Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ah5gqzQBQ8I7lQfxfMKBCAv7Pho.roa
File: ah5gqzQBQ8I7lQfxfMKBCAv7Pho.roa (raw, json)
Hash identifier: vMP8wo7wMye3XXDdU1BY4OUNgovhpoDfvEDEo2rfnZo=
Subject key identifier: 6A:1E:60:AB:34:01:43:C2:3B:95:07:F1:7C:C2:81:08:0B:FB:3E:1A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5761
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ah5gqzQBQ8I7lQfxfMKBCAv7Pho.roa
Signing time: Wed 15 May 2024 02:24:11 +0000
ROA not before: Wed 15 May 2024 02:24:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22369 (0x5761)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 02:24:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6A1E60AB340143C23B9507F17CC281080BFB3E1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:2f:31:c0:ea:1d:42:41:af:43:97:3f:06:aa:
eb:42:8f:95:d1:a4:38:31:1f:e8:37:3a:39:e8:55:
1c:cf:68:44:82:6f:92:78:80:f9:7d:73:f8:fc:5f:
d9:33:12:7e:60:ab:ae:41:c3:70:f4:a4:9c:54:9e:
8a:53:ec:a8:a9:4a:f0:0e:b2:19:d6:a2:71:70:2a:
1c:cc:23:e6:63:35:3c:76:fc:08:38:77:9d:98:cd:
a1:8b:66:34:fa:3e:2c:37:82:ea:bc:b7:f4:e2:2b:
7c:86:84:79:4a:e9:a0:43:85:8e:3d:b6:ae:78:4d:
1e:b0:5f:48:45:03:ec:d2:8d:a7:6e:90:e1:a9:78:
27:6b:ea:d6:fe:5a:b5:26:cc:28:13:b1:50:8f:b9:
3a:68:ea:b7:2e:eb:bb:44:7c:4e:0c:ac:92:c9:8a:
a5:9f:c0:f4:8d:86:c8:46:a8:7d:fc:68:f5:74:30:
dd:72:7f:5a:5f:09:ee:81:c2:2d:63:c4:7d:ad:4e:
01:f4:fa:1e:b9:46:1a:f2:8f:8f:83:0f:9d:ba:6e:
6a:16:bd:7e:d4:1b:22:e0:c8:6b:fc:96:0d:1f:ca:
1d:cb:1d:fd:6a:e0:8d:dd:48:3e:a4:b2:8c:ce:cf:
94:06:4c:e7:89:7e:7b:05:cc:68:a5:82:06:a6:97:
78:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:1E:60:AB:34:01:43:C2:3B:95:07:F1:7C:C2:81:08:0B:FB:3E:1A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ah5gqzQBQ8I7lQfxfMKBCAv7Pho.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
04:30:41:18:53:29:ed:7b:0a:a3:46:b6:fe:d5:a8:a9:72:bf:
e2:f6:76:9c:71:32:45:b4:33:07:17:d9:64:cc:25:52:c7:80:
06:73:ce:7f:c0:47:6f:f6:30:7f:42:19:95:19:54:8a:9d:4a:
10:b3:04:db:c4:de:c4:b2:83:c1:b5:7e:80:13:5b:a7:48:ae:
03:19:3d:ed:82:d7:e1:80:8c:e1:55:d7:dd:67:86:3a:95:62:
ec:5c:f2:27:b9:de:bb:2c:12:26:6f:c8:28:17:07:24:ff:47:
18:92:c4:86:6a:e2:1a:94:a6:60:a7:54:55:15:f2:be:57:ce:
c6:ab:81:77:76:67:4a:9d:09:b9:65:83:f6:d1:3d:f4:a1:07:
4b:e9:07:ef:1b:20:74:1d:d4:0d:e2:aa:8a:29:20:1d:61:01:
c2:a4:15:59:b9:3b:9f:16:ca:d4:a6:f0:c4:1c:93:58:3d:2d:
c5:9d:2a:78:36:44:a2:b6:5b:8b:82:13:c1:b8:4f:09:e5:76:
63:ee:b8:d2:99:4a:24:ae:dd:eb:4b:d7:a2:2d:a8:15:44:aa:
a2:da:6f:a1:ff:1b:44:fd:71:f1:be:e4:50:ad:c9:f2:27:ec:
1b:08:db:c8:1b:d9:3b:e6:9f:a4:bd:f8:68:cb:1f:94:73:00:
45:1e:1d:f8
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICV2EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUw
MjI0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZBMUU2MEFCMzQwMTQz
QzIzQjk1MDdGMTdDQzI4MTA4MEJGQjNFMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmLzHA6h1CQa9Dlz8GqutCj5XRpDgxH+g3OjnoVRzPaESCb5J4
gPl9c/j8X9kzEn5gq65Bw3D0pJxUnopT7KipSvAOshnWonFwKhzMI+ZjNTx2/Ag4
d52YzaGLZjT6Piw3guq8t/TiK3yGhHlK6aBDhY49tq54TR6wX0hFA+zSjadukOGp
eCdr6tb+WrUmzCgTsVCPuTpo6rcu67tEfE4MrJLJiqWfwPSNhshGqH38aPV0MN1y
f1pfCe6Bwi1jxH2tTgH0+h65Rhryj4+DD526bmoWvX7UGyLgyGv8lg0fyh3LHf1q
4I3dSD6ksozOz5QGTOeJfnsFzGilggaml3gBAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUah5gqzQBQ8I7lQfxfMKBCAv7PhowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FoNWdxelFCUThJN2xR
ZnhmTUtCQ0F2N1Boby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAQwQRhTKe17CqNG
tv7VqKlyv+L2dpxxMkW0MwcX2WTMJVLHgAZzzn/AR2/2MH9CGZUZVIqdShCzBNvE
3sSyg8G1foATW6dIrgMZPe2C1+GAjOFV191nhjqVYuxc8ie53rssEiZvyCgXByT/
RxiSxIZq4hqUpmCnVFUV8r5XzsargXd2Z0qdCbllg/bRPfShB0vpB+8bIHQd1A3i
qoopIB1hAcKkFVm5O58WytSm8MQck1g9LcWdKng2RKK2W4uCE8G4TwnldmPuuNKZ
SiSu3etL16ItqBVEqqLab6H/G0T9cfG+5FCtyfIn7BsI28gb2Tvmn6S9+GjLH5Rz
AEUeHfg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:36 2025 by rpki-client