Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rkVXCoIFYYu0e4dQ98hZHJ6D30E.roa
File: rkVXCoIFYYu0e4dQ98hZHJ6D30E.roa (raw, json)
Hash identifier: RmVjZFn2255uxOY9O+s4apPYa0pfvXtX+7i9TDqQeW0=
Subject key identifier: AE:45:57:0A:82:05:61:8B:B4:7B:87:50:F7:C8:59:1C:9E:83:DF:41
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D79
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rkVXCoIFYYu0e4dQ98hZHJ6D30E.roa
Signing time: Wed 01 May 2024 21:23:39 +0000
ROA not before: Wed 01 May 2024 21:23:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19833 (0x4d79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 21:23:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AE45570A8205618BB47B8750F7C8591C9E83DF41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ff:b9:0f:de:3d:6c:b2:fa:87:41:e2:14:54:
f7:9b:b5:8c:5a:79:0d:04:0d:14:48:d2:41:06:9c:
82:a5:13:45:b0:6e:92:71:f2:e0:c0:a0:07:8c:13:
88:69:b4:59:21:02:9b:5b:d6:ce:37:4f:d1:4e:6e:
05:65:84:0d:ee:bb:a8:27:ee:af:ef:ae:0e:b5:68:
62:9a:3d:6d:59:8c:36:80:8c:a2:96:5b:0a:16:af:
a6:33:98:64:44:d7:96:ab:5e:39:d0:93:dc:f6:3e:
d5:7b:ab:2d:75:7a:e7:97:55:d6:32:6d:15:76:92:
5e:0f:ba:b4:4a:5f:75:ab:e0:96:1b:e5:69:04:54:
7e:f3:06:22:4a:70:95:11:44:b5:9b:b8:61:38:50:
9e:9b:a4:d5:2a:70:7f:2f:19:5c:c5:bb:64:44:7c:
0f:03:46:08:fc:2d:52:14:b6:54:b4:67:50:2f:ef:
31:86:49:34:a1:37:40:4e:83:f2:3f:e5:be:21:19:
b2:72:af:93:40:ec:63:52:fb:29:ec:93:51:0e:ed:
0a:cf:ef:6a:e0:6f:2d:51:a1:52:10:6a:26:3b:01:
5f:ef:25:32:e8:c2:b1:bb:66:f9:99:f7:e1:91:01:
14:67:e5:34:2c:4f:71:ea:f8:74:0e:f9:4d:c5:5d:
e2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:45:57:0A:82:05:61:8B:B4:7B:87:50:F7:C8:59:1C:9E:83:DF:41
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rkVXCoIFYYu0e4dQ98hZHJ6D30E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
39:ef:ad:81:0e:2a:e1:74:40:3d:86:56:2f:b2:c5:47:94:61:
78:5e:dc:fc:5e:da:d7:50:57:88:2c:10:48:77:6b:0c:b1:cb:
62:ae:16:3e:c4:2d:5f:d7:0b:59:c4:65:f0:71:51:3c:4b:8e:
75:64:a9:f2:9d:f1:96:ff:c7:6c:8f:51:e7:71:45:1d:6a:49:
4b:e1:3c:19:cd:f7:1f:0f:bf:71:a4:b4:1a:eb:d9:78:89:b1:
12:24:81:cf:0e:aa:ce:6e:21:53:ce:c5:d8:fc:6d:6c:a0:e5:
3e:5d:75:b3:37:ea:eb:9e:05:b8:6d:00:6c:f8:ef:56:ef:35:
09:a5:b5:3e:bb:b7:a9:fa:c6:b4:81:66:e9:92:c8:99:8a:e0:
15:25:6c:9b:f9:87:fd:9c:51:ea:3c:0a:8a:79:a2:cb:b9:cf:
31:b5:16:ff:f4:e4:96:b9:17:16:09:c5:8b:5d:b3:18:50:7d:
66:b6:8b:61:0b:2e:32:05:fb:8b:8c:d0:3e:1d:60:04:7e:42:
11:89:9f:22:ad:fa:ef:fd:fa:d1:5e:c9:83:36:d4:7d:46:d1:
dc:c7:18:30:81:71:2f:aa:81:95:5f:e0:8d:27:d5:2c:5a:f7:
7e:47:60:57:41:ec:00:87:9c:79:c2:93:07:8a:0c:8d:93:70:
69:e6:3f:c7
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTXkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEy
MTIzMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFFNDU1NzBBODIwNTYx
OEJCNDdCODc1MEY3Qzg1OTFDOUU4M0RGNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0/7kP3j1ssvqHQeIUVPebtYxaeQ0EDRRI0kEGnIKlE0WwbpJx
8uDAoAeME4hptFkhAptb1s43T9FObgVlhA3uu6gn7q/vrg61aGKaPW1ZjDaAjKKW
WwoWr6YzmGRE15arXjnQk9z2PtV7qy11eueXVdYybRV2kl4PurRKX3Wr4JYb5WkE
VH7zBiJKcJURRLWbuGE4UJ6bpNUqcH8vGVzFu2REfA8DRgj8LVIUtlS0Z1Av7zGG
STShN0BOg/I/5b4hGbJyr5NA7GNS+ynsk1EO7QrP72rgby1RoVIQaiY7AV/vJTLo
wrG7ZvmZ9+GRARRn5TQsT3Hq+HQO+U3FXeIVAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUrkVXCoIFYYu0e4dQ98hZHJ6D30EwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JrVlhDb0lGWVl1MGU0
ZFE5OGhaSEo2RDMwRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADnvrYEOKuF0QD2G
Vi+yxUeUYXhe3Pxe2tdQV4gsEEh3awyxy2KuFj7ELV/XC1nEZfBxUTxLjnVkqfKd
8Zb/x2yPUedxRR1qSUvhPBnN9x8Pv3GktBrr2XiJsRIkgc8Oqs5uIVPOxdj8bWyg
5T5ddbM36uueBbhtAGz471bvNQmltT67t6n6xrSBZumSyJmK4BUlbJv5h/2cUeo8
Cop5osu5zzG1Fv/05Ja5FxYJxYtdsxhQfWa2i2ELLjIF+4uM0D4dYAR+QhGJnyKt
+u/9+tFeyYM21H1G0dzHGDCBcS+qgZVf4I0n1Sxa935HYFdB7ACHnHnCkweKDI2T
cGnmP8c=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:19:55 2025 by rpki-client