Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Eg45Q053kDhm5BBMolOi7NR62JI.roa
File: Eg45Q053kDhm5BBMolOi7NR62JI.roa (raw, json)
Hash identifier: xelvVzVrMlK5tFVmiE+mbASGuBbrEw8TzAqubTxrIG0=
Subject key identifier: 12:0E:39:43:4E:77:90:38:66:E4:10:4C:A2:53:A2:EC:D4:7A:D8:92
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4539
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Eg45Q053kDhm5BBMolOi7NR62JI.roa
Signing time: Sat 20 Apr 2024 21:23:05 +0000
ROA not before: Sat 20 Apr 2024 21:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17721 (0x4539)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 21:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=120E39434E77903866E4104CA253A2ECD47AD892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c1:c8:43:89:05:42:b6:83:ea:80:6a:4a:ec:
8a:ee:b7:3d:0f:9e:11:02:4d:42:36:5c:07:bc:11:
f8:54:c0:7f:36:3a:c9:7c:a9:e2:12:0d:14:f1:44:
f0:d6:5d:e4:79:40:ec:22:a3:5e:2c:8b:0b:a5:3a:
13:1d:25:f2:90:eb:14:71:10:80:80:ed:a0:5a:3e:
e3:94:87:3b:6e:95:0b:c3:39:41:aa:f5:cb:ea:3c:
ff:f9:93:31:c8:6e:18:24:e7:37:40:7a:f1:ab:0c:
fd:ea:33:f4:d2:de:b6:a5:97:fa:c1:2c:ee:3f:c2:
0b:ac:de:31:cf:c5:ac:f4:d8:d1:44:d1:53:12:f3:
00:17:79:2a:d3:e7:f5:6f:fe:6a:c1:a2:4c:f3:bf:
5f:52:03:c5:36:14:eb:66:d5:21:8f:64:4a:ab:f0:
ee:a6:6a:ee:67:93:b9:7c:e5:3d:a5:6b:d3:d2:26:
b7:1c:c2:7c:82:8d:ce:2c:0d:01:47:dc:3b:9b:87:
2a:29:c7:bd:67:bf:8f:12:ae:42:38:44:a1:06:a7:
ca:b7:fe:a6:76:dd:97:61:cf:3f:d3:36:7f:73:93:
13:5b:b2:29:7a:cb:94:78:d6:ab:c2:ae:eb:b9:a0:
fb:4a:09:63:9f:cb:02:2e:cd:f2:7e:a5:c9:0b:73:
52:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:0E:39:43:4E:77:90:38:66:E4:10:4C:A2:53:A2:EC:D4:7A:D8:92
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Eg45Q053kDhm5BBMolOi7NR62JI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6e:61:4a:4e:8d:e4:f8:a2:dc:2e:d7:28:9e:b2:b0:44:01:f5:
5e:53:bb:5f:b2:8c:45:c9:42:46:02:98:d3:57:ba:89:ec:31:
b3:f2:28:b6:4c:08:ce:be:56:2a:8b:aa:b4:1f:dc:fe:69:2c:
b8:df:6f:ab:cf:78:f9:53:7d:bc:d0:6d:01:96:5c:97:af:02:
7b:a8:28:58:e6:d3:f9:f8:62:41:a3:07:f6:da:55:d1:d6:29:
c2:cf:4e:6d:a7:fa:e9:06:b3:da:b2:3e:85:bf:37:85:2f:86:
33:a1:60:61:19:71:26:fc:1b:a4:0e:f4:70:cc:7a:0a:1c:30:
e0:91:c0:08:ca:47:3f:1a:c4:01:13:2a:43:00:05:62:d4:f7:
65:39:0a:d3:d1:f2:00:c1:e9:29:ef:a6:23:e3:ed:13:f4:ad:
2f:fc:c1:ed:94:85:de:b4:b8:7c:9b:e0:50:2c:40:1b:4b:fb:
aa:fe:79:3b:d5:ae:40:cc:45:73:67:48:b6:c1:a5:d2:eb:c0:
67:19:37:5b:b8:5c:8c:95:b9:b5:d2:f8:86:44:5f:bf:82:a0:
ba:c3:10:50:26:17:34:ae:11:5d:49:9b:dc:69:55:5a:4e:f8:
85:31:9c:62:16:3a:75:0a:68:9c:65:2c:7f:8d:e1:ce:07:4b:
92:90:c2:0e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRTkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAy
MTIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEyMEUzOTQzNEU3Nzkw
Mzg2NkU0MTA0Q0EyNTNBMkVDRDQ3QUQ4OTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGwchDiQVCtoPqgGpK7Irutz0PnhECTUI2XAe8EfhUwH82Osl8
qeISDRTxRPDWXeR5QOwio14siwulOhMdJfKQ6xRxEICA7aBaPuOUhztulQvDOUGq
9cvqPP/5kzHIbhgk5zdAevGrDP3qM/TS3rall/rBLO4/wgus3jHPxaz02NFE0VMS
8wAXeSrT5/Vv/mrBokzzv19SA8U2FOtm1SGPZEqr8O6mau5nk7l85T2la9PSJrcc
wnyCjc4sDQFH3Dubhyopx71nv48SrkI4RKEGp8q3/qZ23Zdhzz/TNn9zkxNbsil6
y5R41qvCruu5oPtKCWOfywIuzfJ+pckLc1IPAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUEg45Q053kDhm5BBMolOi7NR62JIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0VnNDVRMDUza0RobTVC
Qk1vbE9pN05SNjJKSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAG5hSk6N5Pii3C7X
KJ6ysEQB9V5Tu1+yjEXJQkYCmNNXuonsMbPyKLZMCM6+ViqLqrQf3P5pLLjfb6vP
ePlTfbzQbQGWXJevAnuoKFjm0/n4YkGjB/baVdHWKcLPTm2n+ukGs9qyPoW/N4Uv
hjOhYGEZcSb8G6QO9HDMegocMOCRwAjKRz8axAETKkMABWLU92U5CtPR8gDB6Snv
piPj7RP0rS/8we2Uhd60uHyb4FAsQBtL+6r+eTvVrkDMRXNnSLbBpdLrwGcZN1u4
XIyVubXS+IZEX7+CoLrDEFAmFzSuEV1Jm9xpVVpO+IUxnGIWOnUKaJxlLH+N4c4H
S5KQwg4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:45 2025 by rpki-client