Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dXxsoE7QZ3huZ_1B7YmcJx7nim0.roa
File: dXxsoE7QZ3huZ_1B7YmcJx7nim0.roa (raw, json)
Hash identifier: n48+wYpzn//k4nv+KMN09SRPZhjGiBy09xNqAJdEndw=
Subject key identifier: 75:7C:6C:A0:4E:D0:67:78:6E:67:FD:41:ED:89:9C:27:1E:E7:8A:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4915
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dXxsoE7QZ3huZ_1B7YmcJx7nim0.roa
Signing time: Fri 26 Apr 2024 00:53:19 +0000
ROA not before: Fri 26 Apr 2024 00:53:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18709 (0x4915)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 26 00:53:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=757C6CA04ED067786E67FD41ED899C271EE78A6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ab:04:20:c4:30:f9:2f:c3:3d:51:0e:18:12:
fa:92:91:4f:25:da:4e:ee:5a:d7:4d:5e:7c:e5:40:
17:37:16:e3:df:09:7a:fa:9a:f7:78:af:80:33:54:
ea:1d:f9:4c:3d:b9:7e:bb:ea:a3:46:0b:38:3a:b9:
fc:22:14:e7:b5:7d:ca:79:25:5e:7f:19:fd:26:30:
05:7e:72:80:a7:70:83:bf:17:5b:09:79:68:96:dc:
5b:0f:d9:b1:85:e6:83:00:9b:2e:5b:11:85:8a:97:
2d:ea:3c:a1:8d:e5:77:50:f3:06:72:2c:84:df:f1:
ba:52:6a:6b:9a:93:de:a8:1c:14:80:cc:57:da:f7:
5b:77:e0:07:d3:ee:5e:ec:18:2b:97:32:76:09:3c:
8a:af:c4:02:b2:4d:2a:cc:a2:2c:fb:00:6d:2b:77:
8d:a3:b1:77:e2:6a:15:f8:be:98:5c:92:c0:8c:c3:
23:6d:2e:c3:2a:37:6f:5d:32:99:ba:75:2b:a5:7e:
5f:e0:46:f8:89:2c:04:39:f7:92:0f:42:19:5f:17:
74:fe:d6:cd:fc:f7:0c:94:15:d1:1b:bf:02:44:51:
f2:4c:5d:ae:54:bc:b6:06:4c:f5:ea:e5:ec:01:ac:
70:37:73:aa:51:c1:a8:19:1b:86:b6:c5:ae:5b:fc:
cf:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:7C:6C:A0:4E:D0:67:78:6E:67:FD:41:ED:89:9C:27:1E:E7:8A:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dXxsoE7QZ3huZ_1B7YmcJx7nim0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5d:90:5a:6b:d5:f9:a0:3b:ad:a2:a3:80:f8:9b:55:d7:4e:cc:
94:b6:57:15:3c:51:36:22:55:f6:72:3f:bb:78:19:f8:84:27:
ec:5b:fd:95:86:32:67:6a:d8:7c:6c:0e:2d:ad:87:b0:64:26:
6b:42:c0:0d:04:4c:69:94:40:0a:55:57:46:30:d7:0d:04:16:
9f:3d:81:6c:45:70:79:93:05:5a:7c:df:9b:b4:06:45:02:2f:
95:9d:89:b1:1e:ff:5c:8a:f9:52:ca:86:d6:cc:ed:94:a4:5a:
c2:bd:d4:7c:2a:9a:6c:9d:47:8a:ee:bc:e5:d1:62:d7:85:6e:
1e:fb:b0:80:cd:ec:50:42:a3:c4:17:df:8f:00:5d:82:7d:92:
3f:6b:f3:71:4d:74:b4:fc:0b:42:76:72:9f:f7:00:d1:93:00:
fc:0c:e2:b5:a8:87:a3:34:05:61:6e:5d:29:20:2d:34:3a:82:
93:55:f9:9a:ae:79:86:cb:59:dc:1f:ed:e8:91:22:32:10:04:
8a:e2:11:7a:66:3d:b5:3b:4d:3b:55:c8:f6:60:5e:e3:ff:e7:
29:c1:1a:90:85:ea:c8:7b:34:a4:93:1c:a5:48:8e:65:65:dd:
9c:0b:4b:49:d7:41:ca:86:11:a2:76:fd:ec:80:89:05:2d:05:
05:7b:5a:32
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSRUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjYw
MDUzMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc1N0M2Q0EwNEVEMDY3
Nzg2RTY3RkQ0MUVEODk5QzI3MUVFNzhBNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPqwQgxDD5L8M9UQ4YEvqSkU8l2k7uWtdNXnzlQBc3FuPfCXr6
mvd4r4AzVOod+Uw9uX676qNGCzg6ufwiFOe1fcp5JV5/Gf0mMAV+coCncIO/F1sJ
eWiW3FsP2bGF5oMAmy5bEYWKly3qPKGN5XdQ8wZyLITf8bpSamuak96oHBSAzFfa
91t34AfT7l7sGCuXMnYJPIqvxAKyTSrMoiz7AG0rd42jsXfiahX4vphcksCMwyNt
LsMqN29dMpm6dSulfl/gRviJLAQ595IPQhlfF3T+1s389wyUFdEbvwJEUfJMXa5U
vLYGTPXq5ewBrHA3c6pRwagZG4a2xa5b/M8ZAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUdXxsoE7QZ3huZ/1B7YmcJx7nim0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RYeHNvRTdRWjNodVpf
MUI3WW1jSng3bmltMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAF2QWmvV+aA7raKj
gPibVddOzJS2VxU8UTYiVfZyP7t4GfiEJ+xb/ZWGMmdq2HxsDi2th7BkJmtCwA0E
TGmUQApVV0Yw1w0EFp89gWxFcHmTBVp835u0BkUCL5WdibEe/1yK+VLKhtbM7ZSk
WsK91HwqmmydR4ruvOXRYteFbh77sIDN7FBCo8QX348AXYJ9kj9r83FNdLT8C0J2
cp/3ANGTAPwM4rWoh6M0BWFuXSkgLTQ6gpNV+ZqueYbLWdwf7eiRIjIQBIriEXpm
PbU7TTtVyPZgXuP/5ynBGpCF6sh7NKSTHKVIjmVl3ZwLS0nXQcqGEaJ2/eyAiQUt
BQV7WjI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:02:12 2025 by rpki-client