Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-lDTAXD_VvjmqfwvCzYH9vD70Ac.roa
File: -lDTAXD_VvjmqfwvCzYH9vD70Ac.roa (raw, json)
Hash identifier: w2j9ZmgeqWW2iiLRsMQz1oF0rlBz6y9l+W5H4RA1L0g=
Subject key identifier: FA:50:D3:01:70:FF:56:F8:E6:A9:FC:2F:0B:36:07:F6:F0:FB:D0:07
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DA9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-lDTAXD_VvjmqfwvCzYH9vD70Ac.roa
Signing time: Wed 10 Apr 2024 19:22:42 +0000
ROA not before: Wed 10 Apr 2024 19:22:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15785 (0x3da9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 19:22:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FA50D30170FF56F8E6A9FC2F0B3607F6F0FBD007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2f:d1:ab:39:1a:0a:af:29:80:34:d8:71:e1:
9b:d5:10:62:e1:92:5e:11:97:7f:db:3b:d7:cf:cf:
1e:27:76:a5:4e:18:f2:f4:c7:35:f6:74:6e:73:f1:
e2:c5:ce:72:41:4d:fd:38:95:3c:9d:90:dc:2d:32:
ee:3f:b5:91:ff:f3:92:74:dc:6c:d7:47:24:4a:aa:
ce:4f:f8:8c:f0:29:88:16:f9:47:7b:41:46:45:a0:
82:d8:bc:aa:d8:ea:7c:d1:d5:fc:70:c4:fb:1e:81:
c3:7b:04:9a:1d:7d:ca:9b:26:6f:02:53:59:93:ac:
af:64:13:8c:24:0e:4e:a3:10:55:42:7b:f2:a8:5e:
7d:38:4a:d5:90:77:f8:db:ed:84:c6:95:52:92:62:
21:34:54:8a:a8:22:38:94:09:5e:5d:58:a6:55:c7:
32:80:ae:cb:df:c3:34:19:c9:88:58:e7:7c:19:73:
11:a9:b3:9d:f7:05:89:66:27:00:8f:83:5d:88:4c:
d8:19:68:1e:35:00:b5:c6:a9:96:a1:1c:3b:8c:78:
15:29:e3:ba:a9:d7:2f:56:28:c5:b6:45:f3:35:9d:
9e:ad:21:2c:d1:3b:f1:78:f0:66:64:4c:27:73:0d:
e4:6f:61:8a:1a:90:31:1d:81:cb:f8:d7:bd:d4:da:
b5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:50:D3:01:70:FF:56:F8:E6:A9:FC:2F:0B:36:07:F6:F0:FB:D0:07
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-lDTAXD_VvjmqfwvCzYH9vD70Ac.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
1d:99:87:3b:37:31:a2:de:9c:b5:fa:7b:c2:f9:60:60:7a:b0:
10:3b:b0:5d:e0:4e:88:76:1c:e3:2b:f9:53:aa:d2:25:e3:c8:
3f:4c:25:db:56:0b:b7:fb:95:1e:c7:84:52:ec:de:a1:48:ee:
55:62:14:71:4b:93:e1:1c:60:5e:3f:7e:6c:5a:c5:68:1e:03:
ad:0b:63:44:69:be:8f:63:6c:25:4f:1b:16:7d:8a:86:86:72:
36:6c:a5:11:02:7d:5c:67:b4:ca:1f:c2:ad:90:00:b8:de:38:
06:5b:33:3d:3e:46:e8:3f:71:1f:68:0c:3c:31:e2:42:ab:c0:
25:81:43:9b:4f:a3:af:86:0e:05:8e:b8:30:24:b7:6d:8e:95:
35:fa:21:41:10:02:56:81:41:91:dd:e8:a5:12:68:59:7c:af:
81:3b:ce:8e:1a:8c:6f:57:ff:0b:6e:39:69:8b:69:f7:77:9b:
77:84:0c:35:f7:66:a1:de:ba:89:f9:a0:27:ee:d8:3e:08:bc:
f1:10:e6:f7:ed:91:75:a3:6d:2a:51:86:39:e4:13:93:b2:7c:
10:91:3a:15:f8:97:33:96:dc:f3:d6:b7:17:3c:ac:5c:31:9d:
c5:24:6f:07:06:09:65:af:33:bb:b7:53:ca:f3:94:d5:db:08:
1c:72:be:22
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPakwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAx
OTIyNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZBNTBEMzAxNzBGRjU2
RjhFNkE5RkMyRjBCMzYwN0Y2RjBGQkQwMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6L9GrORoKrymANNhx4ZvVEGLhkl4Rl3/bO9fPzx4ndqVOGPL0
xzX2dG5z8eLFznJBTf04lTydkNwtMu4/tZH/85J03GzXRyRKqs5P+IzwKYgW+Ud7
QUZFoILYvKrY6nzR1fxwxPsegcN7BJodfcqbJm8CU1mTrK9kE4wkDk6jEFVCe/Ko
Xn04StWQd/jb7YTGlVKSYiE0VIqoIjiUCV5dWKZVxzKArsvfwzQZyYhY53wZcxGp
s533BYlmJwCPg12ITNgZaB41ALXGqZahHDuMeBUp47qp1y9WKMW2RfM1nZ6tISzR
O/F48GZkTCdzDeRvYYoakDEdgcv4173U2rW1AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU+lDTAXD/VvjmqfwvCzYH9vD70AcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly1sRFRBWERfVnZqbXFm
d3ZDellIOXZENzBBYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAB2Zhzs3MaLenLX6
e8L5YGB6sBA7sF3gToh2HOMr+VOq0iXjyD9MJdtWC7f7lR7HhFLs3qFI7lViFHFL
k+EcYF4/fmxaxWgeA60LY0Rpvo9jbCVPGxZ9ioaGcjZspRECfVxntMofwq2QALje
OAZbMz0+Rug/cR9oDDwx4kKrwCWBQ5tPo6+GDgWOuDAkt22OlTX6IUEQAlaBQZHd
6KUSaFl8r4E7zo4ajG9X/wtuOWmLafd3m3eEDDX3ZqHeuon5oCfu2D4IvPEQ5vft
kXWjbSpRhjnkE5OyfBCROhX4lzOW3PPWtxc8rFwxncUkbwcGCWWvM7u3U8rzlNXb
CBxyviI=
-----END CERTIFICATE-----
Generated at Sat May 17 20:11:48 2025 by rpki-client