Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/1YHwxPMfZDEV77A8xajsbWsMIXI.roa
File: 1YHwxPMfZDEV77A8xajsbWsMIXI.roa (raw, json)
Hash identifier: 3wIkajMEwuTUIt7t1MftiSB9T3YvQxs0M6LLQdOATt0=
Subject key identifier: D5:81:F0:C4:F3:1F:64:31:15:EF:B0:3C:C5:A8:EC:6D:6B:0C:21:72
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4499
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1YHwxPMfZDEV77A8xajsbWsMIXI.roa
Signing time: Sat 20 Apr 2024 01:23:03 +0000
ROA not before: Sat 20 Apr 2024 01:23:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17561 (0x4499)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 01:23:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D581F0C4F31F643115EFB03CC5A8EC6D6B0C2172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0b:af:f3:43:0f:3a:a0:66:7b:46:0f:2e:b5:
e7:63:e9:19:38:b3:48:7c:f3:e6:42:22:46:ae:bb:
b5:79:6f:4f:ae:2d:35:22:81:8b:23:ef:18:56:70:
89:e5:09:4a:4a:ad:71:eb:4b:4c:ae:84:df:13:85:
93:03:91:1e:8a:d5:7d:96:44:37:b7:11:72:a4:30:
7b:0f:2c:d4:2f:4e:02:a5:e0:7d:3d:c8:b1:0a:7d:
25:94:29:7a:a6:de:4f:87:0f:75:35:84:95:1a:44:
f7:f4:09:28:5c:13:6a:62:08:27:19:fb:93:c2:7d:
f8:aa:ba:c2:81:7f:ee:5e:87:37:f9:2b:e4:d4:c4:
22:f9:1e:0f:b5:0a:96:ba:c0:a7:4f:5c:4b:6f:f3:
0d:53:a3:06:51:d1:00:3d:a9:6e:97:01:c5:85:f0:
04:08:8e:f0:83:37:b0:eb:e2:0f:dc:3e:b8:7b:27:
b7:32:38:c2:ab:03:18:ce:ef:3d:7a:30:4a:f4:8f:
f0:01:d1:55:d0:8d:69:fa:c7:a6:3e:4c:83:7e:2b:
cf:d5:81:6c:64:4a:68:14:32:46:8d:dc:39:9b:32:
80:60:3f:1e:9c:9d:fa:8d:91:fd:d9:52:77:3e:10:
bc:a0:13:34:d6:3f:80:9d:88:c7:fe:ce:25:90:fe:
dc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:81:F0:C4:F3:1F:64:31:15:EF:B0:3C:C5:A8:EC:6D:6B:0C:21:72
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1YHwxPMfZDEV77A8xajsbWsMIXI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
94:c7:51:e0:47:04:35:eb:f4:2b:22:bc:40:8f:6c:ee:46:5b:
d5:fa:f7:51:85:97:d1:e4:22:1f:3a:69:4c:14:57:6b:aa:ab:
30:a6:6a:f4:58:fc:dd:d0:61:35:40:2a:b0:95:14:0b:86:d0:
f0:1d:63:a1:ad:97:57:de:ba:ce:d3:31:1f:40:8a:ef:3f:71:
e5:b0:4c:e7:4e:83:c0:90:22:8e:c2:fa:7a:fd:8f:00:4b:43:
d0:78:df:37:9c:8f:f1:99:6d:67:91:af:1c:40:10:82:b6:e7:
4f:30:05:fe:34:37:76:06:46:c3:15:bf:ee:79:36:6b:ad:96:
58:47:1c:72:4c:c0:13:06:d7:aa:3f:01:2c:a4:25:12:f8:75:
63:60:dc:21:b7:ae:48:df:25:31:74:fb:bd:22:44:9b:a7:07:
ec:22:d2:86:5b:9d:f2:91:37:d6:73:1e:b5:fe:c7:3b:59:c3:
ae:9e:2c:61:7e:b0:35:51:46:98:c9:21:02:a6:55:cc:b9:13:
e4:e3:32:40:80:c1:99:c5:cb:0a:d9:5b:da:1f:1e:39:d3:3e:
e9:b1:55:1f:5e:ca:9e:f2:60:bd:dc:b6:ac:6c:50:1e:5e:5d:
ea:17:31:54:c7:a6:3c:cd:85:be:80:d5:08:71:ae:3d:46:a4:
21:43:66:d5
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
MTIzMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ1ODFGMEM0RjMxRjY0
MzExNUVGQjAzQ0M1QThFQzZENkIwQzIxNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQC6/zQw86oGZ7Rg8utedj6Rk4s0h88+ZCIkauu7V5b0+uLTUi
gYsj7xhWcInlCUpKrXHrS0yuhN8ThZMDkR6K1X2WRDe3EXKkMHsPLNQvTgKl4H09
yLEKfSWUKXqm3k+HD3U1hJUaRPf0CShcE2piCCcZ+5PCffiqusKBf+5ehzf5K+TU
xCL5Hg+1Cpa6wKdPXEtv8w1TowZR0QA9qW6XAcWF8AQIjvCDN7Dr4g/cPrh7J7cy
OMKrAxjO7z16MEr0j/AB0VXQjWn6x6Y+TIN+K8/VgWxkSmgUMkaN3DmbMoBgPx6c
nfqNkf3ZUnc+ELygEzTWP4CdiMf+ziWQ/txbAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU1YHwxPMfZDEV77A8xajsbWsMIXIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzFZSHd4UE1mWkRFVjc3
QTh4YWpzYldzTUlYSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJTHUeBHBDXr9Csi
vECPbO5GW9X691GFl9HkIh86aUwUV2uqqzCmavRY/N3QYTVAKrCVFAuG0PAdY6Gt
l1feus7TMR9Aiu8/ceWwTOdOg8CQIo7C+nr9jwBLQ9B43zecj/GZbWeRrxxAEIK2
508wBf40N3YGRsMVv+55NmutllhHHHJMwBMG16o/ASykJRL4dWNg3CG3rkjfJTF0
+70iRJunB+wi0oZbnfKRN9ZzHrX+xztZw66eLGF+sDVRRpjJIQKmVcy5E+TjMkCA
wZnFywrZW9ofHjnTPumxVR9eyp7yYL3ctqxsUB5eXeoXMVTHpjzNhb6A1Qhxrj1G
pCFDZtU=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:56:24 2025 by rpki-client