Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/M7HdmTSqOIBqvJZlpPu1PqUHsy8.roa
File: M7HdmTSqOIBqvJZlpPu1PqUHsy8.roa (raw, json)
Hash identifier: QajbCuPgNJ6duKmLWO5FC0uECa7JoqUIlqPxrjp5qaA=
Subject key identifier: 33:B1:DD:99:34:AA:38:80:6A:BC:96:65:A4:FB:B5:3E:A5:07:B3:2F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 57C5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/M7HdmTSqOIBqvJZlpPu1PqUHsy8.roa
Signing time: Wed 15 May 2024 14:54:11 +0000
ROA not before: Wed 15 May 2024 14:54:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22469 (0x57c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 14:54:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=33B1DD9934AA38806ABC9665A4FBB53EA507B32F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3f:28:c0:92:4f:bc:37:6e:2b:83:8d:94:2a:
55:d7:8f:be:e8:0d:55:80:d8:a4:3f:52:31:03:b0:
5b:b7:24:98:d5:62:7e:d2:63:37:92:8a:de:07:10:
b8:1e:51:5d:ae:cd:d0:f7:68:c9:89:fd:36:f2:c6:
26:4c:08:c0:6e:9d:49:14:a9:99:99:45:e1:42:92:
8c:22:85:2a:4b:32:fc:7b:b3:b3:6d:b7:48:4d:b1:
74:82:9a:9b:3c:ea:86:fa:19:c5:c4:d3:63:7c:23:
94:fb:c0:4e:d4:d5:ad:2e:46:31:3a:e0:da:8b:43:
d7:4d:70:3f:35:e3:ae:e0:35:38:fb:6e:c8:63:d5:
4b:94:24:e6:0a:6c:1e:56:f8:c0:04:6d:24:58:da:
43:b6:29:0b:e6:da:a2:f6:c1:66:9f:5c:52:a0:ea:
e8:9c:3d:d4:20:01:53:a4:a2:b4:5e:ca:80:f5:14:
5d:95:69:68:1e:74:15:e5:6d:91:8e:e9:85:c6:98:
18:dc:8b:8d:8e:2e:70:58:1a:df:92:fd:02:57:3d:
61:40:4c:7e:10:99:03:e9:77:65:71:e4:de:5b:87:
68:5f:78:7a:51:e2:b8:af:51:07:f2:4d:57:59:b6:
6b:c3:0e:e0:4d:bd:ff:cd:2c:cf:bc:21:6e:06:6e:
60:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B1:DD:99:34:AA:38:80:6A:BC:96:65:A4:FB:B5:3E:A5:07:B3:2F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/M7HdmTSqOIBqvJZlpPu1PqUHsy8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2f:f1:a0:6a:f7:da:51:8b:eb:be:26:89:39:e6:0c:7b:5f:92:
82:ce:44:c4:31:d4:cf:5f:75:4c:b8:3a:96:e0:a1:9e:9e:cf:
64:87:25:ae:c5:83:cc:d7:0d:e1:88:fd:fd:46:15:9d:de:3d:
ab:d0:d0:a0:63:c5:c6:7d:44:6b:f3:5b:45:7b:21:91:b2:9d:
84:10:ba:e8:40:97:35:c8:d2:c5:16:e4:58:6e:85:5f:a4:92:
c4:0f:c6:88:55:d5:8b:55:0d:d9:b2:56:ad:20:9a:84:c6:bd:
36:58:c4:5e:db:d3:d0:e4:3b:05:67:8d:c7:eb:c5:65:da:c1:
0f:6d:e9:77:b2:64:cf:e8:6f:5c:80:86:7a:40:59:de:db:4b:
16:2b:f1:49:c6:56:d9:70:34:4a:6e:29:23:dd:8a:6a:79:28:
7f:22:cd:52:76:3c:2e:d8:88:f8:d0:eb:8d:eb:b6:40:4e:cd:
53:89:37:49:6a:65:6a:a7:2a:f1:96:72:63:91:5b:75:cc:38:
c8:f5:18:f8:67:2e:55:a7:cf:ce:27:b9:e9:21:5b:fe:55:e6:
42:15:70:d3:58:98:70:76:c1:27:cc:76:aa:be:ec:c0:f8:c1:
50:bc:24:5d:23:3a:39:ec:22:72:e1:de:ee:30:3b:c7:ca:4d:
f0:f1:0a:e5
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICV8UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUx
NDU0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMzQjFERDk5MzRBQTM4
ODA2QUJDOTY2NUE0RkJCNTNFQTUwN0IzMkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFPyjAkk+8N24rg42UKlXXj77oDVWA2KQ/UjEDsFu3JJjVYn7S
YzeSit4HELgeUV2uzdD3aMmJ/TbyxiZMCMBunUkUqZmZReFCkowihSpLMvx7s7Nt
t0hNsXSCmps86ob6GcXE02N8I5T7wE7U1a0uRjE64NqLQ9dNcD81467gNTj7bshj
1UuUJOYKbB5W+MAEbSRY2kO2KQvm2qL2wWafXFKg6uicPdQgAVOkorReyoD1FF2V
aWgedBXlbZGO6YXGmBjci42OLnBYGt+S/QJXPWFATH4QmQPpd2Vx5N5bh2hfeHpR
4rivUQfyTVdZtmvDDuBNvf/NLM+8IW4GbmB/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUM7HdmTSqOIBqvJZlpPu1PqUHsy8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L003SGRtVFNxT0lCcXZK
WmxwUHUxUHFVSHN5OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAC/xoGr32lGL674m
iTnmDHtfkoLORMQx1M9fdUy4OpbgoZ6ez2SHJa7Fg8zXDeGI/f1GFZ3ePavQ0KBj
xcZ9RGvzW0V7IZGynYQQuuhAlzXI0sUW5FhuhV+kksQPxohV1YtVDdmyVq0gmoTG
vTZYxF7b09DkOwVnjcfrxWXawQ9t6XeyZM/ob1yAhnpAWd7bSxYr8UnGVtlwNEpu
KSPdimp5KH8izVJ2PC7YiPjQ643rtkBOzVOJN0lqZWqnKvGWcmORW3XMOMj1GPhn
LlWnz84nuekhW/5V5kIVcNNYmHB2wSfMdqq+7MD4wVC8JF0jOjnsInLh3u4wO8fK
TfDxCuU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:35:10 2025 by rpki-client