Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Xs4lBdAb6JYf3HrwfOnRE8hSIIE.roa
File: Xs4lBdAb6JYf3HrwfOnRE8hSIIE.roa (raw, json)
Hash identifier: zG+WuSpua91uFBeXu9/q61iljaUvUPFJRJho59Jy7oU=
Subject key identifier: 5E:CE:25:05:D0:1B:E8:96:1F:DC:7A:F0:7C:E9:D1:13:C8:52:20:81
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3561
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Xs4lBdAb6JYf3HrwfOnRE8hSIIE.roa
Signing time: Sat 30 Mar 2024 18:22:07 +0000
ROA not before: Sat 30 Mar 2024 18:22:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13665 (0x3561)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 18:22:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5ECE2505D01BE8961FDC7AF07CE9D113C8522081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c2:0a:f6:bb:0e:bc:c4:60:5c:98:99:15:de:
bb:e4:8b:00:26:42:7f:77:29:90:4c:45:03:fc:d8:
ee:80:05:6b:13:ac:ab:c3:9c:77:a6:40:68:1a:52:
ac:7b:46:82:f2:d1:63:e5:65:a6:04:e9:ee:b0:9e:
21:cc:3c:3f:e2:c0:03:15:62:0a:47:33:10:b0:8e:
ac:db:55:08:99:09:78:7a:a2:a7:a7:04:ff:0e:b2:
d3:1f:0e:d8:43:90:c9:63:48:5f:01:de:2d:58:ca:
52:8b:cd:26:e4:ce:87:33:ba:91:26:ea:f7:63:ff:
20:ac:ca:ab:83:c8:fb:ab:32:d4:69:c0:24:d7:82:
ff:de:8a:0e:04:7a:2b:dc:18:6c:90:59:7c:03:ef:
88:89:fc:16:d3:d9:55:3e:9f:6d:a6:e7:02:25:cf:
3c:f5:93:26:7b:b4:42:3d:c8:c8:45:ef:a9:85:84:
c9:f0:d3:3f:18:ad:a8:d2:7a:e8:d0:54:d5:7b:b9:
6c:c8:d1:97:02:c1:d3:bc:74:31:ab:ab:41:e2:54:
d7:a7:95:cd:fe:49:68:c7:55:18:56:6c:51:d3:cc:
8e:14:49:28:98:47:81:95:cb:30:7a:cb:a1:e9:a4:
1b:83:09:f4:1c:1f:68:b2:0d:45:ee:6a:8b:ca:05:
1c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:CE:25:05:D0:1B:E8:96:1F:DC:7A:F0:7C:E9:D1:13:C8:52:20:81
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Xs4lBdAb6JYf3HrwfOnRE8hSIIE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5a:8f:e9:eb:01:72:19:3d:8b:cd:94:a5:96:82:94:64:e0:28:
ec:9c:11:74:63:28:f5:9d:f2:32:e9:d0:6b:f3:09:a4:8e:62:
5f:7b:5f:05:cb:36:98:c7:c9:f4:c7:2b:76:e3:85:75:6c:7d:
e9:59:91:d4:db:54:7f:62:8a:35:9a:f3:19:80:16:2e:d6:91:
9e:d0:b2:15:97:53:08:4b:1f:e7:1d:a7:c4:e3:6f:97:b6:70:
ac:f3:41:93:25:28:c4:37:53:1f:7c:89:83:86:65:5b:bd:37:
91:13:7b:30:3b:c5:4c:83:63:34:21:9c:e1:d6:b0:fd:6c:3f:
98:d9:4f:ce:2a:60:8e:bf:2b:1c:ec:91:cc:bb:44:bf:ed:31:
ca:c8:0e:9f:96:95:44:8d:c6:3c:58:e4:6d:fa:92:3c:c6:b8:
3d:d6:aa:50:1a:19:fd:75:cb:9c:1e:58:35:11:36:6c:ce:a3:
33:45:d7:34:15:ec:b3:06:12:e2:bb:90:c4:12:04:f8:56:8f:
8b:18:5f:97:9c:29:8b:9c:e4:b2:89:6e:8f:ee:02:bd:48:e2:
f1:aa:01:81:df:4e:e8:7e:34:10:c6:21:23:9c:94:87:c8:c9:
92:1b:c6:ff:83:53:b2:f4:eb:c8:2d:6c:bf:e6:77:ca:8e:15:
fb:c0:1a:9a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
ODIyMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVFQ0UyNTA1RDAxQkU4
OTYxRkRDN0FGMDdDRTlEMTEzQzg1MjIwODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCywgr2uw68xGBcmJkV3rvkiwAmQn93KZBMRQP82O6ABWsTrKvD
nHemQGgaUqx7RoLy0WPlZaYE6e6wniHMPD/iwAMVYgpHMxCwjqzbVQiZCXh6oqen
BP8OstMfDthDkMljSF8B3i1YylKLzSbkzoczupEm6vdj/yCsyquDyPurMtRpwCTX
gv/eig4EeivcGGyQWXwD74iJ/BbT2VU+n22m5wIlzzz1kyZ7tEI9yMhF76mFhMnw
0z8YrajSeujQVNV7uWzI0ZcCwdO8dDGrq0HiVNenlc3+SWjHVRhWbFHTzI4USSiY
R4GVyzB6y6HppBuDCfQcH2iyDUXuaovKBRwnAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUXs4lBdAb6JYf3HrwfOnRE8hSIIEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1hzNGxCZEFiNkpZZjNI
cndmT25SRThoU0lJRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFqP6esBchk9i82U
pZaClGTgKOycEXRjKPWd8jLp0GvzCaSOYl97XwXLNpjHyfTHK3bjhXVsfelZkdTb
VH9iijWa8xmAFi7WkZ7QshWXUwhLH+cdp8Tjb5e2cKzzQZMlKMQ3Ux98iYOGZVu9
N5ETezA7xUyDYzQhnOHWsP1sP5jZT84qYI6/Kxzskcy7RL/tMcrIDp+WlUSNxjxY
5G36kjzGuD3WqlAaGf11y5weWDURNmzOozNF1zQV7LMGEuK7kMQSBPhWj4sYX5ec
KYuc5LKJbo/uAr1I4vGqAYHfTuh+NBDGISOclIfIyZIbxv+DU7L068gtbL/md8qO
FfvAGpo=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:58:26 2025 by rpki-client