Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/U-y1tccaj3UXKmSxll2nc9lvYs4.roa
File: U-y1tccaj3UXKmSxll2nc9lvYs4.roa (raw, json)
Hash identifier: tSYyk+tZ3uR1esQlTJ5T3hNgInD0Xz+lUET7anzgADY=
Subject key identifier: 53:EC:B5:B5:C7:1A:8F:75:17:2A:64:B1:96:5D:A7:73:D9:6F:62:CE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4CC5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/U-y1tccaj3UXKmSxll2nc9lvYs4.roa
Signing time: Tue 30 Apr 2024 22:53:35 +0000
ROA not before: Tue 30 Apr 2024 22:53:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19653 (0x4cc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 30 22:53:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=53ECB5B5C71A8F75172A64B1965DA773D96F62CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2e:fb:6f:f7:46:73:d4:33:1b:fb:8a:2e:52:
da:11:3e:ea:94:0e:8a:82:cf:53:e7:eb:66:56:73:
b7:e4:b0:97:f9:34:41:57:c1:50:b0:05:be:87:12:
d8:03:9d:2d:c3:8b:19:43:21:c3:14:70:3f:88:c5:
4a:92:aa:7f:7f:b1:4f:68:2d:22:11:66:18:e2:3a:
d5:e1:38:71:47:de:05:62:be:ac:f6:88:6a:e8:78:
14:f5:c0:4a:62:c1:81:2a:89:64:84:70:c4:55:bd:
04:eb:fc:f4:3f:6c:a0:94:ac:b5:a1:3b:55:aa:d9:
2b:ce:6a:3f:3d:cd:df:16:0f:45:3e:cc:1b:b1:ae:
22:80:32:6f:a5:fb:39:ff:1e:4f:74:35:f0:9a:16:
76:af:74:09:6d:97:69:8a:5e:d2:ae:6c:f5:f9:79:
4a:cb:27:94:9c:c5:52:6f:d0:8f:5b:be:88:21:f4:
9e:fe:6a:02:a4:f8:fd:43:94:e7:f0:9a:a2:bd:68:
9b:36:9c:cd:c9:0b:18:8b:0f:51:46:f3:0d:d2:7e:
65:97:95:20:cb:0c:bd:22:7d:b0:87:99:62:1d:37:
f6:65:fc:b7:6e:91:27:3a:c3:6c:33:65:31:9f:cb:
27:b1:76:86:8d:40:57:33:14:74:d3:0d:9e:87:41:
37:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EC:B5:B5:C7:1A:8F:75:17:2A:64:B1:96:5D:A7:73:D9:6F:62:CE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/U-y1tccaj3UXKmSxll2nc9lvYs4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4f:b7:dd:00:23:de:04:0b:74:2d:cb:94:a7:8b:81:6d:10:67:
81:a5:de:51:d1:9d:cf:1e:c3:86:3f:85:8a:4e:95:5d:69:7c:
28:4b:c4:98:59:1f:c5:05:b1:33:48:8d:bd:0b:77:61:fe:d6:
6c:cb:0a:1f:c1:de:1a:e5:72:c1:21:5a:83:a1:fc:33:13:05:
eb:62:33:1d:61:66:00:40:ac:df:02:70:10:b7:23:a6:07:b4:
6d:3b:d5:56:be:f4:e2:fb:6f:21:25:dc:7e:cf:4f:17:af:01:
d6:bb:76:78:7b:ac:90:7c:02:f7:c8:64:eb:b6:4b:d8:b0:cb:
3e:2e:57:3d:e9:11:32:0c:1f:71:a6:b7:1c:a6:53:a0:3f:a1:
b6:59:55:41:0c:66:87:b9:26:31:52:01:ed:a1:0f:d5:de:23:
d2:24:ce:70:aa:f4:db:9c:e6:e4:15:ae:1f:ba:5f:32:2c:40:
f3:69:0f:62:4c:49:e9:a5:df:11:8c:57:31:06:3b:54:87:d0:
b2:c1:15:78:e1:1d:84:bb:5b:5f:32:d4:3b:71:f3:66:4c:ca:
39:f4:9b:88:6c:46:f4:9b:93:6c:32:83:3d:b3:65:a2:50:13:
1f:ee:38:2b:ce:70:c7:07:01:d9:5a:6b:16:83:6c:35:bf:8f:
7f:d1:f2:30
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MzAy
MjUzMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUzRUNCNUI1QzcxQThG
NzUxNzJBNjRCMTk2NURBNzczRDk2RjYyQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTLvtv90Zz1DMb+4ouUtoRPuqUDoqCz1Pn62ZWc7fksJf5NEFX
wVCwBb6HEtgDnS3DixlDIcMUcD+IxUqSqn9/sU9oLSIRZhjiOtXhOHFH3gVivqz2
iGroeBT1wEpiwYEqiWSEcMRVvQTr/PQ/bKCUrLWhO1Wq2SvOaj89zd8WD0U+zBux
riKAMm+l+zn/Hk90NfCaFnavdAltl2mKXtKubPX5eUrLJ5ScxVJv0I9bvogh9J7+
agKk+P1DlOfwmqK9aJs2nM3JCxiLD1FG8w3SfmWXlSDLDL0ifbCHmWIdN/Zl/Ldu
kSc6w2wzZTGfyyexdoaNQFczFHTTDZ6HQTcXAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUU+y1tccaj3UXKmSxll2nc9lvYs4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1UteTF0Y2NhajNVWEtt
U3hsbDJuYzlsdllzNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAE+33QAj3gQLdC3L
lKeLgW0QZ4Gl3lHRnc8ew4Y/hYpOlV1pfChLxJhZH8UFsTNIjb0Ld2H+1mzLCh/B
3hrlcsEhWoOh/DMTBetiMx1hZgBArN8CcBC3I6YHtG071Va+9OL7byEl3H7PTxev
Ada7dnh7rJB8AvfIZOu2S9iwyz4uVz3pETIMH3GmtxymU6A/obZZVUEMZoe5JjFS
Ae2hD9XeI9IkznCq9Nuc5uQVrh+6XzIsQPNpD2JMSeml3xGMVzEGO1SH0LLBFXjh
HYS7W18y1Dtx82ZMyjn0m4hsRvSbk2wygz2zZaJQEx/uOCvOcMcHAdlaaxaDbDW/
j3/R8jA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:08:24 2025 by rpki-client