Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tuTffNWJSWhDTzgMFXU6pGfIWws.roa
File: tuTffNWJSWhDTzgMFXU6pGfIWws.roa (raw, json)
Hash identifier: 1O198LkC3sKIt+HvM7Wa1ltFisIP0o+eexpfl+45vYY=
Subject key identifier: B6:E4:DF:7C:D5:89:49:68:43:4F:38:0C:15:75:3A:A4:67:C8:5B:0B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53A9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tuTffNWJSWhDTzgMFXU6pGfIWws.roa
Signing time: Fri 10 May 2024 03:23:59 +0000
ROA not before: Fri 10 May 2024 03:23:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21417 (0x53a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 03:23:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B6E4DF7CD5894968434F380C15753AA467C85B0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:53:d1:3e:4f:23:6f:b8:ec:19:9a:c6:e1:9c:
ac:24:1d:d0:cf:8d:1c:d7:f7:13:64:9b:a2:3f:90:
fd:d5:7e:91:dd:ae:81:b5:f2:d0:b3:8c:79:0b:ca:
36:61:fe:ed:d4:86:af:96:67:6c:ce:51:90:71:84:
74:59:95:c4:65:ab:d6:40:83:6c:9a:62:27:03:20:
ce:67:99:84:25:b9:af:08:3c:f3:ed:f5:ed:ea:ea:
01:32:ea:8c:48:e3:57:02:ad:ab:cd:cf:1a:20:bc:
af:c4:e5:28:4c:63:bd:09:b0:69:b7:96:b8:b2:23:
06:07:68:99:49:ff:ab:a8:0f:53:e5:29:d0:db:72:
7b:fd:fc:40:16:29:2a:d0:62:ba:e1:9f:86:f4:02:
89:25:48:f8:81:fd:d0:83:90:4c:db:63:00:40:0c:
0f:eb:8b:36:40:82:24:76:0e:f0:46:dc:ed:79:41:
d6:df:88:32:ae:89:86:83:70:b4:e8:ab:4a:25:9b:
9c:56:7f:29:54:af:cf:30:a3:90:d5:31:e4:43:2b:
b0:4c:e1:f2:36:48:cd:62:59:90:aa:d6:44:c7:6b:
85:56:7b:37:7d:85:45:ed:d5:85:0f:4e:5d:d9:82:
96:7e:36:e8:0e:e3:37:18:49:95:68:94:ee:83:88:
de:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E4:DF:7C:D5:89:49:68:43:4F:38:0C:15:75:3A:A4:67:C8:5B:0B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tuTffNWJSWhDTzgMFXU6pGfIWws.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
36:98:83:41:52:55:f4:29:93:7e:35:64:18:a4:a9:92:94:52:
cd:f8:ec:20:1f:aa:77:5a:be:80:a9:0c:b8:f5:69:bd:07:63:
3e:44:d2:57:8b:6f:9b:9a:c3:a2:92:4b:cb:79:d1:77:92:49:
da:90:6b:f8:d6:df:83:91:d9:8c:1d:d7:7a:61:c0:08:be:40:
0b:84:a5:ba:8d:5c:24:1c:f1:79:d5:7b:15:cb:5c:b0:b5:b7:
00:80:55:b8:6a:41:7a:da:84:0b:95:0e:db:d8:4c:a7:6d:76:
8f:21:6f:62:e9:3e:c5:11:de:4e:f9:4e:72:25:cd:1a:3e:1e:
dc:5c:45:f4:f3:aa:d6:6f:30:07:0b:cf:4d:95:77:b4:00:f2:
90:7f:4d:d2:76:b2:e4:82:74:cd:0a:37:37:5e:2d:72:92:5d:
03:03:5a:78:8b:32:5a:fe:b4:43:ed:d0:2b:e1:81:60:9f:bc:
0b:ee:25:f6:93:9a:31:41:88:80:2f:94:17:b1:c5:0a:b3:99:
dd:b8:a9:4c:68:b6:93:24:84:99:06:be:4f:6d:86:84:47:cc:
cf:f9:1f:d1:67:a6:cb:ff:10:0c:7c:b2:7d:14:b2:9f:11:92:
2e:f1:cc:0a:69:92:bb:63:ee:69:74:a9:d0:9b:15:5d:df:66:
54:22:c3:2f
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICU6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
MzIzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI2RTRERjdDRDU4OTQ5
Njg0MzRGMzgwQzE1NzUzQUE0NjdDODVCMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkU9E+TyNvuOwZmsbhnKwkHdDPjRzX9xNkm6I/kP3VfpHdroG1
8tCzjHkLyjZh/u3Uhq+WZ2zOUZBxhHRZlcRlq9ZAg2yaYicDIM5nmYQlua8IPPPt
9e3q6gEy6oxI41cCravNzxogvK/E5ShMY70JsGm3lriyIwYHaJlJ/6uoD1PlKdDb
cnv9/EAWKSrQYrrhn4b0AoklSPiB/dCDkEzbYwBADA/rizZAgiR2DvBG3O15Qdbf
iDKuiYaDcLToq0olm5xWfylUr88wo5DVMeRDK7BM4fI2SM1iWZCq1kTHa4VWezd9
hUXt1YUPTl3ZgpZ+NugO4zcYSZVolO6DiN5TAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUtuTffNWJSWhDTzgMFXU6pGfIWwswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3R1VGZmTldKU1doRFR6
Z01GWFU2cEdmSVd3cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADaYg0FSVfQpk341
ZBikqZKUUs347CAfqndavoCpDLj1ab0HYz5E0leLb5uaw6KSS8t50XeSSdqQa/jW
34OR2Ywd13phwAi+QAuEpbqNXCQc8XnVexXLXLC1twCAVbhqQXrahAuVDtvYTKdt
do8hb2LpPsUR3k75TnIlzRo+HtxcRfTzqtZvMAcLz02Vd7QA8pB/TdJ2suSCdM0K
NzdeLXKSXQMDWniLMlr+tEPt0CvhgWCfvAvuJfaTmjFBiIAvlBexxQqzmd24qUxo
tpMkhJkGvk9thoRHzM/5H9Fnpsv/EAx8sn0Usp8Rki7xzAppkrtj7ml0qdCbFV3f
ZlQiwy8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:00 2025 by rpki-client