Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/7MQQ0BXaMx2Zj5cU4akDgnq5g4E.roa
File: 7MQQ0BXaMx2Zj5cU4akDgnq5g4E.roa (raw, json)
Hash identifier: vOKr6PO49V/mmLOljC020W/K4++fC2zJWN8XWG8hxQQ=
Subject key identifier: EC:C4:10:D0:15:DA:33:1D:99:8F:97:14:E1:A9:03:82:7A:B9:83:81
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C85
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7MQQ0BXaMx2Zj5cU4akDgnq5g4E.roa
Signing time: Tue 09 Apr 2024 06:52:36 +0000
ROA not before: Tue 09 Apr 2024 06:52:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15493 (0x3c85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 06:52:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=ECC410D015DA331D998F9714E1A903827AB98381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3c:26:f4:a5:58:a3:2a:95:ed:92:9b:ef:65:
55:dd:a7:c8:f6:7b:6f:60:35:91:53:cb:93:4c:9f:
a7:7e:51:33:4f:82:3c:87:59:2e:7d:ee:10:bc:c1:
e6:0b:0f:e8:c9:e2:80:8a:e8:d6:97:44:74:15:89:
ea:de:df:d0:5d:51:c8:2a:7d:35:a3:26:8a:cc:a4:
03:29:31:29:83:a0:1d:b8:2f:04:cf:b6:76:9b:30:
aa:74:e4:c5:19:33:04:6a:73:78:bc:b2:d4:4f:9f:
05:21:7a:8c:d0:6b:30:d1:be:e0:fb:bd:f8:f2:cc:
ee:ba:ad:68:b4:6b:73:66:30:5c:36:99:a5:1e:72:
e8:8c:c0:4b:27:94:a3:5e:3a:64:92:da:cb:d1:98:
32:a3:c2:f8:e2:b1:24:1a:48:4a:f9:01:77:cf:5b:
78:36:53:5e:d9:b9:5c:0f:9c:db:be:1b:58:bd:a4:
62:67:0d:8a:26:d3:d5:8f:bf:02:e7:5b:b9:f3:54:
12:0a:c3:5f:e1:98:e8:2c:8d:50:81:03:66:86:7b:
52:3f:93:0f:3e:b3:a5:c6:14:ee:05:31:b5:8b:1a:
41:30:56:5e:9c:ed:6e:f8:e8:1c:18:90:f0:34:08:
af:e9:be:cc:14:af:25:50:eb:6c:fd:58:f9:b5:f3:
ad:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:C4:10:D0:15:DA:33:1D:99:8F:97:14:E1:A9:03:82:7A:B9:83:81
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7MQQ0BXaMx2Zj5cU4akDgnq5g4E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
74:09:b7:cc:99:d3:f2:86:f4:2e:22:7b:63:e0:57:63:25:30:
bb:56:25:ea:2c:67:9d:27:03:eb:5b:02:d5:ed:fa:25:88:9b:
41:74:ba:29:62:28:84:97:02:d2:87:78:7f:99:c1:9b:62:c9:
fa:23:65:e5:42:cc:d6:4d:e0:15:77:82:1f:44:83:79:7a:71:
e3:94:f8:ea:a2:45:ec:25:10:9b:ea:33:13:ff:07:82:f8:9d:
7a:64:e2:9d:fd:bb:f8:4a:73:fb:ad:7e:f6:50:db:39:f1:4e:
3c:81:1a:5e:95:93:6e:91:77:10:bf:70:47:32:27:99:14:2f:
93:5f:46:22:af:4d:e0:97:60:37:9c:d0:70:35:43:d2:00:16:
5f:4a:69:27:45:df:cb:bc:71:bb:fb:85:20:04:24:85:eb:d0:
eb:b1:ca:d1:fd:49:d8:cc:28:47:9e:6e:86:65:1e:c6:d8:29:
21:4d:2b:9f:ec:32:de:10:28:b6:83:16:b5:25:19:6e:ca:ce:
d2:8c:f1:59:dc:15:45:f5:f7:83:f6:84:85:74:79:58:30:65:
a4:d5:57:f4:a3:d2:b3:86:2d:c9:35:7f:26:1a:c8:d2:48:92:
d5:55:b4:06:73:71:9f:df:f3:95:7f:8d:cb:8e:df:07:30:5a:
3f:1a:a5:15
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPIUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkw
NjUyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVDQzQxMEQwMTVEQTMz
MUQ5OThGOTcxNEUxQTkwMzgyN0FCOTgzODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNPCb0pVijKpXtkpvvZVXdp8j2e29gNZFTy5NMn6d+UTNPgjyH
WS597hC8weYLD+jJ4oCK6NaXRHQViere39BdUcgqfTWjJorMpAMpMSmDoB24LwTP
tnabMKp05MUZMwRqc3i8stRPnwUheozQazDRvuD7vfjyzO66rWi0a3NmMFw2maUe
cuiMwEsnlKNeOmSS2svRmDKjwvjisSQaSEr5AXfPW3g2U17ZuVwPnNu+G1i9pGJn
DYom09WPvwLnW7nzVBIKw1/hmOgsjVCBA2aGe1I/kw8+s6XGFO4FMbWLGkEwVl6c
7W746BwYkPA0CK/pvswUryVQ62z9WPm1860hAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU7MQQ0BXaMx2Zj5cU4akDgnq5g4EwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzdNUVEwQlhhTXgyWmo1
Y1U0YWtEZ25xNWc0RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHQJt8yZ0/KG9C4i
e2PgV2MlMLtWJeosZ50nA+tbAtXt+iWIm0F0uiliKISXAtKHeH+ZwZtiyfojZeVC
zNZN4BV3gh9Eg3l6ceOU+OqiRewlEJvqMxP/B4L4nXpk4p39u/hKc/utfvZQ2znx
TjyBGl6Vk26RdxC/cEcyJ5kUL5NfRiKvTeCXYDec0HA1Q9IAFl9KaSdF38u8cbv7
hSAEJIXr0OuxytH9SdjMKEeeboZlHsbYKSFNK5/sMt4QKLaDFrUlGW7KztKM8Vnc
FUX194P2hIV0eVgwZaTVV/Sj0rOGLck1fyYayNJIktVVtAZzcZ/f85V/jcuO3wcw
Wj8apRU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:11 2025 by rpki-client