Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/eQT5IV3oUrkpslcBPQ9WGmvhK0Y.roa
File: eQT5IV3oUrkpslcBPQ9WGmvhK0Y.roa (raw, json)
Hash identifier: zPdi80u0w7XbG+hdVbF0l/5qQVqsgEWCbKYTUqJS9Dk=
Subject key identifier: 79:04:F9:21:5D:E8:52:B9:29:B2:57:01:3D:0F:56:1A:6B:E1:2B:46
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D1D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eQT5IV3oUrkpslcBPQ9WGmvhK0Y.roa
Signing time: Wed 10 Apr 2024 01:52:40 +0000
ROA not before: Wed 10 Apr 2024 01:52:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15645 (0x3d1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 01:52:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7904F9215DE852B929B257013D0F561A6BE12B46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:17:17:fe:ce:e3:88:da:b3:5d:80:4b:30:f6:
69:05:99:0b:9f:d8:60:8b:37:b6:ba:24:95:3f:d3:
67:ac:b2:92:4d:62:90:24:cb:59:4f:30:b2:6d:c6:
f8:8b:99:c1:db:64:7c:38:67:26:07:15:21:b3:92:
ef:a5:6f:52:d1:27:32:4d:bc:a8:7a:92:83:35:6a:
2f:fa:67:04:eb:64:7b:7e:6f:d9:2f:2c:f8:c5:b1:
ba:55:38:2f:a3:52:cf:e8:d7:a3:c6:92:e4:a6:20:
54:46:36:ae:95:eb:ea:30:f5:48:71:58:c3:86:d5:
22:73:09:c8:bd:9b:31:a1:dd:b6:ba:f2:b9:49:3b:
6f:cd:7b:0a:e8:cb:b0:b6:e2:66:48:e1:b8:c6:05:
ab:39:ab:27:48:6c:43:a1:f5:69:2f:2f:71:e3:17:
13:71:b2:61:24:3a:93:75:ae:44:06:b0:a5:c3:8f:
08:86:ed:36:42:8e:a0:ac:ae:33:0a:4a:61:07:56:
ad:fc:5a:b8:0f:8b:16:c2:5a:53:0d:4a:96:88:94:
22:7d:29:8d:78:52:8d:c5:37:77:33:95:3e:ac:92:
82:9f:aa:5d:7a:33:75:8c:5c:15:90:cf:0d:1e:58:
91:ab:b3:4a:45:2e:0d:14:c5:df:7c:71:4f:76:d9:
68:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:04:F9:21:5D:E8:52:B9:29:B2:57:01:3D:0F:56:1A:6B:E1:2B:46
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eQT5IV3oUrkpslcBPQ9WGmvhK0Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
86:cf:b9:42:f5:66:ea:7b:a6:7e:02:b8:73:49:0d:0d:1d:ca:
e8:59:24:22:b2:27:01:b8:41:e9:98:01:35:84:a6:44:78:1c:
1f:6f:f2:55:d1:65:c1:d8:39:03:6c:9d:e0:ed:86:d3:91:10:
7a:07:99:5c:9d:2e:7e:27:94:37:39:f5:44:2e:ab:8a:20:a2:
76:8d:4b:bd:c6:cd:ad:98:fe:ad:e5:5b:26:f1:0a:30:09:2a:
bb:a8:bc:fd:c4:2e:65:33:a7:1a:cb:ca:85:97:c9:63:f9:6f:
05:2c:c1:f0:33:e2:6d:98:15:2d:06:f7:41:de:d0:f6:5c:2f:
b5:5d:f0:ed:8e:d1:75:5f:f4:f0:da:51:ef:c7:fc:a3:2b:00:
d6:a1:ea:e8:b2:dc:0a:14:f8:c8:ec:75:56:a5:50:42:42:5f:
e7:28:5f:01:78:18:e5:5c:93:2e:23:5f:70:c2:51:f0:dc:88:
0f:ae:9d:67:08:8b:d7:2e:c4:78:d5:d6:83:ff:61:21:24:f9:
9d:01:21:4e:81:4d:14:cd:ba:ef:f8:d9:11:23:c0:84:fc:4b:
4b:56:af:26:fd:f9:3a:10:1f:cd:6e:53:f4:a1:86:98:40:5d:
04:62:a8:28:8b:93:d3:72:50:a5:07:11:76:1b:e7:7b:49:20:
36:69:df:c0
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPR0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAw
MTUyNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc5MDRGOTIxNURFODUy
QjkyOUIyNTcwMTNEMEY1NjFBNkJFMTJCNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoFxf+zuOI2rNdgEsw9mkFmQuf2GCLN7a6JJU/02esspJNYpAk
y1lPMLJtxviLmcHbZHw4ZyYHFSGzku+lb1LRJzJNvKh6koM1ai/6ZwTrZHt+b9kv
LPjFsbpVOC+jUs/o16PGkuSmIFRGNq6V6+ow9UhxWMOG1SJzCci9mzGh3ba68rlJ
O2/Newroy7C24mZI4bjGBas5qydIbEOh9WkvL3HjFxNxsmEkOpN1rkQGsKXDjwiG
7TZCjqCsrjMKSmEHVq38WrgPixbCWlMNSpaIlCJ9KY14Uo3FN3czlT6skoKfql16
M3WMXBWQzw0eWJGrs0pFLg0Uxd98cU922WgNAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUeQT5IV3oUrkpslcBPQ9WGmvhK0YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VRVDVJVjNvVXJrcHNs
Y0JQUTlXR212aEswWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIbPuUL1Zup7pn4C
uHNJDQ0dyuhZJCKyJwG4QemYATWEpkR4HB9v8lXRZcHYOQNsneDthtOREHoHmVyd
Ln4nlDc59UQuq4ogonaNS73Gza2Y/q3lWybxCjAJKruovP3ELmUzpxrLyoWXyWP5
bwUswfAz4m2YFS0G90He0PZcL7Vd8O2O0XVf9PDaUe/H/KMrANah6uiy3AoU+Mjs
dValUEJCX+coXwF4GOVcky4jX3DCUfDciA+unWcIi9cuxHjV1oP/YSEk+Z0BIU6B
TRTNuu/42REjwIT8S0tWryb9+ToQH81uU/ShhphAXQRiqCiLk9NyUKUHEXYb53tJ
IDZp38A=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:01 2025 by rpki-client