Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/EtIao24iIPVDS2AGNMKfjUOYhYc.roa
File: EtIao24iIPVDS2AGNMKfjUOYhYc.roa (raw, json)
Hash identifier: /4jL46DxDwaY/W5MMFLQGHsAxzEWP6u4clem7ApUu1A=
Subject key identifier: 12:D2:1A:A3:6E:22:20:F5:43:4B:60:06:34:C2:9F:8D:43:98:85:87
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 56AD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EtIao24iIPVDS2AGNMKfjUOYhYc.roa
Signing time: Tue 14 May 2024 03:54:08 +0000
ROA not before: Tue 14 May 2024 03:54:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22189 (0x56ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 03:54:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=12D21AA36E2220F5434B600634C29F8D43988587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5a:37:28:3b:7f:c8:56:3a:33:d1:86:9e:48:
33:85:56:c1:e8:7b:3d:81:b8:f3:99:3f:00:40:71:
67:83:a0:03:f9:8a:55:a5:d0:aa:33:d6:0e:93:64:
68:52:13:a2:0d:e0:28:d9:b3:cc:af:ae:74:2d:de:
ce:1c:c6:37:b0:55:b5:d2:21:ca:c5:81:83:24:55:
b1:21:b1:0c:7d:29:31:fe:ed:3e:60:52:7a:34:49:
43:47:aa:43:f8:55:6e:c5:00:53:4e:29:a2:9f:a7:
8b:2f:65:1f:82:54:99:8c:bc:0a:0f:67:05:0a:0e:
e0:65:62:b8:95:e8:75:d0:ed:6c:1c:69:24:4a:8a:
cb:cb:21:8c:fd:45:e9:34:54:a5:be:20:55:e1:44:
49:88:b0:e2:ab:6b:fb:91:95:fe:12:6d:c0:52:4c:
23:1f:3e:29:d8:de:d5:27:08:25:ea:dd:d3:3f:7c:
60:c0:82:90:f3:b8:e7:62:59:89:7d:c7:f2:8f:f0:
41:cd:21:f0:dc:b8:f4:85:63:80:02:91:80:35:dc:
93:c0:c1:10:f1:4b:7f:7b:6c:b8:62:cf:91:68:c5:
6d:cf:09:ca:4e:e2:89:c5:c7:59:de:a8:fb:e5:1a:
e5:dd:76:28:44:b8:69:88:e1:20:ac:6c:82:6c:78:
1a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:D2:1A:A3:6E:22:20:F5:43:4B:60:06:34:C2:9F:8D:43:98:85:87
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EtIao24iIPVDS2AGNMKfjUOYhYc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
81:09:33:9b:e2:b1:7e:01:8c:0a:79:49:1f:09:ea:4f:ca:54:
24:15:26:ea:06:17:63:65:33:67:e2:69:3a:6d:14:e1:ad:6c:
ad:3d:75:30:9c:9c:3d:95:49:81:5d:84:13:9d:c0:13:c4:6c:
82:2a:85:ca:22:73:11:86:ee:c6:dc:92:ff:90:38:46:98:40:
0e:cc:8d:b0:93:7d:bf:4b:69:26:87:1a:6d:0d:11:64:2b:71:
11:55:3b:6e:5e:a1:9d:1d:a1:72:d7:96:f0:d9:fe:57:30:fd:
5a:66:ac:ef:fb:9d:54:9c:0b:b8:55:a1:6d:33:bc:d4:20:e3:
5c:73:72:a2:02:81:38:8e:a3:ac:86:e2:27:e0:f0:3c:73:3c:
95:f6:ae:84:08:e9:2e:16:53:14:dc:19:c4:02:2e:6e:33:1c:
51:b4:2e:a8:88:8e:10:d3:2d:9a:06:bd:66:8b:13:1d:e6:cc:
ef:8c:f8:91:31:dc:85:9f:c5:58:f6:f1:76:d5:0f:79:30:cc:
8a:24:98:47:3a:91:37:3e:1e:b6:7c:08:ac:a9:7e:a7:44:62:
36:75:27:93:1d:86:16:e9:3a:a7:97:3f:56:f7:8b:93:d0:5b:
07:d0:74:1e:b0:7e:84:20:7c:64:30:a6:4d:a8:04:37:49:15:
66:0e:32:24
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVq0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQw
MzU0MDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEyRDIxQUEzNkUyMjIw
RjU0MzRCNjAwNjM0QzI5RjhENDM5ODg1ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEWjcoO3/IVjoz0YaeSDOFVsHoez2BuPOZPwBAcWeDoAP5ilWl
0Koz1g6TZGhSE6IN4CjZs8yvrnQt3s4cxjewVbXSIcrFgYMkVbEhsQx9KTH+7T5g
Uno0SUNHqkP4VW7FAFNOKaKfp4svZR+CVJmMvAoPZwUKDuBlYriV6HXQ7WwcaSRK
isvLIYz9Rek0VKW+IFXhREmIsOKra/uRlf4SbcBSTCMfPinY3tUnCCXq3dM/fGDA
gpDzuOdiWYl9x/KP8EHNIfDcuPSFY4ACkYA13JPAwRDxS397bLhiz5FoxW3PCcpO
4onFx1neqPvlGuXddihEuGmI4SCsbIJseBoVAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUEtIao24iIPVDS2AGNMKfjUOYhYcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0V0SWFvMjRpSVBWRFMy
QUdOTUtmalVPWWhZYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIEJM5visX4BjAp5
SR8J6k/KVCQVJuoGF2NlM2fiaTptFOGtbK09dTCcnD2VSYFdhBOdwBPEbIIqhcoi
cxGG7sbckv+QOEaYQA7MjbCTfb9LaSaHGm0NEWQrcRFVO25eoZ0doXLXlvDZ/lcw
/VpmrO/7nVScC7hVoW0zvNQg41xzcqICgTiOo6yG4ifg8DxzPJX2roQI6S4WUxTc
GcQCLm4zHFG0LqiIjhDTLZoGvWaLEx3mzO+M+JEx3IWfxVj28XbVD3kwzIokmEc6
kTc+HrZ8CKypfqdEYjZ1J5MdhhbpOqeXP1b3i5PQWwfQdB6wfoQgfGQwpk2oBDdJ
FWYOMiQ=
-----END CERTIFICATE-----
Generated at Sat Jun 21 05:35:20 2025 by rpki-client