Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/oMkI34NBPyrNnKc2nnAGS465sUQ.roa
File: oMkI34NBPyrNnKc2nnAGS465sUQ.roa (raw, json)
Hash identifier: YoSZIzvYlp9PyZ7hPpb2FVYz1R9Sjv42jSgU5NQkIsU=
Subject key identifier: A0:C9:08:DF:83:41:3F:2A:CD:9C:A7:36:9E:70:06:4B:8E:B9:B1:44
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4CED
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oMkI34NBPyrNnKc2nnAGS465sUQ.roa
Signing time: Wed 01 May 2024 03:53:35 +0000
ROA not before: Wed 01 May 2024 03:53:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19693 (0x4ced)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 03:53:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A0C908DF83413F2ACD9CA7369E70064B8EB9B144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cc:ff:3b:e4:24:36:03:ad:ef:26:e5:e1:2b:
3b:ee:0d:52:c9:69:f5:56:11:3b:f9:c9:21:c0:e6:
45:39:db:82:e9:23:66:72:ba:77:30:d6:bf:d1:9d:
9e:b4:5e:ca:54:c6:7a:06:3a:03:90:53:2b:11:98:
35:1a:ad:0e:65:97:f6:cd:2e:08:f9:8b:6b:91:19:
6e:89:f1:72:f3:9c:be:ab:8e:ae:ce:47:0a:ed:33:
8d:53:43:6d:f2:3e:d7:70:15:24:c4:82:9a:6f:5f:
d9:ed:b7:73:0e:85:55:46:6c:29:c7:ca:2d:8d:ca:
9b:5a:21:62:6a:a7:05:76:6f:d7:46:75:54:1f:6b:
53:74:5b:f7:5a:ec:28:b2:ae:69:70:74:11:06:82:
07:b9:08:18:d1:c4:fd:74:e9:2e:f2:21:48:ba:b4:
1e:a3:5c:99:33:98:b0:90:ba:4c:28:b8:79:e7:e1:
d8:d3:4c:4e:28:98:d4:1f:ed:5b:bc:0b:ec:b2:98:
7b:d3:0b:c4:a8:d7:ef:e8:c9:61:6e:79:bb:b0:3e:
57:eb:b5:b8:a3:bb:95:cb:30:55:d1:d7:91:71:5c:
fd:72:98:2c:aa:89:c7:84:a9:d5:4d:44:f1:35:65:
6b:84:bf:dd:3b:66:38:b1:75:83:d8:81:fa:c1:c4:
87:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C9:08:DF:83:41:3F:2A:CD:9C:A7:36:9E:70:06:4B:8E:B9:B1:44
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oMkI34NBPyrNnKc2nnAGS465sUQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3c:97:16:32:4f:ee:f2:f2:23:13:e8:cd:46:d5:e4:57:6c:3c:
d7:13:62:36:33:1d:a3:46:0b:8a:74:09:67:ea:48:65:77:8d:
75:0a:a9:b3:97:9e:18:4e:d8:c6:c5:e7:37:f4:4a:a3:bc:19:
4f:9f:15:ff:c6:e1:48:ae:d5:98:28:2a:a2:35:1d:18:97:8d:
e5:1d:3a:ef:81:df:e1:8e:55:09:c5:fe:12:95:b8:da:28:62:
f6:1f:d6:9c:40:2a:77:a4:4c:e5:c2:91:b3:de:c7:89:81:9d:
c7:31:e5:3e:27:6b:cc:85:66:9b:76:72:78:2d:06:ec:e0:61:
19:a4:69:32:8c:c5:3d:68:15:4f:c4:90:cf:94:b1:d5:6e:cb:
6c:60:c7:17:3e:80:76:f7:8b:69:ea:20:e7:5b:ad:50:a3:54:
71:35:e7:ad:e0:e2:47:02:a3:19:d6:f3:5f:66:fa:15:cb:19:
1d:da:82:09:65:97:df:ed:0c:ad:dd:63:66:0f:30:16:ba:73:
ff:a1:91:2f:f9:ea:d6:80:90:25:c3:fd:5b:61:91:af:53:e0:
d8:3d:f6:70:6a:d3:ab:13:f3:d6:13:c4:46:3c:14:b5:93:12:
ca:08:b7:34:25:b6:95:1d:cc:d9:44:3f:58:be:d1:58:a8:5f:
24:29:12:18
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTO0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEw
MzUzMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEwQzkwOERGODM0MTNG
MkFDRDlDQTczNjlFNzAwNjRCOEVCOUIxNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4zP875CQ2A63vJuXhKzvuDVLJafVWETv5ySHA5kU524LpI2Zy
uncw1r/RnZ60XspUxnoGOgOQUysRmDUarQ5ll/bNLgj5i2uRGW6J8XLznL6rjq7O
RwrtM41TQ23yPtdwFSTEgppvX9ntt3MOhVVGbCnHyi2NyptaIWJqpwV2b9dGdVQf
a1N0W/da7CiyrmlwdBEGgge5CBjRxP106S7yIUi6tB6jXJkzmLCQukwouHnn4djT
TE4omNQf7Vu8C+yymHvTC8So1+/oyWFuebuwPlfrtbiju5XLMFXR15FxXP1ymCyq
iceEqdVNRPE1ZWuEv907ZjixdYPYgfrBxIdjAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUoMkI34NBPyrNnKc2nnAGS465sUQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29Na0kzNE5CUHlyTm5L
YzJubkFHUzQ2NXNVUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADyXFjJP7vLyIxPo
zUbV5FdsPNcTYjYzHaNGC4p0CWfqSGV3jXUKqbOXnhhO2MbF5zf0SqO8GU+fFf/G
4Uiu1ZgoKqI1HRiXjeUdOu+B3+GOVQnF/hKVuNooYvYf1pxAKnekTOXCkbPex4mB
nccx5T4na8yFZpt2cngtBuzgYRmkaTKMxT1oFU/EkM+UsdVuy2xgxxc+gHb3i2nq
IOdbrVCjVHE1563g4kcCoxnW819m+hXLGR3agglll9/tDK3dY2YPMBa6c/+hkS/5
6taAkCXD/Vthka9T4Ng99nBq06sT89YTxEY8FLWTEsoItzQltpUdzNlEP1i+0Vio
XyQpEhg=
-----END CERTIFICATE-----
Generated at Sun May 18 15:30:33 2025 by rpki-client