Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4DqWXR65R0KNOZP71SWMDqI4dIA.roa
File: 4DqWXR65R0KNOZP71SWMDqI4dIA.roa (raw, json)
Hash identifier: 0yHzlCvo117fsn5saPHb8Z3SsNcApDwyU7xC+Mwu/9g=
Subject key identifier: E0:3A:96:5D:1E:B9:47:42:8D:39:93:FB:D5:25:8C:0E:A2:38:74:80
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4141
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4DqWXR65R0KNOZP71SWMDqI4dIA.roa
Signing time: Mon 15 Apr 2024 14:22:55 +0000
ROA not before: Mon 15 Apr 2024 14:22:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16705 (0x4141)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 14:22:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E03A965D1EB947428D3993FBD5258C0EA2387480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:be:02:16:df:c0:a3:ed:aa:ed:53:27:8b:72:
fa:d6:9c:cc:57:55:38:c6:10:b7:12:8a:dd:97:a1:
72:55:5f:64:8f:a9:1a:c1:64:2e:ea:58:28:1e:8d:
21:55:f2:c5:a7:29:69:34:a4:bd:a0:90:0f:c1:fd:
0a:08:eb:a1:7c:10:1f:60:73:f3:6c:a6:71:a9:ab:
63:14:ec:97:98:6c:90:13:d0:55:04:e6:85:76:4d:
ca:79:62:f6:56:52:4d:54:99:9a:ff:f1:35:d4:2c:
83:2d:fc:a6:f9:89:3f:d9:0d:87:5f:da:75:a1:64:
8e:5d:03:ce:ef:1f:c0:4d:f6:e9:9b:3e:35:5d:f5:
cb:46:a2:2d:d5:0e:80:9e:97:1a:41:ae:6a:75:5b:
70:2f:c7:93:96:dc:df:77:ad:66:59:69:df:9a:f5:
59:b8:d4:fc:20:69:a5:1f:0e:ce:42:a2:78:5c:a8:
07:09:40:64:b5:7c:91:69:c1:ba:53:18:71:db:4a:
e9:75:ee:18:e3:b0:ab:cf:41:a1:ce:e5:d8:de:82:
56:ee:9e:72:0d:7d:3d:0b:4f:2e:d3:18:ef:6c:9d:
9e:02:3d:0b:1d:18:a3:c8:ff:9d:bd:2f:8e:1d:c5:
fb:00:56:5f:d0:86:c6:4e:a3:bb:0d:11:e8:25:a8:
b7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:3A:96:5D:1E:B9:47:42:8D:39:93:FB:D5:25:8C:0E:A2:38:74:80
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4DqWXR65R0KNOZP71SWMDqI4dIA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b3:03:75:24:fa:b8:c0:05:59:c3:a7:17:be:79:e4:fd:69:ab:
da:77:21:e4:1e:18:5d:96:e0:4b:3b:63:99:62:de:9f:04:c3:
58:5d:c3:b1:c7:cf:a7:e9:82:60:4f:36:e3:b6:ea:b0:14:fa:
57:ff:db:3a:b9:11:65:71:16:de:8b:f3:94:47:66:1a:65:b4:
8b:a2:13:08:3a:37:97:a8:69:09:d1:48:ec:3f:b0:57:4f:b2:
98:5a:e3:4d:fe:79:26:57:bc:59:6a:8d:98:5a:20:4b:6c:95:
3a:18:63:ff:e4:88:21:a1:2f:d1:36:fa:fa:05:a8:93:71:d0:
f6:86:f8:af:a4:e6:d8:eb:bc:bf:9c:04:15:e6:3e:b6:cd:58:
a9:9c:2a:b2:28:ef:d2:60:95:81:4b:8c:7e:61:b9:ba:b5:0f:
93:62:7a:94:01:64:63:78:3e:d0:cd:fc:11:6a:34:93:f6:06:
bd:e6:94:03:cf:7e:ed:64:9f:61:1e:52:45:a4:50:15:0c:b5:
ea:07:9b:44:94:af:40:1c:9a:0f:9f:f9:56:5c:cb:fb:78:04:
79:1d:47:d7:8b:ff:30:5d:3c:7c:17:e1:d0:0e:4f:0e:6c:04:
a0:e7:e0:2f:6d:3f:af:79:9e:fa:4d:fe:11:5b:df:15:08:29:
f7:6a:6c:a6
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQUEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUx
NDIyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUwM0E5NjVEMUVCOTQ3
NDI4RDM5OTNGQkQ1MjU4QzBFQTIzODc0ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSvgIW38Cj7artUyeLcvrWnMxXVTjGELcSit2XoXJVX2SPqRrB
ZC7qWCgejSFV8sWnKWk0pL2gkA/B/QoI66F8EB9gc/NspnGpq2MU7JeYbJAT0FUE
5oV2Tcp5YvZWUk1UmZr/8TXULIMt/Kb5iT/ZDYdf2nWhZI5dA87vH8BN9umbPjVd
9ctGoi3VDoCelxpBrmp1W3Avx5OW3N93rWZZad+a9Vm41PwgaaUfDs5ConhcqAcJ
QGS1fJFpwbpTGHHbSul17hjjsKvPQaHO5djeglbunnINfT0LTy7TGO9snZ4CPQsd
GKPI/529L44dxfsAVl/QhsZOo7sNEeglqLcTAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU4DqWXR65R0KNOZP71SWMDqI4dIAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzREcVdYUjY1UjBLTk9a
UDcxU1dNRHFJNGRJQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALMDdST6uMAFWcOn
F7555P1pq9p3IeQeGF2W4Es7Y5li3p8Ew1hdw7HHz6fpgmBPNuO26rAU+lf/2zq5
EWVxFt6L85RHZhpltIuiEwg6N5eoaQnRSOw/sFdPspha403+eSZXvFlqjZhaIEts
lToYY//kiCGhL9E2+voFqJNx0PaG+K+k5tjrvL+cBBXmPrbNWKmcKrIo79JglYFL
jH5hubq1D5NiepQBZGN4PtDN/BFqNJP2Br3mlAPPfu1kn2EeUkWkUBUMteoHm0SU
r0Acmg+f+VZcy/t4BHkdR9eL/zBdPHwX4dAOTw5sBKDn4C9tP695nvpN/hFb3xUI
KfdqbKY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:53:42 2025 by rpki-client