Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xCAyRv453Xx1cjg6lK9llFWrYq8.roa
File: xCAyRv453Xx1cjg6lK9llFWrYq8.roa (raw, json)
Hash identifier: wdRhUTVy5uB6B4Wpvz9g2CRh46SIVZeHw5diq2rNHIk=
Subject key identifier: C4:20:32:46:FE:39:DD:7C:75:72:38:3A:94:AF:65:94:55:AB:62:AF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37DD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xCAyRv453Xx1cjg6lK9llFWrYq8.roa
Signing time: Wed 03 Apr 2024 01:52:20 +0000
ROA not before: Wed 03 Apr 2024 01:52:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14301 (0x37dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 01:52:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C4203246FE39DD7C7572383A94AF659455AB62AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:38:8e:86:b3:5b:bb:02:a7:98:ee:90:be:62:
78:06:ff:49:8d:f2:f6:4a:94:60:ce:ba:09:b6:49:
7b:bf:c5:d8:21:04:29:27:d2:e3:93:df:89:89:a7:
61:cb:29:3a:4f:49:e4:66:48:d4:f0:88:db:83:51:
56:15:3c:cb:89:e7:89:2c:25:90:96:fe:7d:ab:b8:
e6:67:f7:3a:25:4d:6b:a6:c4:c0:7b:29:17:58:21:
4f:ad:b1:1c:9a:cf:6e:c2:0b:94:1f:24:2d:17:63:
fe:96:00:c4:42:3b:ad:48:15:db:84:a7:11:ae:20:
a1:4b:c4:43:8e:03:93:e9:c6:97:15:05:ad:bd:b9:
0c:12:bb:90:6c:f8:b8:ff:1d:45:8c:4e:5f:19:f2:
45:8f:e2:35:27:fb:8d:e1:1d:45:41:cf:e1:89:43:
43:5d:69:1e:9f:bd:e6:3c:41:f8:f5:60:60:e7:c9:
89:45:de:91:3a:c4:95:61:d0:fb:f7:ce:04:0d:8c:
32:2e:09:a1:1c:08:53:39:16:35:8e:d8:07:d2:ac:
eb:08:6a:54:ec:a4:fb:28:74:71:9b:61:b9:44:0c:
29:56:60:b2:e5:7e:30:5b:6d:6d:5c:b1:fd:e0:01:
e3:4d:34:50:6d:db:8b:0c:b1:2c:c2:38:df:29:04:
34:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:20:32:46:FE:39:DD:7C:75:72:38:3A:94:AF:65:94:55:AB:62:AF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xCAyRv453Xx1cjg6lK9llFWrYq8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a3:0d:68:1f:43:22:67:e3:87:8a:fc:2b:60:c3:44:3d:17:77:
65:ec:64:3b:2e:01:65:4b:36:32:fc:98:dd:5b:9d:c6:5e:31:
3c:b6:67:91:91:2e:c4:92:0d:af:00:d0:6c:77:f6:c3:cd:b5:
94:6d:08:75:a3:df:e5:0b:01:56:0b:50:cb:0a:44:21:94:18:
1e:e1:b8:c5:10:01:aa:f4:9f:10:2b:7e:1e:55:72:02:21:b1:
57:e5:8a:93:74:2e:10:a5:a2:06:9a:3e:3c:17:7b:c8:44:3d:
62:20:db:31:ed:b8:64:c6:4f:f5:79:04:95:79:5b:93:87:18:
d3:c4:7e:de:fc:83:35:9b:95:29:9c:e4:a6:24:d0:dd:6a:91:
bd:b2:9f:d1:14:e9:a0:aa:66:5e:69:e5:d6:d2:50:13:af:64:
a7:c3:61:9e:bd:96:f3:6e:40:15:56:02:af:75:2e:f7:8d:7a:
f3:d3:5f:5b:47:8c:3e:89:00:2f:2b:18:f1:36:36:72:5e:49:
24:cb:e2:a7:88:78:6c:5d:ff:ec:5e:e3:05:4d:f5:8c:08:b2:
48:83:17:57:09:6e:e8:0f:63:25:ff:4b:4b:6c:e9:32:b0:53:
95:a3:50:d6:19:a0:c6:7b:2f:0e:a9:73:58:74:af:92:ad:c3:
61:32:66:08
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICN90wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMw
MTUyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM0MjAzMjQ2RkUzOURE
N0M3NTcyMzgzQTk0QUY2NTk0NTVBQjYyQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqOI6Gs1u7AqeY7pC+YngG/0mN8vZKlGDOugm2SXu/xdghBCkn
0uOT34mJp2HLKTpPSeRmSNTwiNuDUVYVPMuJ54ksJZCW/n2ruOZn9zolTWumxMB7
KRdYIU+tsRyaz27CC5QfJC0XY/6WAMRCO61IFduEpxGuIKFLxEOOA5PpxpcVBa29
uQwSu5Bs+Lj/HUWMTl8Z8kWP4jUn+43hHUVBz+GJQ0NdaR6fveY8Qfj1YGDnyYlF
3pE6xJVh0Pv3zgQNjDIuCaEcCFM5FjWO2AfSrOsIalTspPsodHGbYblEDClWYLLl
fjBbbW1csf3gAeNNNFBt24sMsSzCON8pBDTZAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUxCAyRv453Xx1cjg6lK9llFWrYq8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hDQXlSdjQ1M1h4MWNq
ZzZsSzlsbEZXcllxOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKMNaB9DImfjh4r8
K2DDRD0Xd2XsZDsuAWVLNjL8mN1bncZeMTy2Z5GRLsSSDa8A0Gx39sPNtZRtCHWj
3+ULAVYLUMsKRCGUGB7huMUQAar0nxArfh5VcgIhsVflipN0LhClogaaPjwXe8hE
PWIg2zHtuGTGT/V5BJV5W5OHGNPEft78gzWblSmc5KYk0N1qkb2yn9EU6aCqZl5p
5dbSUBOvZKfDYZ69lvNuQBVWAq91LveNevPTX1tHjD6JAC8rGPE2NnJeSSTL4qeI
eGxd/+xe4wVN9YwIskiDF1cJbugPYyX/S0ts6TKwU5WjUNYZoMZ7Lw6pc1h0r5Kt
w2EyZgg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:49:00 2025 by rpki-client