Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xvi8NbbaC6WAmAM4uSvS3RzIe20.roa
File: xvi8NbbaC6WAmAM4uSvS3RzIe20.roa (raw, json)
Hash identifier: 5sRlsxEP2eICy3GRjZcrukkDsUxt1rEbu0aUpWkkqGQ=
Subject key identifier: C6:F8:BC:35:B6:DA:0B:A5:80:98:03:38:B9:2B:D2:DD:1C:C8:7B:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3585
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xvi8NbbaC6WAmAM4uSvS3RzIe20.roa
Signing time: Sat 30 Mar 2024 22:52:15 +0000
ROA not before: Sat 30 Mar 2024 22:52:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13701 (0x3585)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 22:52:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C6F8BC35B6DA0BA580980338B92BD2DD1CC87B6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7e:bb:3b:28:4c:81:93:df:65:5e:04:4e:02:
c9:3a:37:8a:97:ae:25:9d:e8:c9:e3:22:b5:d5:27:
ca:3e:eb:da:d0:c2:a3:c5:75:67:4e:b0:d1:e9:84:
4b:b9:d4:c8:9a:81:0e:b6:8f:a8:01:9f:26:e6:91:
25:71:9b:1e:5e:c7:75:1b:6a:fd:0d:93:79:96:f1:
b7:86:56:63:9b:4d:a3:d8:ae:39:8e:87:44:5e:c1:
73:ad:4f:e4:0e:7b:57:f3:00:8a:07:85:41:66:09:
88:d3:8e:d4:42:52:7d:c3:86:4b:ce:fd:ad:6d:82:
2e:f5:34:5b:f2:a9:0b:c3:21:b0:7c:9d:35:bc:01:
a9:6c:72:63:84:c2:7c:14:67:3e:c7:c1:bc:6b:bd:
b6:7b:4c:dd:0a:f4:b4:22:b2:74:7d:58:3f:e6:60:
97:61:54:5f:b4:02:c8:a7:6a:d4:ff:ee:83:a2:8c:
9f:f4:7f:f3:fb:b4:15:a5:71:75:06:f3:eb:48:62:
0c:8b:53:57:c6:81:f2:dd:41:d5:7e:2e:23:b5:39:
af:49:b4:47:5c:0f:84:a2:69:93:52:8d:ba:d2:20:
5b:81:bb:d8:63:f7:9e:04:53:31:14:d9:dc:3d:7b:
a4:ca:81:03:26:68:c2:b9:b9:5c:31:ca:4c:c8:af:
7c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F8:BC:35:B6:DA:0B:A5:80:98:03:38:B9:2B:D2:DD:1C:C8:7B:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xvi8NbbaC6WAmAM4uSvS3RzIe20.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
96:f5:7b:21:d3:41:17:47:ad:ba:39:c2:f4:ce:44:b4:52:c5:
47:9d:db:9f:28:ba:cd:09:17:86:72:26:69:2b:0e:44:f4:d7:
c8:7c:8d:86:82:4f:2d:68:ba:a1:27:a0:75:76:d1:f4:ad:7b:
cc:43:bf:bd:10:3f:ac:cb:78:ff:b9:4b:0c:08:61:eb:6c:e6:
b0:7a:09:e8:45:be:05:eb:31:76:d8:49:07:f5:e4:8e:ae:73:
63:3a:72:7b:b3:1a:72:bc:f2:1a:f9:38:17:f0:5e:d7:33:cc:
24:b7:58:7c:b0:f9:fc:7a:22:01:e6:f1:e4:d1:95:60:b3:bb:
80:df:3f:c5:bd:fe:e8:85:3c:21:d6:62:71:89:ae:13:66:5a:
75:2f:8e:e5:56:bf:57:a8:cb:09:1e:73:7b:49:47:7d:56:45:
36:a1:79:92:53:bc:de:27:80:d1:8f:11:72:53:63:89:63:08:
31:ba:98:e6:fd:57:f8:b8:00:ca:a1:7d:c8:4b:43:0a:1b:90:
eb:86:7a:ee:14:4f:b1:20:22:8c:21:5c:95:16:04:c4:32:11:
7d:be:39:ba:16:8b:e9:23:b2:a9:a5:47:e2:fc:77:82:f2:c5:
a5:88:39:80:dc:2f:3b:9b:bc:85:86:13:69:81:0c:43:05:b3:
06:7f:24:2d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNYUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAy
MjUyMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM2RjhCQzM1QjZEQTBC
QTU4MDk4MDMzOEI5MkJEMkREMUNDODdCNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOfrs7KEyBk99lXgROAsk6N4qXriWd6MnjIrXVJ8o+69rQwqPF
dWdOsNHphEu51MiagQ62j6gBnybmkSVxmx5ex3Ubav0Nk3mW8beGVmObTaPYrjmO
h0RewXOtT+QOe1fzAIoHhUFmCYjTjtRCUn3DhkvO/a1tgi71NFvyqQvDIbB8nTW8
AalscmOEwnwUZz7HwbxrvbZ7TN0K9LQisnR9WD/mYJdhVF+0AsinatT/7oOijJ/0
f/P7tBWlcXUG8+tIYgyLU1fGgfLdQdV+LiO1Oa9JtEdcD4SiaZNSjbrSIFuBu9hj
954EUzEU2dw9e6TKgQMmaMK5uVwxykzIr3wPAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUxvi8NbbaC6WAmAM4uSvS3RzIe20wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3h2aThOYmJhQzZXQW1B
TTR1U3ZTM1J6SWUyMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJb1eyHTQRdHrbo5
wvTORLRSxUed258ous0JF4ZyJmkrDkT018h8jYaCTy1ouqEnoHV20fSte8xDv70Q
P6zLeP+5SwwIYets5rB6CehFvgXrMXbYSQf15I6uc2M6cnuzGnK88hr5OBfwXtcz
zCS3WHyw+fx6IgHm8eTRlWCzu4DfP8W9/uiFPCHWYnGJrhNmWnUvjuVWv1eoywke
c3tJR31WRTaheZJTvN4ngNGPEXJTY4ljCDG6mOb9V/i4AMqhfchLQwobkOuGeu4U
T7EgIowhXJUWBMQyEX2+OboWi+kjsqmlR+L8d4LyxaWIOYDcLzubvIWGE2mBDEMF
swZ/JC0=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:05:52 2025 by rpki-client