Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Qtsvfvg_saLf2EqgSRKb9aUZu7o.roa
File: Qtsvfvg_saLf2EqgSRKb9aUZu7o.roa (raw, json)
Hash identifier: xEfpuqkLWNCsG1M0/JdDY/hc3OhDl6Z1XrP0fY8TrOk=
Subject key identifier: 42:DB:2F:7E:F8:3F:B1:A2:DF:D8:4A:A0:49:12:9B:F5:A5:19:BB:BA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4CFD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Qtsvfvg_saLf2EqgSRKb9aUZu7o.roa
Signing time: Wed 01 May 2024 05:53:34 +0000
ROA not before: Wed 01 May 2024 05:53:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19709 (0x4cfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 05:53:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=42DB2F7EF83FB1A2DFD84AA049129BF5A519BBBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0d:71:ca:9d:b7:48:77:8f:78:a9:e8:5d:6d:
57:a1:96:27:d8:ad:eb:d0:df:0c:ff:85:53:62:6e:
86:c0:17:7d:1b:0e:c6:69:18:5d:8d:c8:b9:1e:b3:
b1:f8:39:7e:b1:c6:d6:9c:b8:12:13:9e:c5:f0:e9:
ef:fb:b3:55:e8:f8:c7:6c:70:87:2c:c1:12:8f:fe:
a5:69:16:0a:99:d3:6e:a0:99:c2:ba:d5:ec:91:3e:
87:9f:c0:f5:d8:a8:05:ac:bb:8d:f1:d3:73:4a:b6:
a3:0f:8d:98:1f:60:08:e1:1d:d2:7c:b2:31:9d:51:
0f:eb:bc:bb:28:04:89:48:f4:2b:af:67:7a:f1:29:
b7:43:f2:af:fa:19:c8:63:e2:86:42:66:29:0a:91:
d3:38:c8:d7:f9:2e:40:78:f4:ab:eb:8e:fc:c1:7c:
9d:41:a2:93:0b:44:7a:40:4a:7e:38:6d:1f:ee:11:
ba:e6:38:e1:62:18:52:de:88:e4:a2:81:fc:d1:01:
be:62:45:99:7d:67:20:87:ee:6c:8a:7f:88:40:8c:
ae:d2:3d:c4:38:32:1f:bb:fa:a4:1e:3e:6f:6b:bd:
e8:f9:1a:27:6c:47:8d:3c:9a:8d:58:95:3a:6a:8b:
f4:c1:47:24:c6:89:cc:dc:24:97:b7:ef:52:02:3b:
8d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:DB:2F:7E:F8:3F:B1:A2:DF:D8:4A:A0:49:12:9B:F5:A5:19:BB:BA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Qtsvfvg_saLf2EqgSRKb9aUZu7o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
59:f7:e9:a1:d9:86:0d:b6:97:38:17:ad:7b:23:6f:3c:86:96:
3c:6f:78:9f:ee:13:81:d1:bb:15:6d:27:d9:7a:00:a6:57:87:
a0:e8:8a:ff:75:2a:f2:c5:40:13:1b:ab:40:2b:f6:61:8b:7e:
bd:c2:15:ff:70:dc:47:ba:64:ac:2d:26:54:08:40:ba:47:0d:
20:be:df:f6:3a:0f:7d:d7:7e:9d:47:3e:11:bd:df:67:14:14:
df:57:68:92:3f:b6:47:41:b7:4a:ef:c0:7a:3b:ee:ff:36:6f:
94:5e:af:74:16:65:df:00:d1:fd:7b:db:84:62:dd:e6:88:fe:
cd:a2:02:73:75:08:de:76:48:10:44:04:47:c0:b1:e6:6e:af:
bf:ca:43:9e:52:7d:ac:fc:b2:12:0f:a9:3e:5b:e1:a8:47:ac:
3c:69:46:c1:f8:a1:9c:fc:30:f5:59:cb:fb:b8:6e:20:f2:67:
1f:4f:6e:82:f3:79:8b:36:70:69:f1:59:00:4a:71:66:78:6b:
1d:2f:13:c4:3a:5d:dc:8e:76:91:70:34:f5:34:53:5e:2c:82:
50:7e:4a:c1:51:0f:72:3f:1c:d8:9f:e8:6c:df:8f:a8:b4:c2:
d1:79:8a:4c:a4:0d:c7:98:5c:d3:34:70:80:53:07:fa:02:37:
3a:bc:3b:95
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTP0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEw
NTUzMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQyREIyRjdFRjgzRkIx
QTJERkQ4NEFBMDQ5MTI5QkY1QTUxOUJCQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSDXHKnbdId494qehdbVehlifYrevQ3wz/hVNibobAF30bDsZp
GF2NyLkes7H4OX6xxtacuBITnsXw6e/7s1Xo+MdscIcswRKP/qVpFgqZ026gmcK6
1eyRPoefwPXYqAWsu43x03NKtqMPjZgfYAjhHdJ8sjGdUQ/rvLsoBIlI9CuvZ3rx
KbdD8q/6Gchj4oZCZikKkdM4yNf5LkB49KvrjvzBfJ1BopMLRHpASn44bR/uEbrm
OOFiGFLeiOSigfzRAb5iRZl9ZyCH7myKf4hAjK7SPcQ4Mh+7+qQePm9rvej5Gids
R408mo1YlTpqi/TBRyTGiczcJJe371ICO40TAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUQtsvfvg/saLf2EqgSRKb9aUZu7owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1F0c3Zmdmdfc2FMZjJF
cWdTUktiOWFVWnU3by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFn36aHZhg22lzgX
rXsjbzyGljxveJ/uE4HRuxVtJ9l6AKZXh6Doiv91KvLFQBMbq0Ar9mGLfr3CFf9w
3Ee6ZKwtJlQIQLpHDSC+3/Y6D33Xfp1HPhG932cUFN9XaJI/tkdBt0rvwHo77v82
b5Rer3QWZd8A0f1724Ri3eaI/s2iAnN1CN52SBBEBEfAseZur7/KQ55Sfaz8shIP
qT5b4ahHrDxpRsH4oZz8MPVZy/u4biDyZx9PboLzeYs2cGnxWQBKcWZ4ax0vE8Q6
XdyOdpFwNPU0U14sglB+SsFRD3I/HNif6Gzfj6i0wtF5ikykDceYXNM0cIBTB/oC
Nzq8O5U=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:18 2025 by rpki-client