Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/e10zklKFRkESYT94QWX98YloBlU.roa
File: e10zklKFRkESYT94QWX98YloBlU.roa (raw, json)
Hash identifier: JHxr4mks1xa5dcvh02VAxe+snq21Vh15lnW767xTTl4=
Subject key identifier: 7B:5D:33:92:52:85:46:41:12:61:3F:78:41:65:FD:F1:89:68:06:55
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34D9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/e10zklKFRkESYT94QWX98YloBlU.roa
Signing time: Sat 30 Mar 2024 01:22:06 +0000
ROA not before: Sat 30 Mar 2024 01:22:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13529 (0x34d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 01:22:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7B5D33925285464112613F784165FDF189680655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f5:33:c5:14:1d:81:bc:2b:ab:3d:89:79:56:
0e:c0:2e:16:f8:12:4f:cc:33:a6:be:43:a8:92:ea:
4c:a6:a1:32:b8:3e:66:18:0a:b5:3d:fa:f5:69:91:
89:b6:c5:09:6d:7e:22:c0:89:44:4d:6a:bc:7a:57:
35:19:6f:9c:46:6c:c5:61:92:73:28:c7:98:6f:b1:
87:65:be:f0:2c:0f:cf:82:85:a8:7c:21:9c:e5:f8:
fe:b0:c3:5e:30:e7:04:1e:09:3d:ed:00:b6:33:9e:
bf:a9:57:21:1a:8b:df:ab:aa:e3:f1:2f:42:bb:67:
3b:43:73:58:59:86:81:a1:0d:ce:75:85:c4:17:b6:
66:e3:f0:82:de:fa:df:19:b8:00:73:e4:9c:e6:08:
ce:83:67:f2:af:30:bb:b4:7a:20:f2:67:ac:7c:d2:
99:73:4e:1c:24:cf:a6:93:d6:34:e5:f6:d2:c0:72:
39:d6:6d:14:4b:3d:7e:96:5c:12:a6:86:a3:e7:6c:
be:1a:41:50:f6:5d:d8:c3:74:b3:69:5c:bc:59:aa:
e9:41:c4:ec:e7:68:9b:c8:7c:b3:4f:b1:ed:ba:5c:
6e:af:43:27:c4:4b:a1:5d:42:a2:a7:c3:34:3d:66:
e2:92:e3:da:30:91:8e:26:ac:72:ce:a8:7c:56:c1:
a8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:5D:33:92:52:85:46:41:12:61:3F:78:41:65:FD:F1:89:68:06:55
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/e10zklKFRkESYT94QWX98YloBlU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
55:8d:c4:71:b2:95:4c:0e:7e:38:a0:7d:de:8b:55:4b:d0:21:
0d:f4:0c:47:d4:2e:95:e9:5f:3d:ed:f3:ab:29:d9:59:45:a5:
59:38:a7:00:60:36:d0:f4:25:ff:39:48:46:33:35:21:a4:20:
1f:ec:8d:b5:f5:44:88:f2:07:92:e3:b4:76:b0:0e:21:20:ee:
cf:13:99:c3:65:91:ab:61:9f:79:34:45:ed:cd:b0:40:2c:51:
78:77:1d:fd:91:6d:56:c1:67:07:2b:ad:64:5e:3c:68:05:3e:
cd:bf:f0:fa:ca:ad:ec:db:98:69:1f:2f:69:a7:6a:6b:fe:9c:
60:85:52:3f:33:c9:b9:36:65:0e:6a:74:23:37:14:b6:2a:d3:
1b:41:f8:b8:fa:06:21:52:dd:b1:66:e5:e5:4b:4e:31:b1:f1:
67:f0:b9:75:02:dd:5e:24:f1:f0:88:d3:fd:ed:d8:fc:ca:61:
52:6b:7d:b2:65:68:c7:27:09:3a:f3:dd:2a:2e:d6:81:3a:e9:
7e:ad:4f:5d:ae:91:b6:2d:50:30:8c:69:5b:cf:50:53:bb:a1:
62:d9:6e:e4:ce:89:13:be:2d:eb:d7:39:32:f0:5f:a4:5c:d0:
5d:63:2e:d8:df:b7:31:24:50:4a:a5:0c:c1:57:6a:2c:0b:8c:
da:8d:0e:bb
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNNkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
MTIyMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdCNUQzMzkyNTI4NTQ2
NDExMjYxM0Y3ODQxNjVGREYxODk2ODA2NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt9TPFFB2BvCurPYl5Vg7ALhb4Ek/MM6a+Q6iS6kymoTK4PmYY
CrU9+vVpkYm2xQltfiLAiURNarx6VzUZb5xGbMVhknMox5hvsYdlvvAsD8+Chah8
IZzl+P6ww14w5wQeCT3tALYznr+pVyEai9+rquPxL0K7ZztDc1hZhoGhDc51hcQX
tmbj8ILe+t8ZuABz5JzmCM6DZ/KvMLu0eiDyZ6x80plzThwkz6aT1jTl9tLAcjnW
bRRLPX6WXBKmhqPnbL4aQVD2XdjDdLNpXLxZqulBxOznaJvIfLNPse26XG6vQyfE
S6FdQqKnwzQ9ZuKS49owkY4mrHLOqHxWwajxAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUe10zklKFRkESYT94QWX98YloBlUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2UxMHprbEtGUmtFU1lU
OTRRV1g5OFlsb0JsVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFWNxHGylUwOfjig
fd6LVUvQIQ30DEfULpXpXz3t86sp2VlFpVk4pwBgNtD0Jf85SEYzNSGkIB/sjbX1
RIjyB5LjtHawDiEg7s8TmcNlkathn3k0Re3NsEAsUXh3Hf2RbVbBZwcrrWRePGgF
Ps2/8PrKrezbmGkfL2mnamv+nGCFUj8zybk2ZQ5qdCM3FLYq0xtB+Lj6BiFS3bFm
5eVLTjGx8WfwuXUC3V4k8fCI0/3t2PzKYVJrfbJlaMcnCTrz3Sou1oE66X6tT12u
kbYtUDCMaVvPUFO7oWLZbuTOiRO+LevXOTLwX6Rc0F1jLtjftzEkUEqlDMFXaiwL
jNqNDrs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:41 2025 by rpki-client