Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QYRW8d-iI4xyjOosGV_6M1A4Rpc.roa
File: QYRW8d-iI4xyjOosGV_6M1A4Rpc.roa (raw, json)
Hash identifier: sJ0mbOEZxhOBMP7Y7fd/j92PAHmBjkNckCYKOm4GjAE=
Subject key identifier: 41:84:56:F1:DF:A2:23:8C:72:8C:EA:2C:19:5F:FA:33:50:38:46:97
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3801
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QYRW8d-iI4xyjOosGV_6M1A4Rpc.roa
Signing time: Wed 03 Apr 2024 06:22:17 +0000
ROA not before: Wed 03 Apr 2024 06:22:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14337 (0x3801)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 06:22:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=418456F1DFA2238C728CEA2C195FFA3350384697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7b:46:26:3b:e8:c1:ba:0b:e2:0f:5d:92:0d:
e9:9a:ca:81:3d:84:9b:4f:ba:90:02:0a:97:0c:44:
71:51:6e:d2:98:cc:c0:8d:7f:02:64:9b:46:61:6c:
df:c3:88:53:79:da:33:3a:15:21:09:39:15:85:00:
20:16:d2:16:ca:d4:f3:ef:dd:f0:c1:e8:48:01:58:
40:04:b2:5f:22:4f:91:38:9b:29:2b:ee:9c:5f:99:
45:fa:7f:a6:60:3b:0d:5c:4f:5a:0b:88:e3:bd:68:
e7:6f:1b:0c:65:7a:cd:1c:0a:15:72:16:e8:38:d4:
ab:6d:a1:c2:7b:dc:34:ac:c6:2f:8f:e2:f2:3c:6f:
d3:88:56:12:8c:b6:5f:19:27:69:67:28:69:fc:d8:
59:d9:3e:ab:bf:63:c7:35:46:a9:05:7d:65:35:fb:
06:4d:c0:be:8f:ab:5d:ee:6d:63:9f:09:bc:57:31:
bc:38:9a:c5:78:3d:46:e5:0b:03:be:4a:13:ff:7c:
62:f1:e2:b4:0a:f2:d6:1a:08:d7:7b:6a:c6:5b:a2:
e9:22:7e:e1:01:1a:6c:fe:5c:b6:93:f4:28:81:92:
b9:43:af:06:60:42:f1:89:e6:cf:66:90:06:34:f8:
bf:2d:71:b7:a5:9b:eb:4c:55:3e:e0:d6:dc:d7:f9:
e5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:84:56:F1:DF:A2:23:8C:72:8C:EA:2C:19:5F:FA:33:50:38:46:97
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QYRW8d-iI4xyjOosGV_6M1A4Rpc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
24:7a:7b:3c:48:64:cf:38:6d:15:e8:a7:04:bb:3d:de:63:48:
0b:09:c3:a7:94:7d:2f:53:5c:a3:60:41:ad:d1:a3:bd:45:72:
14:b3:85:e0:c2:ea:cb:52:7f:b2:60:68:cf:b0:60:ee:d0:1e:
5c:d0:83:cd:46:6a:2a:34:0d:e4:db:8d:8f:52:6f:0e:9a:22:
1d:e2:7c:7f:2f:f0:02:07:f1:c9:cd:05:72:65:7c:d9:a0:5b:
05:a8:5b:23:2a:8c:8f:99:23:7f:f4:bc:24:2d:c3:9f:0a:42:
c0:34:89:bb:88:82:95:7a:9f:ef:4a:6a:c9:23:7d:f9:fa:ea:
fe:12:3b:18:fd:e8:09:7c:4e:f4:ab:fe:52:7f:9a:66:f5:5d:
1b:53:33:70:f3:6b:b7:75:52:57:57:06:74:9c:ce:13:0c:67:
b3:e2:ea:d8:3c:bb:02:4c:29:e6:19:25:fa:e8:cb:91:3d:42:
60:c5:88:dc:4f:15:8a:b6:08:d1:d0:41:99:a1:a9:48:57:2d:
95:14:a2:5c:43:10:1c:e9:30:a1:dd:00:34:38:5b:cc:3e:de:
39:52:3e:4a:0f:1e:75:0b:82:2a:89:41:da:ba:f2:fd:38:e8:
d6:dc:85:25:f3:85:e4:e9:2f:27:56:2e:0d:a9:11:7c:46:39:
ff:c4:4e:d1
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOAEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMw
NjIyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQxODQ1NkYxREZBMjIz
OEM3MjhDRUEyQzE5NUZGQTMzNTAzODQ2OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXe0YmO+jBugviD12SDemayoE9hJtPupACCpcMRHFRbtKYzMCN
fwJkm0ZhbN/DiFN52jM6FSEJORWFACAW0hbK1PPv3fDB6EgBWEAEsl8iT5E4mykr
7pxfmUX6f6ZgOw1cT1oLiOO9aOdvGwxles0cChVyFug41KttocJ73DSsxi+P4vI8
b9OIVhKMtl8ZJ2lnKGn82FnZPqu/Y8c1RqkFfWU1+wZNwL6Pq13ubWOfCbxXMbw4
msV4PUblCwO+ShP/fGLx4rQK8tYaCNd7asZboukifuEBGmz+XLaT9CiBkrlDrwZg
QvGJ5s9mkAY0+L8tcbelm+tMVT7g1tzX+eXDAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUQYRW8d+iI4xyjOosGV/6M1A4RpcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FZUlc4ZC1pSTR4eWpP
b3NHVl82TTFBNFJwYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACR6ezxIZM84bRXo
pwS7Pd5jSAsJw6eUfS9TXKNgQa3Ro71FchSzheDC6stSf7JgaM+wYO7QHlzQg81G
aio0DeTbjY9Sbw6aIh3ifH8v8AIH8cnNBXJlfNmgWwWoWyMqjI+ZI3/0vCQtw58K
QsA0ibuIgpV6n+9Kaskjffn66v4SOxj96Al8TvSr/lJ/mmb1XRtTM3Dza7d1UldX
BnSczhMMZ7Pi6tg8uwJMKeYZJfroy5E9QmDFiNxPFYq2CNHQQZmhqUhXLZUUolxD
EBzpMKHdADQ4W8w+3jlSPkoPHnULgiqJQdq68v046NbchSXzheTpLydWLg2pEXxG
Of/ETtE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:46 2025 by rpki-client