Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/7byFsUlVxb2EP-J-RqlP75aW_VQ.roa
File: 7byFsUlVxb2EP-J-RqlP75aW_VQ.roa (raw, json)
Hash identifier: H8RbTY4O3L6logKr+2k+uAvPQaFAkmritshfNCbOdbU=
Subject key identifier: ED:BC:85:B1:49:55:C5:BD:84:3F:E2:7E:46:A9:4F:EF:96:96:FD:54
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4961
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7byFsUlVxb2EP-J-RqlP75aW_VQ.roa
Signing time: Fri 26 Apr 2024 10:23:20 +0000
ROA not before: Fri 26 Apr 2024 10:23:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18785 (0x4961)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 26 10:23:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EDBC85B14955C5BD843FE27E46A94FEF9696FD54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8b:84:59:36:70:7d:9e:b1:e3:2c:c7:02:0f:
f3:5f:95:cc:a8:fd:92:e6:cf:13:3e:d4:c9:1a:a5:
b1:ba:65:f1:71:22:ff:c0:39:e0:4d:e0:d6:27:f0:
09:54:27:08:f5:31:24:26:82:38:3b:df:ba:38:a0:
64:0f:47:a0:bc:be:55:02:48:7f:48:83:64:48:d1:
72:98:18:75:e9:da:a5:17:f3:7f:72:f8:54:22:99:
be:78:9a:3d:3d:ac:6a:79:f2:ce:bd:3a:0e:79:b1:
cf:02:8a:b2:ad:32:d1:73:bb:12:da:75:5b:51:65:
b1:e8:10:1e:2e:57:e9:f6:63:e2:17:70:ce:b9:ea:
70:ce:e2:8d:cc:e3:74:31:9b:c9:4d:3d:66:29:b8:
32:89:73:89:a1:bd:98:b0:2e:27:fa:b9:f1:8e:f5:
b1:a0:cf:10:21:98:e5:8a:76:1e:dd:d0:6b:21:a1:
ff:c9:2b:5f:e0:1a:e0:53:ab:c0:cf:09:1b:94:f4:
02:df:f7:bf:ff:a8:05:f8:f8:dd:0e:6c:ab:58:a0:
74:f7:d9:ee:17:60:63:9b:a5:99:e5:7f:f8:82:44:
96:16:fe:54:a6:c8:91:46:35:8b:2c:29:f4:71:5f:
47:a5:ad:68:ed:c4:cb:af:87:61:64:1d:a0:44:de:
b5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:BC:85:B1:49:55:C5:BD:84:3F:E2:7E:46:A9:4F:EF:96:96:FD:54
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7byFsUlVxb2EP-J-RqlP75aW_VQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b4:31:96:5d:e7:d4:2a:4f:bb:a0:e8:ef:09:1c:cb:e7:f2:ec:
79:23:4d:04:8f:88:25:d1:f5:b5:6c:84:4c:43:aa:46:6c:ef:
2c:0a:cc:39:cb:70:2e:f3:37:66:d4:e3:27:b7:45:9f:b0:0e:
4f:65:6a:32:6f:d0:52:58:e3:bb:96:89:25:bc:6d:bc:df:d6:
b5:41:9a:77:5f:1d:9d:2d:61:66:3e:f0:b0:f6:ce:25:30:16:
f6:44:75:d8:21:81:7b:4d:0f:58:41:5c:71:47:73:97:35:4e:
fd:c1:0a:78:54:0f:c8:1b:31:c6:47:24:25:94:c4:77:e1:f0:
5c:cf:bd:7b:71:a0:a7:40:cb:af:19:41:97:2f:de:f8:c8:fa:
84:ee:00:9e:20:70:e5:ae:38:12:35:52:87:08:62:b0:1a:09:
dd:f5:82:5f:bb:8b:82:76:f3:c9:e1:21:c7:bd:b3:f9:9a:71:
45:5e:5f:f4:b5:f4:58:f6:a1:ba:70:3d:03:3d:8d:9e:9f:86:
b1:03:06:3c:9c:c3:dd:55:2c:4f:62:6a:de:bb:fa:77:49:ea:
48:7f:6d:3d:5a:ea:2b:16:4c:4b:b7:a7:86:68:70:96:a4:6e:
84:b6:88:2c:7f:88:7e:13:9d:1b:71:b8:b6:85:a8:bc:a8:5d:
31:4e:a0:71
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjYx
MDIzMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVEQkM4NUIxNDk1NUM1
QkQ4NDNGRTI3RTQ2QTk0RkVGOTY5NkZENTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCai4RZNnB9nrHjLMcCD/Nflcyo/ZLmzxM+1MkapbG6ZfFxIv/A
OeBN4NYn8AlUJwj1MSQmgjg737o4oGQPR6C8vlUCSH9Ig2RI0XKYGHXp2qUX839y
+FQimb54mj09rGp58s69Og55sc8CirKtMtFzuxLadVtRZbHoEB4uV+n2Y+IXcM65
6nDO4o3M43Qxm8lNPWYpuDKJc4mhvZiwLif6ufGO9bGgzxAhmOWKdh7d0Gshof/J
K1/gGuBTq8DPCRuU9ALf97//qAX4+N0ObKtYoHT32e4XYGObpZnlf/iCRJYW/lSm
yJFGNYssKfRxX0elrWjtxMuvh2FkHaBE3rX7AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU7byFsUlVxb2EP+J+RqlP75aW/VQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzdieUZzVWxWeGIyRVAt
Si1ScWxQNzVhV19WUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALQxll3n1CpPu6Do
7wkcy+fy7HkjTQSPiCXR9bVshExDqkZs7ywKzDnLcC7zN2bU4ye3RZ+wDk9lajJv
0FJY47uWiSW8bbzf1rVBmndfHZ0tYWY+8LD2ziUwFvZEddghgXtND1hBXHFHc5c1
Tv3BCnhUD8gbMcZHJCWUxHfh8FzPvXtxoKdAy68ZQZcv3vjI+oTuAJ4gcOWuOBI1
UocIYrAaCd31gl+7i4J288nhIce9s/macUVeX/S19Fj2obpwPQM9jZ6fhrEDBjyc
w91VLE9iat67+ndJ6kh/bT1a6isWTEu3p4ZocJakboS2iCx/iH4TnRtxuLaFqLyo
XTFOoHE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:15 2025 by rpki-client