Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_J-GwC9luh9ydV1hXtNgMTRyD9c.roa
File: _J-GwC9luh9ydV1hXtNgMTRyD9c.roa (raw, json)
Hash identifier: AsGy1/ryHm85PcyzxmjzZtpXEG+CEQlydBvmHX2brUg=
Subject key identifier: FC:9F:86:C0:2F:65:BA:1F:72:75:5D:61:5E:D3:60:31:34:72:0F:D7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3521
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_J-GwC9luh9ydV1hXtNgMTRyD9c.roa
Signing time: Sat 30 Mar 2024 10:22:13 +0000
ROA not before: Sat 30 Mar 2024 10:22:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13601 (0x3521)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 10:22:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FC9F86C02F65BA1F72755D615ED3603134720FD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:da:70:e8:8b:73:69:78:fd:83:b1:ac:c6:0a:
fa:77:b1:4b:e2:c6:a9:87:ee:b8:22:ff:ed:10:bc:
05:ea:6f:19:12:36:b7:c7:8f:95:43:74:71:80:51:
69:6c:ce:f7:13:81:79:2a:34:dc:fa:48:e4:a5:f6:
88:1a:0b:4b:4a:45:36:b2:47:f9:dd:77:f4:ec:5e:
5c:f0:71:b6:1e:d6:29:da:64:70:5b:0b:82:e8:d3:
83:bd:55:5e:a8:f1:3e:45:08:12:81:2d:89:da:8c:
76:83:c8:9b:3d:08:22:f4:77:6e:a7:be:59:27:bd:
3e:8f:ee:0f:da:38:df:87:a3:4e:13:25:b4:fa:c3:
50:f2:00:ad:a9:a4:7a:d5:ad:4f:6a:50:d2:29:03:
81:f9:1f:37:79:89:21:62:26:f6:81:aa:60:df:ac:
01:95:6e:0e:4d:46:fb:e2:77:86:49:85:df:c6:ee:
ab:c3:2a:56:1a:3e:d5:4c:6a:3d:e9:a9:cb:cf:7f:
a0:99:de:76:a8:ac:6e:82:ad:fc:e4:a0:51:d4:40:
85:23:4a:47:b8:e5:75:80:6a:78:1b:c6:be:f3:06:
63:5f:ff:a5:a0:a5:b6:a7:00:13:b8:cb:45:b6:2a:
77:cc:17:db:8d:d5:75:f6:c2:bf:17:2e:4a:fe:14:
2a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:9F:86:C0:2F:65:BA:1F:72:75:5D:61:5E:D3:60:31:34:72:0F:D7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_J-GwC9luh9ydV1hXtNgMTRyD9c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9e:3e:58:fb:a0:d0:cd:c9:de:0c:bc:42:b5:b4:72:51:5d:ce:
98:c8:7d:e6:81:21:15:d3:b8:6e:e8:aa:88:c7:59:3d:10:bf:
36:e5:fb:86:45:a8:11:c0:20:ad:f9:65:e1:26:c7:7f:89:90:
bb:d1:1b:2c:ac:8c:bf:d1:15:44:73:01:df:28:2f:7b:64:37:
ab:2b:f6:b9:38:ee:6d:32:d4:5f:ad:0f:2f:de:30:05:1a:ff:
bb:87:bf:db:db:44:d5:3e:d3:de:9e:62:6a:4d:e1:77:04:83:
31:fc:53:99:5e:92:c3:b5:cc:bc:f9:dc:be:2b:ce:dd:a0:38:
05:02:b7:22:f6:b3:85:d4:a5:52:e2:1c:c1:7f:17:b6:d7:bf:
c1:58:2e:26:3b:75:0f:46:30:82:c9:59:14:2f:60:04:c9:3a:
f5:cb:86:9e:ab:8a:b9:5d:bd:de:8d:1a:bb:f2:c5:13:b3:b9:
00:d2:1c:02:65:b5:75:8b:74:a4:c6:7e:3e:49:7b:c3:3c:a9:
75:5f:66:33:92:24:e1:5e:bf:7d:61:58:7e:27:4a:22:f2:72:
a5:bf:32:a5:0e:98:a6:e6:13:a0:58:e8:fa:b4:0b:6b:51:25:
d6:1a:15:f9:1d:97:75:4f:60:93:88:ed:8a:d9:17:b2:70:bc:
83:d1:d0:87
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNSEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
MDIyMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZDOUY4NkMwMkY2NUJB
MUY3Mjc1NUQ2MTVFRDM2MDMxMzQ3MjBGRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCa2nDoi3NpeP2DsazGCvp3sUvixqmH7rgi/+0QvAXqbxkSNrfH
j5VDdHGAUWlszvcTgXkqNNz6SOSl9ogaC0tKRTayR/ndd/TsXlzwcbYe1inaZHBb
C4Lo04O9VV6o8T5FCBKBLYnajHaDyJs9CCL0d26nvlknvT6P7g/aON+Ho04TJbT6
w1DyAK2ppHrVrU9qUNIpA4H5Hzd5iSFiJvaBqmDfrAGVbg5NRvvid4ZJhd/G7qvD
KlYaPtVMaj3pqcvPf6CZ3naorG6CrfzkoFHUQIUjSke45XWAangbxr7zBmNf/6Wg
pbanABO4y0W2KnfMF9uN1XX2wr8XLkr+FCotAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU/J+GwC9luh9ydV1hXtNgMTRyD9cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19KLUd3QzlsdWg5eWRW
MWhYdE5nTVRSeUQ5Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJ4+WPug0M3J3gy8
QrW0clFdzpjIfeaBIRXTuG7oqojHWT0Qvzbl+4ZFqBHAIK35ZeEmx3+JkLvRGyys
jL/RFURzAd8oL3tkN6sr9rk47m0y1F+tDy/eMAUa/7uHv9vbRNU+096eYmpN4XcE
gzH8U5leksO1zLz53L4rzt2gOAUCtyL2s4XUpVLiHMF/F7bXv8FYLiY7dQ9GMILJ
WRQvYATJOvXLhp6rirldvd6NGrvyxROzuQDSHAJltXWLdKTGfj5Je8M8qXVfZjOS
JOFev31hWH4nSiLycqW/MqUOmKbmE6BY6Pq0C2tRJdYaFfkdl3VPYJOI7YrZF7Jw
vIPR0Ic=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:51 2025 by rpki-client