Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OepaGq7t8cEiXH4ej8NI1pkadOA.roa
File: OepaGq7t8cEiXH4ej8NI1pkadOA.roa (raw, json)
Hash identifier: wiKgf3ie8xRWwcLF+K9jVELs9L/Br6vr5qiaUtCoZOM=
Subject key identifier: 39:EA:5A:1A:AE:ED:F1:C1:22:5C:7E:1E:8F:C3:48:D6:99:1A:74:E0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4569
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OepaGq7t8cEiXH4ej8NI1pkadOA.roa
Signing time: Sun 21 Apr 2024 03:23:05 +0000
ROA not before: Sun 21 Apr 2024 03:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17769 (0x4569)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 21 03:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=39EA5A1AAEEDF1C1225C7E1E8FC348D6991A74E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:04:32:d1:f9:8d:73:44:9b:48:d3:bd:10:82:
50:34:ce:60:d2:f5:57:6d:74:40:8c:cc:29:4c:ee:
ba:74:7a:a8:ae:41:69:1f:2a:8c:da:69:34:c4:0b:
aa:21:9b:39:5b:ce:fb:48:29:66:c2:c4:a1:74:5d:
d2:7f:3e:eb:f8:57:80:98:cf:e0:bf:c2:9a:4e:95:
f5:fe:83:d3:fb:a6:5e:bb:f7:6a:72:54:d8:d9:c1:
2b:33:b7:c4:4a:ac:22:f9:0d:8d:6a:d6:fe:da:13:
27:b9:88:b3:50:1e:d2:00:ee:eb:35:21:72:5a:37:
e7:28:d1:39:42:99:6a:db:5d:cf:51:a1:49:ea:42:
31:6c:c5:7e:ce:c6:ee:28:0c:92:60:32:57:2c:05:
7c:de:11:77:f4:84:62:e6:13:06:e2:93:70:96:97:
58:c6:bc:48:9e:0c:17:86:6a:7e:04:85:38:89:45:
a7:40:6c:78:7e:05:69:99:d9:9b:90:92:8b:e1:b8:
83:4b:06:5a:7a:6e:e7:b0:33:88:41:b6:8a:36:79:
31:cc:cb:b8:5f:2f:74:4f:93:c1:f4:ad:4d:9d:b9:
63:76:c8:01:00:7f:26:07:cb:88:a4:19:6a:da:84:
16:e8:d3:fc:31:69:ab:bd:cd:11:b2:22:5b:ff:58:
4c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:EA:5A:1A:AE:ED:F1:C1:22:5C:7E:1E:8F:C3:48:D6:99:1A:74:E0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OepaGq7t8cEiXH4ej8NI1pkadOA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6a:4e:91:9e:7e:fd:ca:1e:2d:d3:63:f2:b5:6e:d9:57:d7:48:
47:4d:9d:32:a3:d2:bc:7b:81:69:9c:c2:78:d3:4f:a2:8f:e5:
8c:f6:ec:f6:8d:24:25:78:ad:38:68:40:3a:69:99:39:9b:b7:
0d:2f:0c:47:2f:83:66:77:f4:df:08:2f:df:16:cc:43:ae:7d:
b6:df:0a:ab:8f:d4:f1:e7:b9:c4:99:29:20:1f:fa:b5:a3:e1:
b3:25:fd:12:2c:c9:f5:38:fc:11:64:3c:b9:c3:0e:ea:2d:c1:
ed:61:b4:8a:7e:1c:19:6d:f4:c0:40:f0:4c:99:3f:3d:4f:67:
30:a1:43:dd:7b:89:bf:8c:27:74:0a:5a:e0:28:0b:21:1c:2b:
1f:38:f2:f7:37:68:54:ba:f5:9c:a1:77:c4:72:9d:7e:a4:62:
fb:bf:64:1e:35:3a:5c:d1:a9:7d:a4:8d:b7:9f:97:8b:bd:00:
e9:f7:35:77:e0:ee:28:ad:18:86:b4:ea:77:06:8a:32:9f:8b:
62:32:df:2a:36:14:7d:e5:85:ea:1e:85:7f:bf:98:76:3c:79:
85:76:88:89:fc:a3:ee:43:7f:67:a4:63:2c:6a:62:a7:d0:8b:
08:b6:00:3c:e1:6e:cc:f1:72:80:2c:26:2b:a3:17:8a:a1:61:
0b:e7:52:fd
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRWkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjEw
MzIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM5RUE1QTFBQUVFREYx
QzEyMjVDN0UxRThGQzM0OEQ2OTkxQTc0RTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmBDLR+Y1zRJtI070QglA0zmDS9VdtdECMzClM7rp0eqiuQWkf
KozaaTTEC6ohmzlbzvtIKWbCxKF0XdJ/Puv4V4CYz+C/wppOlfX+g9P7pl6792py
VNjZwSszt8RKrCL5DY1q1v7aEye5iLNQHtIA7us1IXJaN+co0TlCmWrbXc9RoUnq
QjFsxX7Oxu4oDJJgMlcsBXzeEXf0hGLmEwbik3CWl1jGvEieDBeGan4EhTiJRadA
bHh+BWmZ2ZuQkovhuINLBlp6buewM4hBtoo2eTHMy7hfL3RPk8H0rU2duWN2yAEA
fyYHy4ikGWrahBbo0/wxaau9zRGyIlv/WEyZAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUOepaGq7t8cEiXH4ej8NI1pkadOAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09lcGFHcTd0OGNFaVhI
NGVqOE5JMXBrYWRPQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGpOkZ5+/coeLdNj
8rVu2VfXSEdNnTKj0rx7gWmcwnjTT6KP5Yz27PaNJCV4rThoQDppmTmbtw0vDEcv
g2Z39N8IL98WzEOufbbfCquP1PHnucSZKSAf+rWj4bMl/RIsyfU4/BFkPLnDDuot
we1htIp+HBlt9MBA8EyZPz1PZzChQ917ib+MJ3QKWuAoCyEcKx848vc3aFS69Zyh
d8RynX6kYvu/ZB41OlzRqX2kjbefl4u9AOn3NXfg7iitGIa06ncGijKfi2Iy3yo2
FH3lheoehX+/mHY8eYV2iIn8o+5Df2ekYyxqYqfQiwi2ADzhbszxcoAsJiujF4qh
YQvnUv0=
-----END CERTIFICATE-----
Generated at Sun May 18 15:42:16 2025 by rpki-client