Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/AXeeGrWkt9GOCd-GMJ4crC2zlXU.roa
File: AXeeGrWkt9GOCd-GMJ4crC2zlXU.roa (raw, json)
Hash identifier: YoLzYae+e54a5LcMfU5DhkQ/sQxh2BNLyTKCyej8VO4=
Subject key identifier: 01:77:9E:1A:B5:A4:B7:D1:8E:09:DF:86:30:9E:1C:AC:2D:B3:95:75
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FE9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AXeeGrWkt9GOCd-GMJ4crC2zlXU.roa
Signing time: Sat 13 Apr 2024 19:22:54 +0000
ROA not before: Sat 13 Apr 2024 19:22:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16361 (0x3fe9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 19:22:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=01779E1AB5A4B7D18E09DF86309E1CAC2DB39575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:58:8f:39:e7:a2:26:79:77:0e:ec:43:18:fe:
40:08:36:59:73:d8:e8:98:a4:5a:02:f0:22:f7:c0:
12:91:f6:2c:f1:2a:86:b3:2e:c1:4d:c7:43:12:49:
f4:20:aa:02:3d:74:f0:fd:bc:b8:10:8a:55:30:c2:
6a:cf:a6:1e:b5:86:38:98:08:1e:5d:f6:36:1a:3d:
2c:f7:27:81:2f:3f:10:eb:88:a1:fb:e9:4a:4d:79:
dd:71:18:66:98:df:bb:df:cf:a0:0e:ff:79:9d:a3:
36:9b:e0:4f:ee:63:21:9f:e7:6d:78:ec:aa:f8:53:
65:78:ba:e5:c2:c0:b3:e4:ca:54:29:d7:5c:52:c8:
90:7c:17:da:c2:f0:44:e9:ae:37:6b:9e:5a:66:c9:
09:8d:14:df:8a:74:8a:a8:d4:07:d3:5a:4a:8e:fd:
68:5a:ba:f1:c3:dc:5f:ec:15:01:c4:42:91:e8:e0:
61:d3:7d:49:05:95:fd:89:57:07:82:05:7c:c1:bd:
0b:bb:3d:2b:0a:2c:26:82:53:a7:c3:9b:3a:cf:f5:
b9:e5:a5:3b:cf:d9:bf:f7:3f:44:12:8b:f4:03:ac:
55:79:2f:a5:f7:c9:f6:fe:d3:af:43:90:8e:b5:fc:
57:6a:57:f8:13:5a:f5:45:52:f2:d5:97:a9:22:ab:
23:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:77:9E:1A:B5:A4:B7:D1:8E:09:DF:86:30:9E:1C:AC:2D:B3:95:75
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AXeeGrWkt9GOCd-GMJ4crC2zlXU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
63:dd:ca:d0:e2:3f:05:21:ac:65:16:ca:69:7d:5d:1a:25:03:
3f:9d:ec:7a:7c:ed:89:5f:39:9b:fd:69:86:e9:bb:a9:9a:12:
32:71:9b:99:9e:18:39:8f:0e:de:a4:00:89:de:1a:6f:7e:7b:
61:44:2e:b3:21:91:c9:03:61:6e:dd:37:b4:bb:e0:ab:8f:48:
38:3b:97:10:e6:4f:11:e9:38:44:d3:e1:51:65:7a:70:34:8f:
cd:77:39:5a:d3:ea:14:05:f6:19:27:6d:62:61:6d:08:48:24:
62:87:f4:78:12:18:24:af:c6:97:cb:71:42:8d:29:4b:2a:e6:
bc:2a:7e:bf:f0:75:26:40:93:e3:e0:96:09:ba:ce:54:f4:d7:
ef:d4:e5:db:26:12:e3:46:66:7d:06:c4:ad:ae:81:e1:e9:f9:
3b:17:b4:82:09:e0:89:0d:ae:b5:4b:38:77:79:f9:f3:51:e8:
8d:24:93:40:9f:b5:66:6f:e0:5c:06:02:29:2e:99:75:59:5d:
37:93:d2:a2:cb:be:13:6e:8d:de:0b:13:d9:ff:b3:1e:49:e0:
98:96:a8:ee:f6:96:b2:10:b9:1c:a5:43:24:90:2c:59:0c:1c:
c4:60:ae:48:34:ba:18:4a:cd:73:24:ba:15:f6:e1:70:24:0e:
ea:2c:b6:d1
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICP+kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
OTIyNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAxNzc5RTFBQjVBNEI3
RDE4RTA5REY4NjMwOUUxQ0FDMkRCMzk1NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7WI8556ImeXcO7EMY/kAINllz2OiYpFoC8CL3wBKR9izxKoaz
LsFNx0MSSfQgqgI9dPD9vLgQilUwwmrPph61hjiYCB5d9jYaPSz3J4EvPxDriKH7
6UpNed1xGGaY37vfz6AO/3mdozab4E/uYyGf52147Kr4U2V4uuXCwLPkylQp11xS
yJB8F9rC8ETprjdrnlpmyQmNFN+KdIqo1AfTWkqO/WhauvHD3F/sFQHEQpHo4GHT
fUkFlf2JVweCBXzBvQu7PSsKLCaCU6fDmzrP9bnlpTvP2b/3P0QSi/QDrFV5L6X3
yfb+069DkI61/FdqV/gTWvVFUvLVl6kiqyMPAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUAXeeGrWkt9GOCd+GMJ4crC2zlXUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0FYZWVHcldrdDlHT0Nk
LUdNSjRjckMyemxYVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGPdytDiPwUhrGUW
yml9XRolAz+d7Hp87YlfOZv9aYbpu6maEjJxm5meGDmPDt6kAIneGm9+e2FELrMh
kckDYW7dN7S74KuPSDg7lxDmTxHpOETT4VFlenA0j813OVrT6hQF9hknbWJhbQhI
JGKH9HgSGCSvxpfLcUKNKUsq5rwqfr/wdSZAk+Pglgm6zlT01+/U5dsmEuNGZn0G
xK2ugeHp+TsXtIIJ4IkNrrVLOHd5+fNR6I0kk0CftWZv4FwGAikumXVZXTeT0qLL
vhNujd4LE9n/sx5J4JiWqO72lrIQuRylQySQLFkMHMRgrkg0uhhKzXMkuhX24XAk
DuosttE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:27 2025 by rpki-client