Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bBv2YrG8DAHnfkuzKQaxX8aKTjU.roa
File: bBv2YrG8DAHnfkuzKQaxX8aKTjU.roa (raw, json)
Hash identifier: aF794AXkwki5DjqrNAd1BL68N8lJJIBZDGoH3FVB1KE=
Subject key identifier: 6C:1B:F6:62:B1:BC:0C:01:E7:7E:4B:B3:29:06:B1:5F:C6:8A:4E:35
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3529
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bBv2YrG8DAHnfkuzKQaxX8aKTjU.roa
Signing time: Sat 30 Mar 2024 11:22:10 +0000
ROA not before: Sat 30 Mar 2024 11:22:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13609 (0x3529)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 11:22:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6C1BF662B1BC0C01E77E4BB32906B15FC68A4E35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7d:c0:39:be:a8:7e:27:1f:1b:ef:da:7c:6a:
cd:48:d7:84:6d:93:d5:83:a7:ab:bd:ee:44:d5:13:
67:80:36:1d:09:83:2c:4d:6e:b3:de:ab:e3:d7:41:
a5:d8:ec:f1:79:2d:ae:ce:14:f4:de:d5:38:cb:c8:
49:0b:9c:65:2c:a8:5c:79:37:bd:22:21:e2:15:9a:
36:59:8a:5e:52:cd:1e:32:c5:23:c9:44:a3:10:ca:
48:7f:c8:ac:00:b4:b9:41:b4:46:16:60:4e:bb:af:
4d:8a:e4:c2:49:38:db:02:95:d1:24:66:88:db:81:
88:18:15:95:b2:50:60:6d:df:6a:e0:97:1c:ad:10:
65:33:42:e9:36:7b:16:89:04:2f:98:56:b8:96:42:
15:81:30:9c:f0:86:4a:eb:07:ac:fa:2c:da:de:22:
63:79:52:1a:5b:10:86:49:1c:e8:43:0b:3b:18:bf:
69:13:81:56:d0:b1:4b:a8:f1:ae:86:cb:c1:05:88:
db:65:d7:8e:e4:ad:b1:8a:70:d1:2c:31:b8:d7:70:
4f:d5:a3:9f:ce:8b:e2:f7:6a:c8:f4:37:dc:73:79:
dc:77:a2:2a:93:c5:28:be:1a:c6:d8:db:f9:08:94:
8c:fe:5c:48:ea:31:90:ec:dd:09:65:ad:aa:a3:f8:
63:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:1B:F6:62:B1:BC:0C:01:E7:7E:4B:B3:29:06:B1:5F:C6:8A:4E:35
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bBv2YrG8DAHnfkuzKQaxX8aKTjU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
52:89:63:0e:d7:39:c6:f4:c1:82:03:69:35:5d:23:b2:45:40:
f7:f6:bb:29:87:52:50:80:92:1a:40:0d:b2:f0:a2:81:42:9a:
6e:96:be:1a:be:5c:83:10:08:6e:0f:0d:0f:52:d9:c2:06:28:
d0:3a:de:d0:53:07:e2:0c:4c:d3:ef:b4:37:ca:27:68:0b:76:
4a:8d:f3:b5:15:4b:06:8d:6c:ac:dd:e2:46:68:84:cf:5d:ab:
65:e1:e7:fc:28:b8:92:6e:47:ac:e9:bd:65:2e:06:8c:76:da:
8f:bf:fa:bb:59:d6:73:97:83:3f:0c:85:1b:ca:fd:78:f9:e1:
83:d8:b1:e4:ae:fe:8a:38:cf:58:e2:6b:d2:1f:51:d1:d5:5d:
74:e6:02:a8:27:46:7f:30:60:bb:19:eb:18:fc:a5:d3:3a:45:
0d:0a:9e:d5:d1:69:55:02:e9:cc:49:bc:b9:6f:81:71:ab:c1:
4e:a7:59:b7:7f:d4:5a:4a:c3:ef:63:4d:cf:d7:43:47:dd:2a:
63:9e:cb:b0:f3:7d:74:a8:2c:1e:7f:35:d8:8e:9d:eb:84:b2:
04:b9:03:f3:56:5c:09:ca:37:07:86:c2:b1:45:2b:77:fc:d1:
f0:20:ba:5d:05:50:21:a2:f3:a4:a8:7c:78:69:15:e0:39:97:
51:df:c8:8c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNSkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
MTIyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZDMUJGNjYyQjFCQzBD
MDFFNzdFNEJCMzI5MDZCMTVGQzY4QTRFMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWfcA5vqh+Jx8b79p8as1I14Rtk9WDp6u97kTVE2eANh0JgyxN
brPeq+PXQaXY7PF5La7OFPTe1TjLyEkLnGUsqFx5N70iIeIVmjZZil5SzR4yxSPJ
RKMQykh/yKwAtLlBtEYWYE67r02K5MJJONsCldEkZojbgYgYFZWyUGBt32rglxyt
EGUzQuk2exaJBC+YVriWQhWBMJzwhkrrB6z6LNreImN5UhpbEIZJHOhDCzsYv2kT
gVbQsUuo8a6Gy8EFiNtl147krbGKcNEsMbjXcE/Vo5/Oi+L3asj0N9xzedx3oiqT
xSi+GsbY2/kIlIz+XEjqMZDs3Qllraqj+GNHAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUbBv2YrG8DAHnfkuzKQaxX8aKTjUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JCdjJZckc4REFIbmZr
dXpLUWF4WDhhS1RqVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFKJYw7XOcb0wYID
aTVdI7JFQPf2uymHUlCAkhpADbLwooFCmm6Wvhq+XIMQCG4PDQ9S2cIGKNA63tBT
B+IMTNPvtDfKJ2gLdkqN87UVSwaNbKzd4kZohM9dq2Xh5/wouJJuR6zpvWUuBox2
2o+/+rtZ1nOXgz8MhRvK/Xj54YPYseSu/oo4z1jia9IfUdHVXXTmAqgnRn8wYLsZ
6xj8pdM6RQ0KntXRaVUC6cxJvLlvgXGrwU6nWbd/1FpKw+9jTc/XQ0fdKmOey7Dz
fXSoLB5/NdiOneuEsgS5A/NWXAnKNweGwrFFK3f80fAgul0FUCGi86SofHhpFeA5
l1HfyIw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:42 2025 by rpki-client