab:b5:6f:cf:de:12:55:40:
42:05:e3:03:55:5a:99:a2:e4:81:96:e4:58:ee:ad:
03:84:d2:a7:be:9d:9b:b8:80:2c:3a:9f:81:8c:cd:
68:5b:fa:09:d7:60:89:6a:d9:66:25:fc:91:cb:dd:
77:17:31:29:0f:18:61:38:54:68:ae:f7:d1:8b:2a:
f0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:12:2D:6E:03:D7:B9:7B:DE:29:74:05:EA:DF:54:F9:10:DF:E5:17
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sxItbgPXuXveKXQF6t9U-RDf5Rc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3e:0a:a1:89:1e:9f:a0:a6:fd:d6:10:2c:f6:4a:b3:27:db:2c:
79:ea:0b:a7:12:2a:65:c4:41:2f:8b:19:62:70:d0:79:6a:74:
f9:b8:e9:00:61:8c:de:97:b9:bf:36:89:73:9b:7f:4b:00:67:
6f:5d:92:b3:b9:f2:af:36:37:36:ad:38:1b:d3:a2:1a:ed:79:
53:19:c9:da:a9:d5:39:5d:3b:a4:35:0f:4c:a0:06:55:46:68:
dc:45:d2:05:ea:ab:21:e5:1c:45:21:69:62:2b:19:13:ad:6f:
d4:0e:3a:af:44:c5:53:3d:8b:42:c7:d3:5c:7d:b2:9b:cb:b8:
a5:05:98:a7:21:38:11:35:ad:ff:ce:cf:d9:ca:c2:b5:ff:ca:
c4:5d:fb:86:cd:2d:46:0d:38:a3:ba:a7:45:3a:b7:0c:2c:12:
d8:b2:16:49:87:e3:ea:9c:26:a0:42:ed:ca:e3:49:a9:f0:cf:
59:8a:14:31:00:ab:5f:e0:66:27:ed:79:58:a4:43:45:42:10:
31:32:87:a8:40:86:e6:49:c5:80:4f:12:a3:bd:2d:e8:c8:37:
6a:76:ae:62:63:59:e2:ae:ba:92:04:28:77:77:1a:8a:d0:fb:
95:3e:10:4c:81:72:95:48:00:a8:b6:18:d5:01:45:53:9c:5e:
b5:40:1d:64
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQKEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
ODIyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIzMTIyRDZFMDNEN0I5
N0JERTI5NzQwNUVBREY1NEY5MTBERkU1MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBxiubpIrILiG+h5ckyzHvSeGkeUAWhZQUxZYjBOuyibiBpC3j
wAoV/TUtVkIV3cTv/GmrOVpslgIp/q6alhkAB0O45yAEjQkhqRA+p+ghep/bPEj/
mWrfW4RAU1fWDLN4vG9MKT1vNjyA1AyHtBmam+jjiszFcNv3jP3tD4bDAZo9QGtQ
Dk2CVZV/2xicHqK1Kj2FKCKdl+I39Gt4vDW1P4idwNvyAhuO7MWbhm1tMLHmfkc7
FnczFT+rtW/P3hJVQEIF4wNVWpmi5IGW5FjurQOE0qe+nZu4gCw6n4GMzWhb+gnX
YIlq2WYl/JHL3XcXMSkPGGE4VGiu99GLKvD9AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUsxItbgPXuXveKXQF6t9U+RDf5RcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3N4SXRiZ1BYdVh2ZUtY
UUY2dDlVLVJEZjVSYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAD4KoYken6Cm/dYQ
LPZKsyfbLHnqC6cSKmXEQS+LGWJw0HlqdPm46QBhjN6Xub82iXObf0sAZ29dkrO5
8q82NzatOBvTohrteVMZydqp1TldO6Q1D0ygBlVGaNxF0gXqqyHlHEUhaWIrGROt
b9QOOq9ExVM9i0LH01x9spvLuKUFmKchOBE1rf/Oz9nKwrX/ysRd+4bNLUYNOKO6
p0U6twwsEtiyFkmH4+qcJqBC7crjSanwz1mKFDEAq1/gZifteVikQ0VCEDEyh6hA
huZJxYBPEqO9LejIN2p2rmJjWeKuupIEKHd3GorQ+5U+EEyBcpVIAKi2GNUBRVOc
XrVAHWQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:59 2025 by rpki-client