Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_nGR27rTJTjsg3Bl5aN0jOPiQh0.roa
File: _nGR27rTJTjsg3Bl5aN0jOPiQh0.roa (raw, json)
Hash identifier: GbgSj0dl+5mwNsIHRz217ONUXAKQS1G6AW7XZOmLAcM=
Subject key identifier: FE:71:91:DB:BA:D3:25:38:EC:83:70:65:E5:A3:74:8C:E3:E2:42:1D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D29
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_nGR27rTJTjsg3Bl5aN0jOPiQh0.roa
Signing time: Wed 01 May 2024 11:23:37 +0000
ROA not before: Wed 01 May 2024 11:23:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19753 (0x4d29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 11:23:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FE7191DBBAD32538EC837065E5A3748CE3E2421D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:08:fc:18:96:b9:a1:02:b4:2e:31:71:7b:f6:
2b:38:5b:43:bc:df:f5:26:59:92:54:e7:3a:82:99:
6f:12:d0:05:08:78:ee:c7:b3:48:96:1e:aa:a8:4a:
a3:b8:49:57:ae:d1:26:16:20:db:fd:f9:cd:1a:46:
0b:8e:5b:d6:96:c7:ad:74:10:6f:15:f1:d5:38:72:
35:22:f2:4e:9a:cd:96:b1:de:db:fd:28:ba:93:16:
68:b9:71:ad:c9:06:59:4c:f8:dd:a7:de:24:77:b0:
4f:e3:84:b0:d6:b5:5d:27:a5:05:03:4b:1f:9b:a2:
b0:d4:a4:0a:17:0d:d0:8e:21:02:3a:2a:f7:90:a1:
ce:8e:be:d0:75:28:80:46:2c:50:69:60:41:4c:76:
01:21:8d:cc:f0:12:39:0a:35:cf:07:cb:d4:08:77:
8a:c0:aa:fd:c1:47:74:f6:89:e5:7c:d4:ca:1d:b3:
55:cb:4a:92:5c:78:e2:7d:16:03:e3:b3:f4:4c:84:
bd:dc:31:16:65:96:1e:0e:bf:cf:1d:79:13:d6:2d:
7b:69:84:03:3f:85:78:5f:b1:4e:c7:c1:f5:96:e3:
5e:a4:a6:01:29:59:d9:7d:4a:79:7a:ff:a1:29:2d:
42:c5:c1:82:3d:13:d7:d5:1e:af:a8:90:ae:8d:fc:
98:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:71:91:DB:BA:D3:25:38:EC:83:70:65:E5:A3:74:8C:E3:E2:42:1D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_nGR27rTJTjsg3Bl5aN0jOPiQh0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
47:d2:95:b0:97:46:08:0f:e0:64:40:ce:ed:cd:3f:9d:2a:1c:
40:ee:b9:88:09:5a:1b:24:c7:5f:08:ff:84:fb:e2:e5:55:5d:
1c:5e:6b:89:88:0a:e1:1d:e9:52:e8:d9:0f:a0:d5:df:f7:09:
f9:02:9d:e5:89:9f:63:59:5f:b0:c7:ee:09:3a:f1:ff:cb:dc:
d2:b4:aa:5c:46:81:80:4a:57:92:29:99:18:71:a8:a4:bc:17:
c2:f2:f7:2c:65:53:99:d9:c2:ae:69:e9:31:e7:02:2b:f5:35:
c8:42:f7:0f:fe:2d:17:bf:8b:ac:0c:5e:28:04:14:72:86:bf:
25:8c:8f:23:75:95:a3:97:e3:7a:a9:d7:68:5c:46:15:4f:53:
be:35:c7:04:5d:e6:7c:56:12:35:27:bc:ef:19:2e:aa:59:0e:
44:b0:f7:27:0f:d5:6d:9a:bf:7c:98:a1:aa:44:fe:75:08:de:
99:9c:49:20:4f:ff:b1:db:a0:bb:4a:48:1a:c8:aa:d7:f1:dc:
76:20:62:10:32:7f:da:3e:f4:b9:51:cf:73:5f:51:03:3e:0b:
3c:5b:59:38:bd:06:f5:34:01:61:a0:83:ed:20:b3:0a:66:dd:
a3:68:72:60:8b:08:cf:a0:94:71:c6:86:03:9f:6a:41:8d:e4:
70:8d:2b:eb
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTSkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEx
MTIzMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZFNzE5MURCQkFEMzI1
MzhFQzgzNzA2NUU1QTM3NDhDRTNFMjQyMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGCPwYlrmhArQuMXF79is4W0O83/UmWZJU5zqCmW8S0AUIeO7H
s0iWHqqoSqO4SVeu0SYWINv9+c0aRguOW9aWx610EG8V8dU4cjUi8k6azZax3tv9
KLqTFmi5ca3JBllM+N2n3iR3sE/jhLDWtV0npQUDSx+borDUpAoXDdCOIQI6KveQ
oc6OvtB1KIBGLFBpYEFMdgEhjczwEjkKNc8Hy9QId4rAqv3BR3T2ieV81Mods1XL
SpJceOJ9FgPjs/RMhL3cMRZllh4Ov88deRPWLXtphAM/hXhfsU7HwfWW416kpgEp
Wdl9Snl6/6EpLULFwYI9E9fVHq+okK6N/JiZAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU/nGR27rTJTjsg3Bl5aN0jOPiQh0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19uR1IyN3JUSlRqc2cz
Qmw1YU4wak9QaVFoMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEfSlbCXRggP4GRA
zu3NP50qHEDuuYgJWhskx18I/4T74uVVXRxea4mICuEd6VLo2Q+g1d/3CfkCneWJ
n2NZX7DH7gk68f/L3NK0qlxGgYBKV5IpmRhxqKS8F8Ly9yxlU5nZwq5p6THnAiv1
NchC9w/+LRe/i6wMXigEFHKGvyWMjyN1laOX43qp12hcRhVPU741xwRd5nxWEjUn
vO8ZLqpZDkSw9ycP1W2av3yYoapE/nUI3pmcSSBP/7HboLtKSBrIqtfx3HYgYhAy
f9o+9LlRz3NfUQM+CzxbWTi9BvU0AWGgg+0gswpm3aNocmCLCM+glHHGhgOfakGN
5HCNK+s=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:45:44 2025 by rpki-client