Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4H7rWy4Gg0F6DNZgnsivomYoWDs.roa
File: 4H7rWy4Gg0F6DNZgnsivomYoWDs.roa (raw, json)
Hash identifier: rkVli1V1A6M3OsNnmEVAF3GAcGyUEFQdB44T0kIbpjM=
Subject key identifier: E0:7E:EB:5B:2E:06:83:41:7A:0C:D6:60:9E:C8:AF:A2:66:28:58:3B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3BE9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4H7rWy4Gg0F6DNZgnsivomYoWDs.roa
Signing time: Mon 08 Apr 2024 11:22:33 +0000
ROA not before: Mon 08 Apr 2024 11:22:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15337 (0x3be9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 11:22:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E07EEB5B2E0683417A0CD6609EC8AFA26628583B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3d:e5:a1:75:e5:9e:11:bd:ea:e6:43:a3:70:
aa:6b:88:62:f7:21:cd:e5:94:d6:b1:2a:36:28:c1:
d9:95:51:e3:2a:28:1f:52:ca:39:ff:da:81:9a:bb:
32:6f:09:f2:f8:48:4a:47:e5:5d:a1:68:ea:88:eb:
56:6a:ce:83:f1:cc:e5:02:53:65:a3:10:ca:45:b4:
49:6a:62:f9:38:06:1b:17:87:9f:08:60:12:56:b7:
19:0c:04:42:90:0c:4e:e6:47:e0:2d:43:f8:9b:43:
83:42:2f:6e:7c:c7:75:f0:aa:58:31:31:9d:d5:41:
ac:d9:e1:9b:2b:1e:ac:74:47:0b:64:a7:e8:7f:75:
84:64:16:c3:4b:67:fc:d0:fa:67:eb:80:b0:31:ce:
b2:c8:7a:39:34:45:5c:d1:9c:b0:fc:8a:14:1a:be:
bc:1d:91:b3:e8:84:22:1c:36:9c:3b:73:a9:21:ff:
1f:2b:7c:0d:8a:fc:af:fb:2b:b9:7e:9f:1c:f0:e0:
5e:7c:72:3e:05:60:eb:fa:29:be:4b:db:94:ed:67:
97:df:9e:4e:78:5e:75:9e:73:d0:e1:a0:68:2b:00:
e3:20:3f:06:f7:98:e0:e8:6f:ed:eb:93:9a:44:9c:
2b:d9:d7:0f:eb:eb:d5:d7:6b:45:aa:3a:f2:6b:8e:
4a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7E:EB:5B:2E:06:83:41:7A:0C:D6:60:9E:C8:AF:A2:66:28:58:3B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4H7rWy4Gg0F6DNZgnsivomYoWDs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
52:5e:67:2f:db:a1:da:3b:48:c5:65:ea:c5:08:bb:3e:bf:a7:
92:5b:f3:66:09:4e:d7:7f:17:78:36:66:2b:36:4b:49:e1:d8:
ae:8e:19:c5:b8:bb:cc:68:b9:20:da:b1:27:62:ef:b6:75:67:
7a:0e:9d:4e:1a:b0:b4:57:c5:9c:73:07:09:b7:d9:3e:a6:52:
9c:40:b9:2b:d0:29:87:81:19:44:74:2b:0d:2e:db:29:cb:2b:
ad:31:12:03:46:fd:0c:02:ac:a0:08:4c:32:97:1d:d4:a3:21:
b0:32:81:fa:cc:9b:51:17:16:68:50:5e:97:92:aa:5f:83:a8:
75:80:b8:88:fa:00:60:c6:db:e2:ad:8b:20:f8:6f:88:99:96:
0a:62:b3:86:a5:9f:84:00:e1:42:57:29:d7:d3:75:bf:df:41:
73:17:c6:19:e2:f5:ad:19:fd:20:a9:cd:5c:fe:9d:ab:a5:52:
6f:5f:75:c4:f6:2f:2f:7b:f7:21:eb:40:2d:f6:f8:19:4f:30:
88:b7:bc:ca:e8:8b:9f:43:55:9e:21:81:4b:fa:25:48:7b:1e:
87:f8:d2:3d:31:b3:de:5e:32:74:30:4d:e6:cf:4a:6c:01:16:
08:ca:b5:38:66:3d:84:b3:19:db:d9:71:2b:28:25:cb:50:e4:
0a:65:e9:b5
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICO+kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgx
MTIyMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUwN0VFQjVCMkUwNjgz
NDE3QTBDRDY2MDlFQzhBRkEyNjYyODU4M0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8PeWhdeWeEb3q5kOjcKpriGL3Ic3llNaxKjYowdmVUeMqKB9S
yjn/2oGauzJvCfL4SEpH5V2haOqI61ZqzoPxzOUCU2WjEMpFtElqYvk4BhsXh58I
YBJWtxkMBEKQDE7mR+AtQ/ibQ4NCL258x3XwqlgxMZ3VQazZ4ZsrHqx0Rwtkp+h/
dYRkFsNLZ/zQ+mfrgLAxzrLIejk0RVzRnLD8ihQavrwdkbPohCIcNpw7c6kh/x8r
fA2K/K/7K7l+nxzw4F58cj4FYOv6Kb5L25TtZ5ffnk54XnWec9DhoGgrAOMgPwb3
mODob+3rk5pEnCvZ1w/r69XXa0WqOvJrjkrHAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU4H7rWy4Gg0F6DNZgnsivomYoWDswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRIN3JXeTRHZzBGNkRO
Wmduc2l2b21Zb1dEcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFJeZy/bodo7SMVl
6sUIuz6/p5Jb82YJTtd/F3g2Zis2S0nh2K6OGcW4u8xouSDasSdi77Z1Z3oOnU4a
sLRXxZxzBwm32T6mUpxAuSvQKYeBGUR0Kw0u2ynLK60xEgNG/QwCrKAITDKXHdSj
IbAygfrMm1EXFmhQXpeSql+DqHWAuIj6AGDG2+KtiyD4b4iZlgpis4aln4QA4UJX
KdfTdb/fQXMXxhni9a0Z/SCpzVz+naulUm9fdcT2Ly979yHrQC32+BlPMIi3vMro
i59DVZ4hgUv6JUh7Hof40j0xs95eMnQwTebPSmwBFgjKtThmPYSzGdvZcSsoJctQ
5Apl6bU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:39:54 2025 by rpki-client