Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LD5vUseKBbmZJefi9GDhqUfiY4U.roa
File: LD5vUseKBbmZJefi9GDhqUfiY4U.roa (raw, json)
Hash identifier: bIhZYYeQ56tWPPgL6jSvgm+gxlpbXRjp4Bs4OLlVQd8=
Subject key identifier: 2C:3E:6F:52:C7:8A:05:B9:99:25:E7:E2:F4:60:E1:A9:47:E2:63:85
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 50FD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LD5vUseKBbmZJefi9GDhqUfiY4U.roa
Signing time: Mon 06 May 2024 13:53:50 +0000
ROA not before: Mon 06 May 2024 13:53:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20733 (0x50fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 6 13:53:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2C3E6F52C78A05B99925E7E2F460E1A947E26385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6c:c7:e1:22:88:dd:a3:28:b4:43:cb:68:48:
ee:a5:20:29:98:c2:a4:ff:19:24:f1:79:d6:fe:fc:
1e:4c:11:79:d0:89:61:4e:39:bb:e9:96:c3:8e:0e:
88:d6:2f:6d:6b:b2:20:88:7e:c6:86:55:1d:82:36:
07:0f:b2:52:c2:b7:5f:02:a6:45:1a:71:d6:48:12:
03:08:f2:38:be:17:7b:cd:e6:f9:21:36:f7:1a:cb:
29:78:22:6f:c4:55:4c:fc:ba:d2:3e:9a:95:1e:75:
5b:7c:30:b3:bb:7a:8d:d4:6d:41:40:58:87:2e:c5:
51:45:6e:6d:c6:33:c2:c4:c3:53:60:1f:62:5c:65:
d4:24:96:be:94:37:26:c1:ee:82:d7:23:a4:42:8a:
11:a9:26:4e:ae:6c:3f:5c:63:a6:e7:c6:b3:3e:2f:
cc:e7:c2:22:78:15:43:20:26:ea:d1:90:c7:58:70:
31:73:f2:2e:6e:c8:35:30:a4:af:29:08:81:9a:73:
84:6e:90:f4:14:11:89:c4:66:a9:a3:67:7b:eb:b8:
a4:6a:70:5c:20:d0:20:f6:cc:af:83:ed:35:a8:9b:
59:14:a0:b3:f5:a0:9a:3b:ef:62:fc:84:e5:d7:71:
48:c7:7e:f6:bc:bf:b9:06:ac:18:c2:61:6b:25:9f:
89:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:3E:6F:52:C7:8A:05:B9:99:25:E7:E2:F4:60:E1:A9:47:E2:63:85
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LD5vUseKBbmZJefi9GDhqUfiY4U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b7:b4:81:09:79:21:a2:ca:7c:ae:e6:ec:dc:e8:95:85:d2:1e:
67:63:78:ba:4d:3d:65:57:ab:ca:72:2c:7b:97:40:04:e4:8f:
5e:57:dc:98:24:a9:bf:03:7e:bc:cb:af:0b:fc:f5:aa:80:1c:
d5:35:73:c3:48:6c:cb:a4:76:2e:53:20:07:26:ba:23:b9:4f:
47:63:fa:33:22:15:a1:4a:18:a7:f3:0f:3b:47:64:63:ac:76:
b3:31:31:61:39:c9:c9:0f:dd:52:99:08:40:a6:51:f2:b1:a7:
a4:f3:b4:b0:7f:84:71:4c:33:73:96:34:f1:82:3a:0b:11:9e:
3b:65:c0:c3:8e:e4:a1:34:24:9a:8c:45:41:5b:83:a4:c1:e3:
d3:79:c4:e7:03:8e:ee:50:bc:e7:63:a3:7c:d8:30:6e:5a:dd:
67:12:80:c3:1c:de:87:fb:9b:46:9a:bc:93:96:3f:9a:1d:0c:
d0:4a:0c:ff:55:7b:e5:68:5e:3d:8e:8e:0f:d8:19:e4:44:fe:
a7:1c:09:9e:d1:25:23:75:65:d8:02:75:42:f8:ab:3d:6b:55:
c4:53:11:f7:96:78:79:0e:ed:a2:ca:03:99:61:60:87:df:7f:
5e:5c:76:95:df:f3:ae:77:c5:b9:93:38:28:1a:27:e4:64:c0:
0e:39:ea:86
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUP0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYx
MzUzNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJDM0U2RjUyQzc4QTA1
Qjk5OTI1RTdFMkY0NjBFMUE5NDdFMjYzODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6bMfhIojdoyi0Q8toSO6lICmYwqT/GSTxedb+/B5MEXnQiWFO
ObvplsOODojWL21rsiCIfsaGVR2CNgcPslLCt18CpkUacdZIEgMI8ji+F3vN5vkh
Nvcayyl4Im/EVUz8utI+mpUedVt8MLO7eo3UbUFAWIcuxVFFbm3GM8LEw1NgH2Jc
ZdQklr6UNybB7oLXI6RCihGpJk6ubD9cY6bnxrM+L8znwiJ4FUMgJurRkMdYcDFz
8i5uyDUwpK8pCIGac4RukPQUEYnEZqmjZ3vruKRqcFwg0CD2zK+D7TWom1kUoLP1
oJo772L8hOXXcUjHfva8v7kGrBjCYWsln4kdAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQULD5vUseKBbmZJefi9GDhqUfiY4UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xENXZVc2VLQmJtWkpl
Zmk5R0RocVVmaVk0VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALe0gQl5IaLKfK7m
7NzolYXSHmdjeLpNPWVXq8pyLHuXQATkj15X3Jgkqb8DfrzLrwv89aqAHNU1c8NI
bMukdi5TIAcmuiO5T0dj+jMiFaFKGKfzDztHZGOsdrMxMWE5yckP3VKZCECmUfKx
p6TztLB/hHFMM3OWNPGCOgsRnjtlwMOO5KE0JJqMRUFbg6TB49N5xOcDju5QvOdj
o3zYMG5a3WcSgMMc3of7m0aavJOWP5odDNBKDP9Ve+VoXj2Ojg/YGeRE/qccCZ7R
JSN1ZdgCdUL4qz1rVcRTEfeWeHkO7aLKA5lhYIfff15cdpXf8653xbmTOCgaJ+Rk
wA456oY=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:28:54 2025 by rpki-client