Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/1qrXJoUR1SBCYB4dX9XUx9NUeSY.roa
File: 1qrXJoUR1SBCYB4dX9XUx9NUeSY.roa (raw, json)
Hash identifier: ZJSdOPxBUWw9qrCsDSw5PUBd8V+YAIyGfn9/ETFM2LI=
Subject key identifier: D6:AA:D7:26:85:11:D5:20:42:60:1E:1D:5F:D5:D4:C7:D3:54:79:26
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44D9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1qrXJoUR1SBCYB4dX9XUx9NUeSY.roa
Signing time: Sat 20 Apr 2024 09:23:05 +0000
ROA not before: Sat 20 Apr 2024 09:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17625 (0x44d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 09:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D6AAD7268511D52042601E1D5FD5D4C7D3547926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:f3:98:6d:d6:32:62:8a:00:38:04:1d:4f:c2:
d5:ba:bb:4c:e2:68:21:c0:52:b0:68:e3:6b:13:58:
8c:5a:e0:cb:19:c7:27:42:1c:c1:5b:9c:45:49:22:
3f:17:74:98:95:75:ab:d9:b8:1d:86:94:d0:51:f3:
2f:14:57:da:99:76:3f:a7:59:f0:24:9e:c4:56:bf:
9b:f7:4e:b1:a7:02:cb:7d:6e:25:86:e9:fa:51:45:
24:43:51:48:ec:77:12:aa:5e:26:69:89:80:83:b3:
d4:23:ab:57:f1:a5:7f:6e:4c:d5:1f:b3:61:4d:54:
56:f1:a5:9a:86:7f:c8:33:20:f1:71:f2:38:28:c6:
e5:82:0a:a7:5e:7d:8d:a9:4b:be:27:90:57:ff:eb:
e1:c4:f6:ff:09:e0:7e:db:5f:eb:f2:ab:e2:d2:43:
4e:d0:79:4d:ef:7b:bc:c3:10:b0:be:0f:ac:5a:d2:
79:ac:43:27:84:bf:4c:a2:93:1f:e8:46:31:5e:2c:
ba:33:5c:3e:7b:ed:4c:f0:f9:84:b5:5f:29:25:1c:
bd:68:8f:6e:14:e2:4a:9a:10:44:29:84:bd:15:26:
db:ee:52:c4:5e:f1:b0:ff:9f:87:70:48:f1:95:19:
34:81:0c:dd:dc:8e:fb:e6:aa:be:4a:93:c7:4d:53:
ef:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:AA:D7:26:85:11:D5:20:42:60:1E:1D:5F:D5:D4:C7:D3:54:79:26
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1qrXJoUR1SBCYB4dX9XUx9NUeSY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
18:6e:b7:6f:87:a9:94:f2:8f:c4:8e:b9:2b:25:a8:11:06:87:
90:13:6a:0e:38:d3:ac:5b:1d:e0:2b:68:ce:dd:44:22:f2:27:
2c:c4:4a:4c:6e:73:70:cd:8c:cf:a1:4b:63:87:60:92:e5:82:
dd:1d:bd:d6:5d:03:36:36:54:b8:d3:27:d6:9b:e6:a2:12:32:
f7:7a:49:68:9d:94:41:92:11:17:11:34:55:c8:3d:cc:e8:fb:
4a:69:3b:68:12:a3:02:4e:6d:d4:76:5f:78:50:5c:6e:22:42:
ae:6b:c4:d2:1f:2b:65:dd:1c:e5:b6:c2:0d:c2:57:39:f8:8b:
e5:37:04:bb:f0:9f:f1:14:47:ef:6e:66:a0:ee:db:59:2c:72:
c3:34:cf:af:9d:f8:ae:2f:7b:08:46:24:4f:3f:ba:ba:f7:7e:
ed:2b:6b:af:7f:5e:52:6e:3f:86:fd:ba:31:3e:60:00:64:5a:
8a:06:eb:36:52:00:1e:69:eb:43:6a:6e:c4:a0:56:48:bf:ed:
b0:fb:bf:ff:4a:7f:cb:77:66:0f:a1:35:19:f1:cc:69:40:d2:
56:5c:e2:c0:28:48:78:a3:e4:00:f9:00:c5:9c:0c:94:26:18:
2b:2a:df:8e:68:5f:8d:2b:73:4f:8a:76:89:eb:de:b2:d5:11:
0c:77:70:05
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRNkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
OTIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ2QUFENzI2ODUxMUQ1
MjA0MjYwMUUxRDVGRDVENEM3RDM1NDc5MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD385ht1jJiigA4BB1PwtW6u0ziaCHAUrBo42sTWIxa4MsZxydC
HMFbnEVJIj8XdJiVdavZuB2GlNBR8y8UV9qZdj+nWfAknsRWv5v3TrGnAst9biWG
6fpRRSRDUUjsdxKqXiZpiYCDs9Qjq1fxpX9uTNUfs2FNVFbxpZqGf8gzIPFx8jgo
xuWCCqdefY2pS74nkFf/6+HE9v8J4H7bX+vyq+LSQ07QeU3ve7zDELC+D6xa0nms
QyeEv0yikx/oRjFeLLozXD577Uzw+YS1XyklHL1oj24U4kqaEEQphL0VJtvuUsRe
8bD/n4dwSPGVGTSBDN3cjvvmqr5Kk8dNU++fAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU1qrXJoUR1SBCYB4dX9XUx9NUeSYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzFxclhKb1VSMVNCQ1lC
NGRYOVhVeDlOVWVTWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABhut2+HqZTyj8SO
uSslqBEGh5ATag4406xbHeAraM7dRCLyJyzESkxuc3DNjM+hS2OHYJLlgt0dvdZd
AzY2VLjTJ9ab5qISMvd6SWidlEGSERcRNFXIPczo+0ppO2gSowJObdR2X3hQXG4i
Qq5rxNIfK2XdHOW2wg3CVzn4i+U3BLvwn/EUR+9uZqDu21kscsM0z6+d+K4vewhG
JE8/urr3fu0ra69/XlJuP4b9ujE+YABkWooG6zZSAB5p60NqbsSgVki/7bD7v/9K
f8t3Zg+hNRnxzGlA0lZc4sAoSHij5AD5AMWcDJQmGCsq345oX40rc0+Kdonr3rLV
EQx3cAU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:45:39 2025 by rpki-client