Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Crh7MaCihAuwlCf-xCIN0o--t0I.roa
File: Crh7MaCihAuwlCf-xCIN0o--t0I.roa (raw, json)
Hash identifier: ckO0XOFi8xh86FXUKBDrQMQ4pS7pgx50uchOu+8kKWY=
Subject key identifier: 0A:B8:7B:31:A0:A2:84:0B:B0:94:27:FE:C4:22:0D:D2:8F:BE:B7:42
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E95
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Crh7MaCihAuwlCf-xCIN0o--t0I.roa
Signing time: Fri 12 Apr 2024 00:52:47 +0000
ROA not before: Fri 12 Apr 2024 00:52:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16021 (0x3e95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 00:52:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0AB87B31A0A2840BB09427FEC4220DD28FBEB742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2b:43:02:30:26:9b:57:16:2e:bd:42:a4:21:
39:1f:b1:f3:94:ba:fe:ba:0d:19:ea:b7:fd:7d:1b:
95:2f:18:a4:df:73:ff:45:b3:25:bf:61:fd:e4:bc:
ef:ec:c0:7e:b0:dc:da:a9:8e:2a:12:41:25:4a:6a:
98:75:0c:70:0e:f0:da:4e:96:7d:3b:cd:fa:3b:19:
0e:31:d0:bb:0d:82:d7:8e:fe:f1:69:eb:74:3b:10:
26:e3:84:d1:fe:9b:da:7e:f9:49:02:18:60:ce:22:
ca:07:21:78:5f:af:60:de:6f:fe:92:c9:67:ec:c5:
56:a7:4d:2c:5a:9d:03:a2:6c:7d:68:bb:ae:fd:50:
f8:29:d3:30:e6:8c:2c:b8:ae:2c:19:8f:cc:19:75:
42:26:06:e4:41:ba:78:f3:50:8c:ac:62:35:6f:11:
5e:5a:dd:a4:2f:37:72:db:30:21:6f:19:03:fa:d9:
69:54:12:ca:98:c5:ba:a7:9d:38:db:5b:49:13:d4:
2d:5b:69:37:4d:4e:68:72:1d:a1:4c:c5:af:5c:b4:
c1:f3:fc:b5:49:d4:b6:0d:ac:6a:d6:5e:4d:ee:43:
48:34:01:fa:a8:19:a6:22:11:12:8e:51:14:3d:2c:
0a:85:d4:eb:91:dd:db:e9:cd:ff:ca:82:8d:4b:f9:
6b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B8:7B:31:A0:A2:84:0B:B0:94:27:FE:C4:22:0D:D2:8F:BE:B7:42
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Crh7MaCihAuwlCf-xCIN0o--t0I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:ca:d2:22:2b:3b:dc:b2:3e:ab:ce:08:f2:bd:47:69:40:bb:
5e:7f:c8:e8:88:75:9a:a6:54:fe:1c:4e:c9:0b:5c:24:4f:d6:
cd:23:35:18:07:d4:07:50:ed:c5:06:11:3d:4f:9b:b3:a0:76:
32:fb:84:b9:09:9a:c9:d2:6e:22:91:f8:3a:5e:16:c2:46:d0:
cb:51:f5:ea:1e:57:e1:86:24:07:d4:97:5c:5d:60:06:08:95:
05:43:fe:18:8c:bb:0c:33:0d:c0:3b:0d:a2:f3:a3:df:3f:93:
16:03:1e:bf:b7:d9:fb:c3:d3:7a:04:fc:98:1e:a8:37:d6:64:
4a:8d:99:72:a9:d3:50:39:da:52:de:e2:0b:3d:c6:97:a6:a3:
da:9a:fc:6d:46:9e:5f:c5:7c:73:dd:d5:a4:aa:bb:92:c3:94:
f3:0c:ca:67:b5:93:79:88:64:fe:ff:97:84:2f:b5:8f:69:73:
db:11:52:ef:eb:07:09:55:17:26:75:10:62:ea:65:e5:80:cc:
1a:ae:81:2b:38:01:4c:92:0f:90:3b:62:85:20:e6:61:4a:6b:
e1:12:76:3c:c8:37:01:b2:af:a8:80:0d:17:d5:ca:03:1a:09:
76:92:f2:a1:67:5a:8d:73:57:06:e1:b1:7b:53:c1:25:02:30:
c2:94:30:25
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPpUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIw
MDUyNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBBQjg3QjMxQTBBMjg0
MEJCMDk0MjdGRUM0MjIwREQyOEZCRUI3NDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUK0MCMCabVxYuvUKkITkfsfOUuv66DRnqt/19G5UvGKTfc/9F
syW/Yf3kvO/swH6w3NqpjioSQSVKaph1DHAO8NpOln07zfo7GQ4x0LsNgteO/vFp
63Q7ECbjhNH+m9p++UkCGGDOIsoHIXhfr2Deb/6SyWfsxVanTSxanQOibH1ou679
UPgp0zDmjCy4riwZj8wZdUImBuRBunjzUIysYjVvEV5a3aQvN3LbMCFvGQP62WlU
EsqYxbqnnTjbW0kT1C1baTdNTmhyHaFMxa9ctMHz/LVJ1LYNrGrWXk3uQ0g0Afqo
GaYiERKOURQ9LAqF1OuR3dvpzf/Kgo1L+WuLAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUCrh7MaCihAuwlCf+xCIN0o++t0IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NyaDdNYUNpaEF1d2xD
Zi14Q0lOMG8tLXQwSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAG3K0iIrO9yyPqvO
CPK9R2lAu15/yOiIdZqmVP4cTskLXCRP1s0jNRgH1AdQ7cUGET1Pm7OgdjL7hLkJ
msnSbiKR+DpeFsJG0MtR9eoeV+GGJAfUl1xdYAYIlQVD/hiMuwwzDcA7DaLzo98/
kxYDHr+32fvD03oE/JgeqDfWZEqNmXKp01A52lLe4gs9xpemo9qa/G1Gnl/FfHPd
1aSqu5LDlPMMyme1k3mIZP7/l4QvtY9pc9sRUu/rBwlVFyZ1EGLqZeWAzBqugSs4
AUySD5A7YoUg5mFKa+ESdjzINwGyr6iADRfVygMaCXaS8qFnWo1zVwbhsXtTwSUC
MMKUMCU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:45 2025 by rpki-client