Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-t_nCTN0R-jcWucplhej1-ld7HI.roa
File: -t_nCTN0R-jcWucplhej1-ld7HI.roa (raw, json)
Hash identifier: wsBil8H+caDp6aWF2Y3+Ds+6bJ4EZDNzM6VNLWls1Gg=
Subject key identifier: FA:DF:E7:09:33:74:47:E8:DC:5A:E7:29:96:17:A3:D7:E9:5D:EC:72
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5045
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-t_nCTN0R-jcWucplhej1-ld7HI.roa
Signing time: Sun 05 May 2024 14:54:05 +0000
ROA not before: Sun 05 May 2024 14:54:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20549 (0x5045)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 14:54:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FADFE709337447E8DC5AE7299617A3D7E95DEC72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:60:38:11:d6:8f:e4:93:cf:51:0f:89:94:e9:
20:c2:9c:e0:6a:99:7f:2c:a0:40:b7:41:0a:e2:2d:
db:7f:16:d1:a7:e4:1d:6b:69:af:60:61:f7:4b:f8:
e8:8b:3a:5f:89:fe:81:51:90:1a:f8:3f:20:c5:fb:
fa:a0:02:32:25:d1:7f:ce:fb:0b:97:cf:6b:ab:aa:
8a:66:5e:c5:3b:71:39:4f:68:ff:65:2f:0f:ff:56:
68:7a:75:4a:c6:6c:1c:e4:d3:39:97:75:40:e5:c2:
1a:d1:e3:f2:ec:66:90:e2:d2:25:82:53:80:98:c3:
f6:17:6c:0c:e6:9d:92:46:ef:9f:45:69:c0:6e:04:
fb:91:07:88:2a:8c:ec:e0:83:ae:47:f6:dc:f2:38:
42:6a:4f:cb:ca:75:1b:39:c9:d6:e2:b3:e2:4e:e8:
05:58:2c:23:20:12:42:b4:ec:04:00:d1:e7:32:e8:
e5:6c:56:d2:af:4b:8d:36:ff:3b:c5:08:cb:a8:84:
ac:48:75:53:87:cb:e5:15:4a:76:0f:e8:b0:75:61:
f1:a0:d5:1c:24:1f:d7:d4:36:bc:ff:be:26:a5:56:
29:4d:db:8a:b5:71:82:27:20:9f:db:cb:54:1d:26:
1d:63:f1:fe:08:20:b9:db:ba:55:cd:51:2c:5d:7b:
ed:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DF:E7:09:33:74:47:E8:DC:5A:E7:29:96:17:A3:D7:E9:5D:EC:72
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-t_nCTN0R-jcWucplhej1-ld7HI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
74:b2:3a:81:d0:9f:c4:eb:83:ed:69:cf:5c:12:d8:19:61:fa:
26:58:91:cf:66:c0:53:8d:43:36:be:9f:7a:ec:bc:eb:98:64:
c3:61:c8:8c:b5:1c:7d:5c:8f:e5:37:1a:94:93:c8:59:38:ba:
df:80:3f:1b:c8:79:60:93:9d:1f:b5:d2:eb:f2:56:16:41:d7:
23:26:e9:fc:bd:b9:70:64:64:c1:1f:ab:74:57:85:d6:18:b0:
ef:d6:3f:86:9f:c4:38:60:e2:ff:6f:87:49:2b:e9:47:5d:ee:
bc:7f:f3:68:06:c5:00:5e:bb:7c:d4:19:45:60:72:02:db:5b:
b0:5e:9b:3c:d6:40:61:2f:ca:85:75:db:bc:80:56:9e:83:f3:
d4:2b:dc:02:4e:93:1f:3d:0d:60:ea:e5:75:3b:0e:e5:8d:f4:
80:ab:9e:97:d5:18:81:c9:95:2b:86:88:b7:f0:cc:7f:37:c8:
cf:4d:d0:91:2a:2a:7a:ef:be:05:c9:8a:15:32:c3:84:5b:1f:
a3:10:40:90:ab:60:b3:67:80:5a:19:14:53:b7:e5:e5:f8:03:
6b:3b:02:05:7d:ee:8c:3f:73:e8:a9:59:3c:95:b9:76:2e:6d:
79:f5:ba:04:99:a4:bf:e0:38:70:4f:fc:e9:92:3e:06:e0:86:
cf:54:31:14
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUEUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUx
NDU0MDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZBREZFNzA5MzM3NDQ3
RThEQzVBRTcyOTk2MTdBM0Q3RTk1REVDNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzYDgR1o/kk89RD4mU6SDCnOBqmX8soEC3QQriLdt/FtGn5B1r
aa9gYfdL+OiLOl+J/oFRkBr4PyDF+/qgAjIl0X/O+wuXz2urqopmXsU7cTlPaP9l
Lw//Vmh6dUrGbBzk0zmXdUDlwhrR4/LsZpDi0iWCU4CYw/YXbAzmnZJG759FacBu
BPuRB4gqjOzgg65H9tzyOEJqT8vKdRs5ydbis+JO6AVYLCMgEkK07AQA0ecy6OVs
VtKvS402/zvFCMuohKxIdVOHy+UVSnYP6LB1YfGg1RwkH9fUNrz/vialVilN24q1
cYInIJ/by1QdJh1j8f4IILnbulXNUSxde+35AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU+t/nCTN0R+jcWucplhej1+ld7HIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly10X25DVE4wUi1qY1d1
Y3BsaGVqMS1sZDdISS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHSyOoHQn8Trg+1p
z1wS2Blh+iZYkc9mwFONQza+n3rsvOuYZMNhyIy1HH1cj+U3GpSTyFk4ut+APxvI
eWCTnR+10uvyVhZB1yMm6fy9uXBkZMEfq3RXhdYYsO/WP4afxDhg4v9vh0kr6Udd
7rx/82gGxQBeu3zUGUVgcgLbW7BemzzWQGEvyoV127yAVp6D89Qr3AJOkx89DWDq
5XU7DuWN9ICrnpfVGIHJlSuGiLfwzH83yM9N0JEqKnrvvgXJihUyw4RbH6MQQJCr
YLNngFoZFFO35eX4A2s7AgV97ow/c+ipWTyVuXYubXn1ugSZpL/gOHBP/OmSPgbg
hs9UMRQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:35 2025 by rpki-client