Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wMlXFULE4yGt-FMhc51pEE6pSxA.roa
File: wMlXFULE4yGt-FMhc51pEE6pSxA.roa (raw, json)
Hash identifier: hDLBIHJFDuh0vdjfFVOgoy3masN9MW2oFFg06qXYdJE=
Subject key identifier: C0:C9:57:15:42:C4:E3:21:AD:F8:53:21:73:9D:69:10:4E:A9:4B:10
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C19
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wMlXFULE4yGt-FMhc51pEE6pSxA.roa
Signing time: Mon 08 Apr 2024 17:22:36 +0000
ROA not before: Mon 08 Apr 2024 17:22:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15385 (0x3c19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 17:22:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C0C9571542C4E321ADF85321739D69104EA94B10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:18:40:3c:9c:2f:ed:7f:5b:ae:54:89:13:a9:
b3:bf:5d:d1:fa:49:dd:fc:06:cd:d3:da:6c:f6:18:
c5:b3:80:17:f2:4b:61:56:1e:d2:65:be:ca:41:ca:
14:dd:e7:47:13:ef:27:d2:db:42:c4:d9:af:62:50:
0c:e7:c1:8b:80:34:87:af:1e:06:a1:10:42:7a:f1:
c3:f1:a5:36:d6:b1:ef:e8:d6:52:2a:f1:70:b0:43:
22:e9:e1:34:91:e5:90:58:6d:b5:07:c8:95:aa:61:
f2:df:cb:74:d4:86:a4:2b:4d:04:87:eb:73:e7:7e:
ae:ce:e5:90:6b:f5:33:6e:9b:53:9c:5e:f4:77:d0:
d8:f2:55:ef:5e:b6:cd:53:c6:33:72:4e:68:7e:1b:
f5:72:ea:da:7f:b7:55:75:2a:26:f7:27:4b:81:86:
7c:b8:74:10:86:87:b5:16:54:4f:9c:ad:66:b0:14:
e1:55:54:bd:af:9b:18:f3:77:20:05:99:d5:27:cb:
a4:be:b0:46:ea:c5:fa:8e:22:95:66:e6:b9:24:51:
af:b0:07:e2:15:7c:cd:8e:d9:9e:e9:a7:ba:64:39:
79:a1:06:fb:56:95:b7:b1:d2:30:79:0f:c0:a5:e1:
99:d1:68:a2:2f:e7:fd:29:d7:04:ea:27:26:b6:d9:
c5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:C9:57:15:42:C4:E3:21:AD:F8:53:21:73:9D:69:10:4E:A9:4B:10
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wMlXFULE4yGt-FMhc51pEE6pSxA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a8:0a:4c:1f:52:69:46:98:96:aa:20:ff:fb:a2:2e:f5:e0:63:
e5:b5:cf:b7:25:0e:c6:4e:62:d1:d4:5c:e8:28:e1:c7:e0:2f:
f4:37:4b:99:3d:49:58:94:43:d3:ad:f9:66:30:b6:0f:1f:47:
ea:a4:b2:da:83:d3:75:33:49:a8:20:72:d7:50:b6:3b:10:ef:
f0:bc:d5:1f:4e:dc:f9:5d:b7:97:4b:e1:34:32:af:34:70:0e:
09:eb:20:a8:a2:d3:ab:e1:2f:4c:81:78:ab:f4:ef:14:b9:12:
69:ba:62:c3:ee:b2:c2:80:87:49:3b:09:da:63:db:b4:66:36:
5d:8a:22:e7:72:62:28:f8:67:d2:cc:7f:40:34:f5:4a:59:67:
8e:3f:52:87:af:ab:fb:5b:d5:6c:2f:1c:cd:24:45:57:ed:86:
5b:ac:dc:b5:0c:7b:60:87:b3:27:9e:40:91:e6:92:81:1d:c6:
51:1d:35:6a:7b:7f:31:25:ab:1e:1c:41:96:b9:f7:47:8b:9a:
08:97:19:6a:98:bc:9c:c6:35:3c:70:2b:cd:8b:15:eb:d0:e3:
86:68:ca:e1:39:7d:2a:6b:1b:95:ca:30:94:06:ba:50:52:ec:
99:a0:65:2e:bb:ce:e8:d5:92:a1:61:c2:c5:a5:f6:72:87:03:
31:69:8a:65
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPBkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgx
NzIyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMwQzk1NzE1NDJDNEUz
MjFBREY4NTMyMTczOUQ2OTEwNEVBOTRCMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRGEA8nC/tf1uuVIkTqbO/XdH6Sd38Bs3T2mz2GMWzgBfyS2FW
HtJlvspByhTd50cT7yfS20LE2a9iUAznwYuANIevHgahEEJ68cPxpTbWse/o1lIq
8XCwQyLp4TSR5ZBYbbUHyJWqYfLfy3TUhqQrTQSH63Pnfq7O5ZBr9TNum1OcXvR3
0NjyVe9ets1TxjNyTmh+G/Vy6tp/t1V1Kib3J0uBhny4dBCGh7UWVE+crWawFOFV
VL2vmxjzdyAFmdUny6S+sEbqxfqOIpVm5rkkUa+wB+IVfM2O2Z7pp7pkOXmhBvtW
lbex0jB5D8Cl4ZnRaKIv5/0p1wTqJya22cUhAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUwMlXFULE4yGt+FMhc51pEE6pSxAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3dNbFhGVUxFNHlHdC1G
TWhjNTFwRUU2cFN4QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKgKTB9SaUaYlqog
//uiLvXgY+W1z7clDsZOYtHUXOgo4cfgL/Q3S5k9SViUQ9Ot+WYwtg8fR+qkstqD
03UzSaggctdQtjsQ7/C81R9O3Pldt5dL4TQyrzRwDgnrIKii06vhL0yBeKv07xS5
Emm6YsPussKAh0k7Cdpj27RmNl2KIudyYij4Z9LMf0A09UpZZ44/Uoevq/tb1Wwv
HM0kRVfthlus3LUMe2CHsyeeQJHmkoEdxlEdNWp7fzElqx4cQZa590eLmgiXGWqY
vJzGNTxwK82LFevQ44ZoyuE5fSprG5XKMJQGulBS7JmgZS67zujVkqFhwsWl9nKH
AzFpimU=
-----END CERTIFICATE-----
Generated at Sat Jun 21 19:58:35 2025 by rpki-client