Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ccqSeizxTYuT-_dvkU1LD8XKjOs.roa
File: ccqSeizxTYuT-_dvkU1LD8XKjOs.roa (raw, json)
Hash identifier: s/O4nvPfnS8Dinbvvs00mosMUCZK6qmrr2YlG0A7BJg=
Subject key identifier: 71:CA:92:7A:2C:F1:4D:8B:93:FB:F7:6F:91:4D:4B:0F:C5:CA:8C:EB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E11
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ccqSeizxTYuT-_dvkU1LD8XKjOs.roa
Signing time: Thu 11 Apr 2024 08:22:46 +0000
ROA not before: Thu 11 Apr 2024 08:22:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15889 (0x3e11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 08:22:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=71CA927A2CF14D8B93FBF76F914D4B0FC5CA8CEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:80:a3:2d:13:9e:2e:f5:18:a6:fe:81:9c:0a:
4d:be:d5:77:f7:97:d9:2e:8b:b7:56:d5:7d:d1:59:
a8:43:01:66:49:ac:c2:e6:a4:9e:2c:a1:a1:60:3a:
b2:e2:e3:2e:f6:aa:d8:42:a6:c8:42:09:cf:09:68:
38:8c:5b:55:98:0f:1c:9f:53:38:eb:ba:7f:ff:7a:
b3:2d:c7:19:08:32:5c:dc:45:4a:35:12:6a:16:56:
7c:d4:ba:2f:33:ef:9b:03:cd:90:9b:93:5f:c8:ce:
db:66:57:25:cc:ca:c6:32:d9:6f:1f:0c:4a:61:8c:
61:7f:9e:39:c4:ea:42:a6:5a:9b:e5:cb:bd:f9:ae:
bd:35:13:26:4e:88:cf:53:07:a9:1e:fd:f6:a0:08:
e9:53:54:5a:aa:1c:17:ce:f9:60:b4:66:47:25:e0:
c0:05:77:2e:01:3d:42:c6:83:2e:7b:95:ea:ef:b4:
5b:c1:62:11:34:77:a4:f2:17:e9:4a:e6:76:d0:34:
a8:95:f0:ce:ff:c5:39:1d:9c:51:f6:de:f1:1f:3e:
7c:53:b4:ba:9e:d0:95:0d:23:43:5c:27:e2:98:ce:
fc:3c:94:4c:32:82:39:47:1b:38:38:aa:9f:3a:07:
d1:8c:3c:95:ac:ac:55:85:04:1e:0d:fb:41:6b:24:
55:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:CA:92:7A:2C:F1:4D:8B:93:FB:F7:6F:91:4D:4B:0F:C5:CA:8C:EB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ccqSeizxTYuT-_dvkU1LD8XKjOs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a5:cb:2c:17:68:41:8a:d9:cf:6b:d5:bc:30:23:07:19:b1:d1:
7e:fb:88:4d:2a:96:70:a8:5d:bb:57:1e:10:2a:32:d9:be:cb:
30:9b:74:0f:4b:45:8c:52:21:9e:44:c6:9f:85:f6:4a:a3:dd:
04:9a:1a:75:ab:f7:a5:6d:09:38:03:41:81:67:b0:6e:f3:f1:
44:dc:08:2e:f8:52:c6:5c:14:ca:59:2c:8c:a3:de:5c:9b:60:
45:c3:f8:bc:ad:6f:be:b7:e0:1a:ab:98:1d:f0:d8:9a:fa:34:
2e:a1:49:02:c5:ec:dd:1e:db:e7:2d:bb:24:e6:d7:cb:02:2a:
58:27:5f:5d:0a:9c:6e:fe:34:c0:9a:5b:8a:7c:50:c7:09:24:
76:ca:1e:c4:3c:ab:5f:cb:3d:1f:86:a3:e5:92:80:74:12:8b:
76:80:12:76:c4:3c:1d:69:4e:f3:ff:e2:7e:ff:0e:ab:08:59:
04:d8:4a:26:51:76:96:a0:72:87:93:9b:6f:77:56:ec:80:a6:
60:40:5c:84:35:3a:08:20:39:f9:9f:1c:0d:ab:9e:2f:14:b6:
1b:e0:aa:57:00:8d:66:6d:4e:0a:cf:36:1a:b4:5a:89:5b:ef:
2a:54:bf:83:b5:24:37:98:07:9e:49:99:1a:8c:24:16:6b:12:
b6:58:78:f7
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPhEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
ODIyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcxQ0E5MjdBMkNGMTRE
OEI5M0ZCRjc2RjkxNEQ0QjBGQzVDQThDRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCQgKMtE54u9Rim/oGcCk2+1Xf3l9kui7dW1X3RWahDAWZJrMLm
pJ4soaFgOrLi4y72qthCpshCCc8JaDiMW1WYDxyfUzjrun//erMtxxkIMlzcRUo1
EmoWVnzUui8z75sDzZCbk1/IzttmVyXMysYy2W8fDEphjGF/njnE6kKmWpvly735
rr01EyZOiM9TB6ke/fagCOlTVFqqHBfO+WC0Zkcl4MAFdy4BPULGgy57lervtFvB
YhE0d6TyF+lK5nbQNKiV8M7/xTkdnFH23vEfPnxTtLqe0JUNI0NcJ+KYzvw8lEwy
gjlHGzg4qp86B9GMPJWsrFWFBB4N+0FrJFUbAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUccqSeizxTYuT+/dvkU1LD8XKjOswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NjcVNlaXp4VFl1VC1f
ZHZrVTFMRDhYS2pPcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKXLLBdoQYrZz2vV
vDAjBxmx0X77iE0qlnCoXbtXHhAqMtm+yzCbdA9LRYxSIZ5Exp+F9kqj3QSaGnWr
96VtCTgDQYFnsG7z8UTcCC74UsZcFMpZLIyj3lybYEXD+Lytb7634BqrmB3w2Jr6
NC6hSQLF7N0e2+ctuyTm18sCKlgnX10KnG7+NMCaW4p8UMcJJHbKHsQ8q1/LPR+G
o+WSgHQSi3aAEnbEPB1pTvP/4n7/DqsIWQTYSiZRdpagcoeTm293VuyApmBAXIQ1
OgggOfmfHA2rni8UthvgqlcAjWZtTgrPNhq0Wolb7ypUv4O1JDeYB55JmRqMJBZr
ErZYePc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:19 2025 by rpki-client