Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0bgV9dhUBro5KQZNA1UYMvXSt30.roa
File: 0bgV9dhUBro5KQZNA1UYMvXSt30.roa (raw, json)
Hash identifier: 5LMqZ6+ngzGoZ1nA2zp7asykDDco3o8Ok49uqiPnOOA=
Subject key identifier: D1:B8:15:F5:D8:54:06:BA:39:29:06:4D:03:55:18:32:F5:D2:B7:7D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F45
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0bgV9dhUBro5KQZNA1UYMvXSt30.roa
Signing time: Fri 12 Apr 2024 22:52:51 +0000
ROA not before: Fri 12 Apr 2024 22:52:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16197 (0x3f45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 22:52:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D1B815F5D85406BA3929064D03551832F5D2B77D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:82:81:9e:49:8e:c9:29:35:4c:bf:f0:36:a0:
13:a4:c4:37:d3:86:c9:ee:da:0e:ec:01:4c:b4:78:
09:17:6e:03:56:f8:ff:47:cb:23:5d:eb:9c:c8:cc:
4c:43:f8:eb:8a:9c:f2:aa:65:1c:0d:fb:56:cf:79:
28:f8:89:00:e4:35:dc:b9:6c:9c:65:f1:6d:7a:3a:
35:51:aa:dd:a4:03:0b:e5:f4:80:be:f2:13:3b:f7:
24:9c:bc:d2:cd:e9:60:28:42:36:af:c6:80:19:0d:
da:ff:20:fe:d5:9b:ae:d1:59:51:ca:2d:46:a6:e0:
58:ed:9c:ad:d7:83:9b:88:8d:53:10:c8:eb:a2:58:
7d:09:14:10:72:4d:b1:eb:a1:37:53:3f:d9:95:97:
18:49:72:6a:5d:b9:c0:f5:de:b6:d6:ae:a9:4e:77:
51:86:70:db:da:87:c4:c0:1c:59:5a:f5:15:2a:7b:
35:00:c0:12:d3:17:aa:bf:a3:5c:79:e6:0c:d5:94:
45:aa:96:cf:65:bd:2a:4c:36:f5:07:8e:28:19:3d:
4a:fc:aa:97:db:0e:53:d4:2d:2c:9d:05:a8:85:17:
b7:0d:1b:df:95:33:ca:01:33:3e:e3:12:17:2c:b1:
00:46:ac:99:3e:8c:eb:85:87:c3:74:71:d7:3f:1c:
d0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B8:15:F5:D8:54:06:BA:39:29:06:4D:03:55:18:32:F5:D2:B7:7D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0bgV9dhUBro5KQZNA1UYMvXSt30.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
84:b5:d5:39:1b:a0:8f:3c:94:b2:18:ca:d4:4c:d7:d6:a6:05:
ca:de:96:ff:84:f2:ab:0e:db:b8:5a:3a:c3:e5:0e:6d:39:cb:
22:32:16:85:47:3d:63:03:0d:b1:d4:da:39:01:f9:c0:8a:ef:
16:d2:bb:af:d0:2e:0a:21:14:96:d5:c6:bb:aa:d5:b8:ee:7f:
43:6b:4c:fb:e9:ad:63:90:8b:13:fb:6f:09:dd:d6:a0:bf:5c:
db:c0:ad:d3:d1:65:a2:b8:ed:d5:87:eb:f5:65:fb:e9:6b:70:
fc:39:58:04:84:42:82:4d:90:74:45:87:bf:99:13:2b:29:8d:
96:8e:6b:3b:c1:d1:18:4b:c2:05:df:bc:08:e2:d4:d9:88:cf:
12:41:83:bd:82:1f:4c:d6:1d:9f:68:cc:5e:78:74:cb:31:ca:
fe:b0:27:2f:6d:48:0b:2a:40:ff:8e:c3:bb:92:cd:96:7c:d1:
70:24:a4:ec:f1:b2:20:78:ee:f4:c5:97:5f:d6:3d:fe:75:f2:
42:ae:a9:2d:57:c0:63:c6:4b:7f:54:c3:12:1c:23:24:25:9e:
81:c8:4c:40:5f:96:93:6e:ae:b3:42:8d:ae:22:11:b0:10:e9:
6e:a8:ec:93:7a:5d:62:8d:68:81:a9:62:9c:9b:9d:c4:38:e8:
71:03:cf:3d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICP0UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIy
MjUyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQxQjgxNUY1RDg1NDA2
QkEzOTI5MDY0RDAzNTUxODMyRjVEMkI3N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNgoGeSY7JKTVMv/A2oBOkxDfThsnu2g7sAUy0eAkXbgNW+P9H
yyNd65zIzExD+OuKnPKqZRwN+1bPeSj4iQDkNdy5bJxl8W16OjVRqt2kAwvl9IC+
8hM79yScvNLN6WAoQjavxoAZDdr/IP7Vm67RWVHKLUam4FjtnK3Xg5uIjVMQyOui
WH0JFBByTbHroTdTP9mVlxhJcmpducD13rbWrqlOd1GGcNvah8TAHFla9RUqezUA
wBLTF6q/o1x55gzVlEWqls9lvSpMNvUHjigZPUr8qpfbDlPULSydBaiFF7cNG9+V
M8oBMz7jEhcssQBGrJk+jOuFh8N0cdc/HNCPAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU0bgV9dhUBro5KQZNA1UYMvXSt30wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBiZ1Y5ZGhVQnJvNUtR
Wk5BMVVZTXZYU3QzMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIS11TkboI88lLIY
ytRM19amBcrelv+E8qsO27haOsPlDm05yyIyFoVHPWMDDbHU2jkB+cCK7xbSu6/Q
LgohFJbVxruq1bjuf0NrTPvprWOQixP7bwnd1qC/XNvArdPRZaK47dWH6/Vl++lr
cPw5WASEQoJNkHRFh7+ZEyspjZaOazvB0RhLwgXfvAji1NmIzxJBg72CH0zWHZ9o
zF54dMsxyv6wJy9tSAsqQP+Ow7uSzZZ80XAkpOzxsiB47vTFl1/WPf518kKuqS1X
wGPGS39UwxIcIyQlnoHITEBflpNurrNCja4iEbAQ6W6o7JN6XWKNaIGpYpybncQ4
6HEDzz0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:57 2025 by rpki-client