Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/J1Vx8Xu8ztYBCkeBmIjRdyvyFwo.roa
File: J1Vx8Xu8ztYBCkeBmIjRdyvyFwo.roa (raw, json)
Hash identifier: NH+dDdLnLRRxxr5cB/oMJAigU8vmCTm5B27uNsXOeRk=
Subject key identifier: 27:55:71:F1:7B:BC:CE:D6:01:0A:47:81:98:88:D1:77:2B:F2:17:0A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3449
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/J1Vx8Xu8ztYBCkeBmIjRdyvyFwo.roa
Signing time: Fri 29 Mar 2024 07:22:13 +0000
ROA not before: Fri 29 Mar 2024 07:22:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13385 (0x3449)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 07:22:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=275571F17BBCCED6010A47819888D1772BF2170A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6c:46:07:55:78:e6:2b:ce:26:77:6a:b3:bb:
29:ee:c7:fe:77:cb:87:cf:f3:47:5c:5a:71:76:ce:
27:01:57:d9:71:6e:f1:46:4f:ae:a9:a7:0f:b0:66:
c6:57:28:e8:d2:6f:49:48:ca:65:8c:ed:55:ec:25:
22:be:72:72:0a:d9:d1:34:8e:4c:19:e8:df:d5:78:
8e:f2:20:55:e8:dc:88:03:5c:d3:ce:99:a1:f9:b2:
f9:fb:cf:ca:99:92:fd:bb:c1:72:99:bf:0a:96:b6:
7b:39:ef:d2:bc:5b:3e:a9:47:14:db:d7:84:90:f0:
f7:88:93:b5:f1:ac:6b:db:06:59:f7:10:8f:af:54:
5c:d8:9a:7e:3a:be:89:b1:9e:42:a3:f8:f2:a9:49:
19:8c:2e:29:cf:e6:40:fd:d3:9c:15:dd:fb:71:06:
a6:53:e6:99:87:e9:f3:a5:60:96:5f:1f:ba:47:99:
bf:c2:03:2d:2c:2c:1a:c1:ba:c7:d0:e9:02:48:77:
a8:96:ae:df:98:99:2f:db:fd:14:dc:23:81:51:df:
fc:72:a6:c8:1f:be:e0:7f:82:4c:b9:2a:6e:ef:69:
0a:bc:87:7a:16:6b:36:8a:7f:7c:0a:82:d1:96:62:
a2:d4:63:58:dc:b8:70:81:80:f4:ed:14:58:b3:f0:
14:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:55:71:F1:7B:BC:CE:D6:01:0A:47:81:98:88:D1:77:2B:F2:17:0A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/J1Vx8Xu8ztYBCkeBmIjRdyvyFwo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
84:6f:1c:cb:ef:5c:11:7c:d7:4d:c9:ac:24:96:46:ef:79:24:
5c:9e:15:3f:db:65:d6:12:5d:98:4c:ae:01:c1:a6:50:d7:e2:
e6:2d:0a:0d:e1:b0:30:6c:1e:8d:ad:43:c4:a9:35:92:2e:f3:
90:92:bf:f2:17:4d:43:1a:b8:30:01:f6:36:f5:4b:c0:5b:bb:
b4:2f:a5:be:32:65:25:dc:ab:28:fa:74:f2:09:ea:90:72:ea:
1d:87:44:84:37:41:78:dc:4c:b2:97:39:87:cd:34:cc:f2:5e:
9b:c8:47:54:9d:de:73:64:90:42:34:cb:1f:72:89:b1:82:c6:
65:e9:7d:a2:43:c3:d8:68:9c:a9:d6:89:f9:f4:c6:08:83:92:
91:f0:9d:21:7d:9d:6d:02:b4:8d:56:b9:82:5e:e3:ca:c0:3a:
31:91:66:f7:50:be:65:79:47:be:e0:86:41:5b:76:2e:f0:7f:
b7:8f:8f:a6:cd:a9:27:1b:20:26:03:c7:88:4b:26:25:6d:bf:
1c:5a:56:d3:4b:f9:68:6b:ac:ff:4e:38:70:56:1c:69:9e:d4:
e7:e9:ad:13:76:09:c3:c8:3b:f7:b7:88:da:ec:58:9f:5c:3e:
bb:f2:2e:ed:64:c3:e7:9f:b8:bd:7a:da:c3:3b:93:17:03:93:
a0:8c:dc:13
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNEkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
NzIyMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI3NTU3MUYxN0JCQ0NF
RDYwMTBBNDc4MTk4ODhEMTc3MkJGMjE3MEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjbEYHVXjmK84md2qzuynux/53y4fP80dcWnF2zicBV9lxbvFG
T66ppw+wZsZXKOjSb0lIymWM7VXsJSK+cnIK2dE0jkwZ6N/VeI7yIFXo3IgDXNPO
maH5svn7z8qZkv27wXKZvwqWtns579K8Wz6pRxTb14SQ8PeIk7XxrGvbBln3EI+v
VFzYmn46vomxnkKj+PKpSRmMLinP5kD905wV3ftxBqZT5pmH6fOlYJZfH7pHmb/C
Ay0sLBrBusfQ6QJId6iWrt+YmS/b/RTcI4FR3/xypsgfvuB/gky5Km7vaQq8h3oW
azaKf3wKgtGWYqLUY1jcuHCBgPTtFFiz8BR9AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUJ1Vx8Xu8ztYBCkeBmIjRdyvyFwowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0oxVng4WHU4enRZQkNr
ZUJtSWpSZHl2eUZ3by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIRvHMvvXBF8103J
rCSWRu95JFyeFT/bZdYSXZhMrgHBplDX4uYtCg3hsDBsHo2tQ8SpNZIu85CSv/IX
TUMauDAB9jb1S8Bbu7Qvpb4yZSXcqyj6dPIJ6pBy6h2HRIQ3QXjcTLKXOYfNNMzy
XpvIR1Sd3nNkkEI0yx9yibGCxmXpfaJDw9honKnWifn0xgiDkpHwnSF9nW0CtI1W
uYJe48rAOjGRZvdQvmV5R77ghkFbdi7wf7ePj6bNqScbICYDx4hLJiVtvxxaVtNL
+WhrrP9OOHBWHGme1OfprRN2CcPIO/e3iNrsWJ9cPrvyLu1kw+efuL162sM7kxcD
k6CM3BM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:32 2025 by rpki-client