Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TQrtVsgnYUlD5kCeL1St6-93Gw8.roa
File: TQrtVsgnYUlD5kCeL1St6-93Gw8.roa (raw, json)
Hash identifier: Y0qMWK+zlO7F+zOkSGsg4Ex/LRmjqvmPk8dcCddWx+U=
Subject key identifier: 4D:0A:ED:56:C8:27:61:49:43:E6:40:9E:2F:54:AD:EB:EF:77:1B:0F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 331D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TQrtVsgnYUlD5kCeL1St6-93Gw8.roa
Signing time: Wed 27 Mar 2024 17:52:02 +0000
ROA not before: Wed 27 Mar 2024 17:52:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13085 (0x331d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 17:52:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4D0AED56C827614943E6409E2F54ADEBEF771B0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:81:f6:f4:43:a2:6e:88:d2:ef:af:fc:e8:e9:
b3:55:40:93:79:f7:b5:fe:fb:d0:d9:db:28:37:f4:
55:82:5a:8f:6a:4d:1e:df:13:55:5d:e1:24:4a:9c:
54:70:38:0c:fe:47:fd:b7:56:17:2e:a8:59:d1:7c:
6d:40:76:eb:9e:02:93:1b:25:aa:18:a9:2f:e9:d2:
d1:02:c6:11:bc:43:f8:f1:04:f6:e7:d9:1f:92:7e:
d9:0f:a2:aa:f3:0b:62:05:bc:fd:ef:34:8b:2b:c9:
3f:87:8f:4c:b0:9b:e2:11:69:a3:51:6e:6e:ec:a1:
81:76:41:21:53:78:e9:ca:b3:84:7f:4d:5b:97:4d:
fd:39:a3:ed:d5:f3:bd:63:65:cd:fe:58:40:bb:67:
dc:66:3a:a6:3f:74:39:27:82:fe:31:4a:d3:f6:11:
d4:e6:20:11:c3:c4:4f:43:bb:be:3d:46:a6:7f:2c:
93:bc:fe:57:61:ff:6f:95:40:1a:8c:d7:a0:a9:d2:
47:eb:c6:88:e9:00:2d:4d:c4:32:d9:c7:33:c7:6d:
4d:e9:20:51:3c:cd:32:9f:da:33:15:5a:07:e8:1d:
f1:a3:d6:e7:30:42:2a:f0:92:24:16:b8:0c:55:07:
03:b4:4c:4d:3b:49:51:5c:4a:34:08:22:74:68:38:
6d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0A:ED:56:C8:27:61:49:43:E6:40:9E:2F:54:AD:EB:EF:77:1B:0F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TQrtVsgnYUlD5kCeL1St6-93Gw8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
0f:b7:82:59:dd:37:78:09:81:df:2b:12:7e:cc:98:94:43:9d:
3a:5b:41:23:91:35:82:70:3b:ce:ae:84:31:46:95:7e:c0:d0:
6c:dd:8d:fa:43:4e:12:be:ad:0f:33:4a:c3:6e:7f:06:95:74:
08:b8:d9:3e:8e:b9:2e:8a:31:10:9f:34:1e:9b:95:88:e7:a4:
67:28:05:ae:5f:ac:c6:70:83:c1:d5:59:ef:8e:11:90:33:b1:
76:da:f8:b0:de:5d:f9:46:22:1f:e4:9d:1c:67:ce:6a:db:45:
27:2f:0e:a8:c1:cd:74:76:b5:0b:1c:76:85:bf:ce:96:58:88:
95:4a:e5:0d:b6:a2:3a:37:eb:a8:b1:54:5d:f0:ca:62:78:03:
9c:84:97:1e:f6:60:b3:09:9a:b0:79:47:a8:aa:2f:0f:36:68:
17:25:92:be:12:2f:03:c6:50:bf:59:18:e2:e6:1e:1e:ed:2e:
42:8a:49:f1:97:57:95:75:03:b9:21:ec:93:5b:2d:9f:5a:48:
33:d4:fc:2a:59:5d:2a:ba:5e:c7:f0:b6:c0:84:14:5e:a5:b0:
83:e5:08:c9:48:08:66:54:b3:bc:90:d5:88:ba:4b:b5:a2:b8:
ec:22:68:a4:9c:62:10:ba:8f:53:4a:15:5b:03:be:be:ec:ff:
f5:04:5c:cc
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICMx0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcx
NzUyMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDREMEFFRDU2QzgyNzYx
NDk0M0U2NDA5RTJGNTRBREVCRUY3NzFCMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLgfb0Q6JuiNLvr/zo6bNVQJN597X++9DZ2yg39FWCWo9qTR7f
E1Vd4SRKnFRwOAz+R/23VhcuqFnRfG1AduueApMbJaoYqS/p0tECxhG8Q/jxBPbn
2R+SftkPoqrzC2IFvP3vNIsryT+Hj0ywm+IRaaNRbm7soYF2QSFTeOnKs4R/TVuX
Tf05o+3V871jZc3+WEC7Z9xmOqY/dDkngv4xStP2EdTmIBHDxE9Du749RqZ/LJO8
/ldh/2+VQBqM16Cp0kfrxojpAC1NxDLZxzPHbU3pIFE8zTKf2jMVWgfoHfGj1ucw
QirwkiQWuAxVBwO0TE07SVFcSjQIInRoOG17AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUTQrtVsgnYUlD5kCeL1St6+93Gw8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RRcnRWc2duWVVsRDVr
Q2VMMVN0Ni05M0d3OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAA+3glndN3gJgd8r
En7MmJRDnTpbQSORNYJwO86uhDFGlX7A0GzdjfpDThK+rQ8zSsNufwaVdAi42T6O
uS6KMRCfNB6blYjnpGcoBa5frMZwg8HVWe+OEZAzsXba+LDeXflGIh/knRxnzmrb
RScvDqjBzXR2tQscdoW/zpZYiJVK5Q22ojo366ixVF3wymJ4A5yElx72YLMJmrB5
R6iqLw82aBclkr4SLwPGUL9ZGOLmHh7tLkKKSfGXV5V1A7kh7JNbLZ9aSDPU/CpZ
XSq6XsfwtsCEFF6lsIPlCMlICGZUs7yQ1Yi6S7WiuOwiaKScYhC6j1NKFVsDvr7s
//UEXMw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:21:38 2025 by rpki-client