Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VlgtPXhcwVsXZWCzE5DxyIU4HJ4.roa
File: VlgtPXhcwVsXZWCzE5DxyIU4HJ4.roa (raw, json)
Hash identifier: Ty7ZQ9dVwXA1O/BBkjfwD3S75YFet7cq0/GJX436trE=
Subject key identifier: 56:58:2D:3D:78:5C:C1:5B:17:65:60:B3:13:90:F1:C8:85:38:1C:9E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 520D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VlgtPXhcwVsXZWCzE5DxyIU4HJ4.roa
Signing time: Tue 07 May 2024 23:54:01 +0000
ROA not before: Tue 07 May 2024 23:54:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21005 (0x520d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 23:54:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=56582D3D785CC15B176560B31390F1C885381C9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:af:14:44:d3:11:5e:ce:fa:9e:89:59:56:02:
f0:76:66:d6:a7:21:3c:9c:29:12:d1:56:b3:54:c3:
2b:e2:6a:a8:38:91:d6:18:18:8b:e1:d2:5a:4c:a8:
9c:62:9f:57:6e:85:2c:07:16:bd:29:7c:81:cc:26:
4c:d0:a4:a4:2a:fe:12:9c:ef:d0:82:fa:26:73:8f:
eb:95:42:b1:54:17:20:4b:32:cf:11:c6:85:74:cc:
e4:7a:bf:0a:99:a2:8f:2f:b8:f3:1c:b2:35:aa:a9:
44:8a:be:27:07:83:77:9f:07:a2:86:2f:b4:a4:f4:
11:1c:1c:f2:f2:43:5d:79:11:38:40:ba:be:6a:ea:
02:e3:3f:5d:20:88:90:ea:7f:bb:38:ba:31:24:c8:
b6:c5:e7:fe:8f:c7:8c:e2:2c:60:67:5d:77:81:b6:
3c:19:ce:46:f2:e3:ea:d6:96:6d:c2:15:0a:f2:52:
70:10:c2:c5:55:4a:dd:13:e6:13:80:ee:5e:01:ad:
7a:ad:18:b4:85:71:98:7f:96:81:c3:91:d6:13:ad:
0c:37:86:cc:80:40:85:83:df:da:28:85:32:55:80:
32:82:c2:78:93:c2:66:a6:60:13:7f:8d:f4:ba:aa:
be:4f:d6:39:f7:cd:f0:29:e6:1b:81:e0:5e:c3:c2:
ce:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:58:2D:3D:78:5C:C1:5B:17:65:60:B3:13:90:F1:C8:85:38:1C:9E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VlgtPXhcwVsXZWCzE5DxyIU4HJ4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
87:7e:cb:7c:19:a9:d7:a9:79:c1:29:da:7a:8a:e6:8e:25:14:
eb:dc:f7:46:21:c7:d8:a3:b6:c4:ec:13:37:67:82:fb:9c:ef:
ca:db:8c:76:e0:6b:39:bf:0b:10:17:a5:13:68:71:51:4b:7d:
ad:39:f2:d7:0a:aa:56:0a:c2:7f:7f:5d:4e:a9:08:0d:e1:a0:
e6:91:cd:29:1c:cd:e2:74:79:28:9f:b5:f1:5b:0a:db:79:fd:
0c:38:d1:d2:70:65:ee:1c:19:c3:fa:80:2c:2e:f0:d2:fe:0a:
b8:86:46:05:43:0b:46:ee:b7:33:76:a3:b7:d7:68:07:b9:3b:
a0:34:8c:8b:f8:49:bf:d8:42:b8:43:42:56:f2:ca:c8:71:5d:
eb:7b:52:ea:f1:7c:0d:63:e6:e3:b8:fc:a5:c2:9b:7a:d8:77:
88:4d:08:1d:ef:0e:f4:9b:66:2e:40:f5:3b:c7:ee:ca:a1:90:
9e:4e:54:2e:09:68:32:04:d3:32:10:d2:8f:73:a2:cf:ed:f8:
48:75:bf:97:26:66:69:45:3d:d6:b9:3b:e2:17:65:35:25:96:
db:23:1f:a6:6c:21:78:39:bf:7b:69:bd:8a:80:e3:01:cc:55:
90:bc:19:d8:11:b5:d3:a6:e2:47:5b:fc:6f:1a:9d:68:21:c4:
11:d5:9d:df
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUg0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcy
MzU0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU2NTgyRDNENzg1Q0Mx
NUIxNzY1NjBCMzEzOTBGMUM4ODUzODFDOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvrxRE0xFezvqeiVlWAvB2ZtanITycKRLRVrNUwyviaqg4kdYY
GIvh0lpMqJxin1duhSwHFr0pfIHMJkzQpKQq/hKc79CC+iZzj+uVQrFUFyBLMs8R
xoV0zOR6vwqZoo8vuPMcsjWqqUSKvicHg3efB6KGL7Sk9BEcHPLyQ115EThAur5q
6gLjP10giJDqf7s4ujEkyLbF5/6Px4ziLGBnXXeBtjwZzkby4+rWlm3CFQryUnAQ
wsVVSt0T5hOA7l4BrXqtGLSFcZh/loHDkdYTrQw3hsyAQIWD39oohTJVgDKCwniT
wmamYBN/jfS6qr5P1jn3zfAp5huB4F7Dws7tAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUVlgtPXhcwVsXZWCzE5DxyIU4HJ4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZsZ3RQWGhjd1ZzWFpX
Q3pFNUR4eUlVNEhKNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAId+y3wZqdepecEp
2nqK5o4lFOvc90Yhx9ijtsTsEzdngvuc78rbjHbgazm/CxAXpRNocVFLfa058tcK
qlYKwn9/XU6pCA3hoOaRzSkczeJ0eSiftfFbCtt5/Qw40dJwZe4cGcP6gCwu8NL+
CriGRgVDC0butzN2o7fXaAe5O6A0jIv4Sb/YQrhDQlbyyshxXet7UurxfA1j5uO4
/KXCm3rYd4hNCB3vDvSbZi5A9TvH7sqhkJ5OVC4JaDIE0zIQ0o9zos/t+Eh1v5cm
ZmlFPda5O+IXZTUlltsjH6ZsIXg5v3tpvYqA4wHMVZC8GdgRtdOm4kdb/G8anWgh
xBHVnd8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:45 2025 by rpki-client