Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-fgDipe-tsvgamoU9fXsP1wlAYU.roa
File: -fgDipe-tsvgamoU9fXsP1wlAYU.roa (raw, json)
Hash identifier: s/QPpZ9JHonQ1xEiKffhqV42EHeK9K1jJd/if9z6Sa0=
Subject key identifier: F9:F8:03:8A:97:BE:B6:CB:E0:6A:6A:14:F5:F5:EC:3F:5C:25:01:85
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 348D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-fgDipe-tsvgamoU9fXsP1wlAYU.roa
Signing time: Fri 29 Mar 2024 15:52:05 +0000
ROA not before: Fri 29 Mar 2024 15:52:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13453 (0x348d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 15:52:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F9F8038A97BEB6CBE06A6A14F5F5EC3F5C250185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:0c:de:2d:ba:93:fc:21:2d:a8:ff:03:ba:8f:
fe:b3:d0:c6:fe:c9:84:e4:43:f0:1d:f8:d8:e7:c7:
d2:e1:d5:56:64:d9:fc:36:d6:35:03:c1:35:cd:26:
4d:67:9a:84:b9:c2:03:c9:16:82:e3:04:d0:db:b2:
e6:83:41:68:0c:33:c7:60:94:7a:8c:21:77:ad:59:
8d:23:0d:f9:b9:ab:d6:c9:23:66:e5:99:79:bd:78:
48:ec:17:64:a8:91:c5:9b:1e:0c:82:69:d5:18:44:
fe:50:1a:60:af:a2:a3:f2:dd:98:e6:b9:98:2e:71:
a5:cb:8b:a1:31:1f:2b:11:f8:9e:e2:cb:39:e1:60:
4b:4b:90:4a:06:d5:72:93:6f:fa:75:73:95:a9:3b:
ec:52:c8:b1:cf:4e:21:ca:9b:8a:4d:98:85:0d:ea:
de:cb:cb:fe:85:9f:47:06:76:90:d1:b6:7d:8a:ee:
4d:57:85:21:bf:66:75:c6:71:ca:72:a4:db:46:7b:
56:9f:3b:58:a6:c2:fb:f7:6e:25:22:bd:e8:56:fd:
82:6f:3e:52:9d:7a:a3:e7:33:83:27:7d:bb:17:90:
9c:b5:36:75:d3:74:fa:5d:a7:fc:fa:1a:62:c7:07:
42:f0:7d:f8:60:71:27:34:32:f6:e0:a9:50:83:77:
17:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F8:03:8A:97:BE:B6:CB:E0:6A:6A:14:F5:F5:EC:3F:5C:25:01:85
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-fgDipe-tsvgamoU9fXsP1wlAYU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6f:c4:bd:0c:12:5e:c7:56:2c:86:13:31:41:49:37:38:15:96:
4c:a8:0f:af:d6:75:9e:b7:46:e3:4a:b5:9f:a5:4b:09:eb:a9:
05:5c:6e:41:fc:db:cf:44:6b:a3:5d:5f:6e:89:37:82:e6:32:
73:8c:41:2a:76:21:01:c7:dc:3b:3f:3e:bc:c5:1f:80:d3:49:
3e:c8:41:5d:e4:77:d5:77:a6:0d:da:88:0f:54:2a:81:f3:56:
46:e5:81:8b:be:7f:d0:e9:2d:00:16:83:e8:1e:52:2a:07:a8:
ad:cf:6e:e9:7c:f7:f3:e6:c6:f1:82:fb:cd:06:0a:92:f7:a3:
c2:1b:68:97:46:d6:e6:de:55:19:d0:b5:d2:9b:53:df:15:61:
0c:fe:c1:37:d2:22:b8:3a:37:ab:4b:c7:af:73:94:98:b6:b4:
86:bc:69:a3:65:0c:75:f2:99:ad:cf:7f:d8:04:2a:48:33:42:
9d:61:21:42:9a:5a:0d:56:44:95:7c:8b:c0:3c:8c:86:17:cb:
d0:61:4d:87:3b:45:44:ff:d7:03:05:6b:66:51:4c:46:bd:4a:
f6:72:59:90:db:a7:c1:ea:2b:50:6b:b9:ad:9b:db:2f:b6:32:
af:a7:cd:51:b0:ca:9c:75:8e:7d:ad:ad:12:77:55:ba:18:80:
2e:d7:17:67
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNI0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkx
NTUyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY5RjgwMzhBOTdCRUI2
Q0JFMDZBNkExNEY1RjVFQzNGNUMyNTAxODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkDN4tupP8IS2o/wO6j/6z0Mb+yYTkQ/Ad+Njnx9Lh1VZk2fw2
1jUDwTXNJk1nmoS5wgPJFoLjBNDbsuaDQWgMM8dglHqMIXetWY0jDfm5q9bJI2bl
mXm9eEjsF2SokcWbHgyCadUYRP5QGmCvoqPy3ZjmuZgucaXLi6ExHysR+J7iyznh
YEtLkEoG1XKTb/p1c5WpO+xSyLHPTiHKm4pNmIUN6t7Ly/6Fn0cGdpDRtn2K7k1X
hSG/ZnXGccpypNtGe1afO1imwvv3biUivehW/YJvPlKdeqPnM4MnfbsXkJy1NnXT
dPpdp/z6GmLHB0LwffhgcSc0MvbgqVCDdxcLAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU+fgDipe+tsvgamoU9fXsP1wlAYUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly1mZ0RpcGUtdHN2Z2Ft
b1U5ZlhzUDF3bEFZVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAG/EvQwSXsdWLIYT
MUFJNzgVlkyoD6/WdZ63RuNKtZ+lSwnrqQVcbkH8289Ea6NdX26JN4LmMnOMQSp2
IQHH3Ds/PrzFH4DTST7IQV3kd9V3pg3aiA9UKoHzVkblgYu+f9DpLQAWg+geUioH
qK3Pbul89/PmxvGC+80GCpL3o8IbaJdG1ubeVRnQtdKbU98VYQz+wTfSIrg6N6tL
x69zlJi2tIa8aaNlDHXyma3Pf9gEKkgzQp1hIUKaWg1WRJV8i8A8jIYXy9BhTYc7
RUT/1wMFa2ZRTEa9SvZyWZDbp8HqK1Brua2b2y+2Mq+nzVGwypx1jn2trRJ3VboY
gC7XF2c=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:40 2025 by rpki-client