Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/PHMI9TVpv0vENSKVi_YhNOPJ4SI.roa
File: PHMI9TVpv0vENSKVi_YhNOPJ4SI.roa (raw, json)
Hash identifier: R/J44ZRDCHU+Lbcg7bwhoBsdETB8tL3UAKCCU9OFoJA=
Subject key identifier: 3C:73:08:F5:35:69:BF:4B:C4:35:22:95:8B:F6:21:34:E3:C9:E1:22
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4149
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PHMI9TVpv0vENSKVi_YhNOPJ4SI.roa
Signing time: Mon 15 Apr 2024 15:23:01 +0000
ROA not before: Mon 15 Apr 2024 15:23:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16713 (0x4149)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 15:23:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3C7308F53569BF4BC43522958BF62134E3C9E122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:76:3e:5f:d4:67:d4:2d:14:8d:20:9b:53:8c:
cf:aa:04:d2:33:b2:1c:a4:d6:ef:1c:ba:75:fb:40:
ee:34:d3:7f:61:ed:f3:87:ee:2c:12:82:5f:ff:35:
34:e6:d1:b0:1d:74:92:01:4b:b9:4a:59:84:7d:5a:
7e:6a:3a:41:b9:4f:c8:7b:0f:94:e4:be:c6:59:8b:
9d:59:2c:0d:5c:4f:6a:81:6a:65:12:cd:51:ab:f1:
97:aa:bb:c3:84:d1:b8:cd:74:df:67:22:3e:db:0d:
66:d8:31:2a:f3:f9:1b:db:bb:37:dc:29:2b:77:7f:
dc:40:af:4b:88:3b:b9:0a:c0:12:45:42:21:d3:e3:
c3:9c:8b:07:8d:98:9c:f6:4a:1d:0e:f8:45:ee:2d:
ba:42:4b:fb:06:17:6a:89:f8:3b:00:59:67:e7:38:
3e:65:b1:83:5e:9f:b3:c2:5f:5e:75:5f:20:dc:e0:
bc:26:ea:bd:a3:0d:db:fd:1e:61:94:6f:24:74:ce:
f3:9b:6a:ac:d8:13:d6:b5:ad:1d:8d:52:29:63:17:
7f:3f:f8:d3:cc:d2:4b:85:c3:06:6c:90:50:9a:03:
b1:ed:dd:fd:e8:9c:ff:3d:80:ca:e4:bf:47:d7:ea:
31:df:88:91:dd:c5:61:fc:d4:4b:f7:16:7f:0c:5f:
0e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:73:08:F5:35:69:BF:4B:C4:35:22:95:8B:F6:21:34:E3:C9:E1:22
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PHMI9TVpv0vENSKVi_YhNOPJ4SI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
70:26:52:dd:00:7d:45:47:86:0e:a2:47:9c:a0:40:78:3c:41:
0e:b5:87:44:f4:fd:34:72:5e:ee:c0:87:95:88:8d:6b:b4:29:
a0:b2:b7:aa:da:67:83:75:fa:99:8b:04:15:0f:70:45:86:47:
8a:a7:16:e0:fa:71:6f:8a:20:28:99:04:28:c7:b1:14:d0:c1:
40:91:4e:58:70:73:30:29:bb:85:20:fb:1a:08:f3:2a:5b:ad:
ca:fd:65:26:f2:92:60:4d:ae:79:b8:91:d3:9f:4e:5f:54:46:
e3:20:03:fb:99:e8:ef:01:73:8a:d4:45:bb:75:44:d1:40:fd:
1b:46:49:0b:ce:ce:db:8e:55:ba:a3:aa:d6:c4:6b:7e:e9:aa:
a4:e0:31:1e:fc:7b:38:4f:ae:bb:ad:61:d3:d6:82:0a:c6:ec:
d2:01:55:1d:97:e8:9c:da:10:86:fe:9e:01:f4:81:c6:7e:82:
6f:74:b1:79:73:56:8c:60:90:71:18:74:b2:47:0d:fe:c9:41:
f7:c2:86:8f:ea:3e:40:98:3d:09:74:53:c6:1c:ce:1a:53:0d:
63:4d:82:a8:b6:83:9c:f1:a6:75:51:54:37:87:53:b4:a2:c0:
fc:9f:22:42:35:95:89:b7:95:90:06:0f:e4:f2:48:00:dd:74:
22:72:bb:7d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQUkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUx
NTIzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNDNzMwOEY1MzU2OUJG
NEJDNDM1MjI5NThCRjYyMTM0RTNDOUUxMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDldj5f1GfULRSNIJtTjM+qBNIzshyk1u8cunX7QO40039h7fOH
7iwSgl//NTTm0bAddJIBS7lKWYR9Wn5qOkG5T8h7D5TkvsZZi51ZLA1cT2qBamUS
zVGr8Zequ8OE0bjNdN9nIj7bDWbYMSrz+RvbuzfcKSt3f9xAr0uIO7kKwBJFQiHT
48OciweNmJz2Sh0O+EXuLbpCS/sGF2qJ+DsAWWfnOD5lsYNen7PCX151XyDc4Lwm
6r2jDdv9HmGUbyR0zvObaqzYE9a1rR2NUiljF38/+NPM0kuFwwZskFCaA7Ht3f3o
nP89gMrkv0fX6jHfiJHdxWH81Ev3Fn8MXw75AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUPHMI9TVpv0vENSKVi/YhNOPJ4SIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1BITUk5VFZwdjB2RU5T
S1ZpX1loTk9QSjRTSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHAmUt0AfUVHhg6i
R5ygQHg8QQ61h0T0/TRyXu7Ah5WIjWu0KaCyt6raZ4N1+pmLBBUPcEWGR4qnFuD6
cW+KICiZBCjHsRTQwUCRTlhwczApu4Ug+xoI8ypbrcr9ZSbykmBNrnm4kdOfTl9U
RuMgA/uZ6O8Bc4rURbt1RNFA/RtGSQvOztuOVbqjqtbEa37pqqTgMR78ezhPrrut
YdPWggrG7NIBVR2X6JzaEIb+ngH0gcZ+gm90sXlzVoxgkHEYdLJHDf7JQffCho/q
PkCYPQl0U8YczhpTDWNNgqi2g5zxpnVRVDeHU7SiwPyfIkI1lYm3lZAGD+TySADd
dCJyu30=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:26:51 2025 by rpki-client