Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/G1ZBXZXyMPzYBzjWLSSVN9M7Z4g.roa
File: G1ZBXZXyMPzYBzjWLSSVN9M7Z4g.roa (raw, json)
Hash identifier: wq2B8UWt13PTjYJjBRkyextJnTthFpgB8GpsciCwfSk=
Subject key identifier: 1B:56:41:5D:95:F2:30:FC:D8:07:38:D6:2D:24:95:37:D3:3B:67:88
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3975
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/G1ZBXZXyMPzYBzjWLSSVN9M7Z4g.roa
Signing time: Fri 05 Apr 2024 04:52:23 +0000
ROA not before: Fri 05 Apr 2024 04:52:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14709 (0x3975)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 04:52:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1B56415D95F230FCD80738D62D249537D33B6788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c8:12:5f:33:63:5d:b4:86:0b:45:ee:37:4d:
b7:64:3c:0e:e5:f6:6e:ff:43:3e:08:c9:d6:26:3a:
23:6c:fe:e9:76:de:aa:7e:8f:e5:11:99:a9:37:a7:
07:4d:aa:53:2b:63:e6:91:36:c0:4f:3a:7d:29:d8:
38:47:c1:de:7a:a2:ae:f4:39:00:7c:ec:bf:1b:64:
7e:bd:a6:92:ca:02:5b:ed:75:ec:43:5e:0a:d4:b6:
7e:c0:78:f5:8b:15:fe:a4:5d:c9:f4:c7:d8:9c:fb:
d3:8c:f3:66:1c:89:3e:f7:d4:38:ef:39:a3:34:c0:
98:ab:b7:98:2f:d1:00:b5:23:96:86:b2:99:5f:37:
80:9d:de:d9:ba:b3:c0:ff:9a:f7:46:eb:e3:38:1a:
ee:cb:41:2d:dd:d6:95:39:a6:03:a7:e7:e8:9d:01:
48:26:e7:cd:16:9e:56:93:48:d7:15:dd:9d:18:68:
d7:9a:e4:6a:8b:3f:fd:b5:20:83:51:f4:ce:cc:26:
42:9f:f6:71:05:23:41:1d:30:23:cb:e9:b9:39:94:
97:94:da:0c:4f:88:9f:31:69:43:60:9b:b9:99:c6:
be:e4:05:39:8e:18:19:76:9f:37:2c:a8:1d:03:f3:
bb:7d:d9:f8:61:a4:86:f7:56:b2:bb:0f:91:49:8f:
ff:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:56:41:5D:95:F2:30:FC:D8:07:38:D6:2D:24:95:37:D3:3B:67:88
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/G1ZBXZXyMPzYBzjWLSSVN9M7Z4g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3c:1e:c8:e3:f0:47:e6:d1:97:be:1a:dc:b5:9d:a7:0a:a8:9b:
68:3d:ba:f0:69:1a:74:0b:79:cd:92:01:c8:26:3e:05:09:e2:
50:ba:dd:62:b7:ca:be:1e:42:47:0c:d2:24:2f:18:92:e3:ec:
c1:eb:51:9b:32:6a:80:cf:49:65:e7:4b:36:60:7b:ad:c6:8a:
53:92:ad:16:9e:d7:5c:38:c0:03:0a:a6:77:68:13:d8:7c:cd:
d2:83:7b:04:32:4d:73:b7:e8:e6:d9:10:bc:b7:9f:51:5b:3b:
53:b9:8a:33:ad:de:e5:c7:d0:8c:89:f6:55:94:51:ec:88:2f:
d0:d3:a7:f1:a8:b3:5a:a4:03:63:28:30:ea:f4:ae:6d:e0:c9:
ad:7b:0c:91:37:99:ff:2e:e6:86:59:d3:9b:e0:e8:ee:9b:dc:
8a:38:96:e2:2b:5b:51:3e:12:9a:43:ac:26:53:71:18:ad:c4:
5f:84:5b:9b:92:30:82:71:09:14:98:5b:74:26:17:64:79:13:
a8:41:71:5d:ff:59:2d:74:3b:6e:34:3e:6f:24:fe:5a:7e:c5:
4d:59:84:49:6a:93:a2:0f:6f:52:79:ef:7e:d9:9b:66:fc:70:
8a:ce:5d:be:2f:5a:c3:c5:99:60:e4:3c:de:2d:92:34:12:e2:
f6:9b:21:53
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOXUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUw
NDUyMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFCNTY0MTVEOTVGMjMw
RkNEODA3MzhENjJEMjQ5NTM3RDMzQjY3ODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxyBJfM2NdtIYLRe43TbdkPA7l9m7/Qz4IydYmOiNs/ul23qp+
j+URmak3pwdNqlMrY+aRNsBPOn0p2DhHwd56oq70OQB87L8bZH69ppLKAlvtdexD
XgrUtn7AePWLFf6kXcn0x9ic+9OM82YciT731DjvOaM0wJirt5gv0QC1I5aGsplf
N4Cd3tm6s8D/mvdG6+M4Gu7LQS3d1pU5pgOn5+idAUgm580WnlaTSNcV3Z0YaNea
5GqLP/21IINR9M7MJkKf9nEFI0EdMCPL6bk5lJeU2gxPiJ8xaUNgm7mZxr7kBTmO
GBl2nzcsqB0D87t92fhhpIb3VrK7D5FJj/+NAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUG1ZBXZXyMPzYBzjWLSSVN9M7Z4gwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0cxWkJYWlh5TVB6WUJ6
aldMU1NWTjlNN1o0Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADweyOPwR+bRl74a
3LWdpwqom2g9uvBpGnQLec2SAcgmPgUJ4lC63WK3yr4eQkcM0iQvGJLj7MHrUZsy
aoDPSWXnSzZge63GilOSrRae11w4wAMKpndoE9h8zdKDewQyTXO36ObZELy3n1Fb
O1O5ijOt3uXH0IyJ9lWUUeyIL9DTp/Gos1qkA2MoMOr0rm3gya17DJE3mf8u5oZZ
05vg6O6b3Io4luIrW1E+EppDrCZTcRitxF+EW5uSMIJxCRSYW3QmF2R5E6hBcV3/
WS10O240Pm8k/lp+xU1ZhElqk6IPb1J5737Zm2b8cIrOXb4vWsPFmWDkPN4tkjQS
4vabIVM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:19:30 2025 by rpki-client