Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/f8YIXmgqoEZdegJt96upvBu9rM4.roa
File: f8YIXmgqoEZdegJt96upvBu9rM4.roa (raw, json)
Hash identifier: mBl2HWsQAXwA8jYaEOyxmPgSlii9qQ9xmiA3Yd9sx40=
Subject key identifier: 7F:C6:08:5E:68:2A:A0:46:5D:7A:02:6D:F7:AB:A9:BC:1B:BD:AC:CE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F01
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/f8YIXmgqoEZdegJt96upvBu9rM4.roa
Signing time: Fri 03 May 2024 22:23:57 +0000
ROA not before: Fri 03 May 2024 22:23:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20225 (0x4f01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 22:23:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7FC6085E682AA0465D7A026DF7ABA9BC1BBDACCE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5e:a1:44:5a:6f:a8:7c:c2:a3:8f:9b:d1:4a:
bc:06:21:a1:33:24:e4:44:4a:18:cc:dc:8b:21:12:
90:70:82:f2:47:cb:c1:47:a0:ad:f2:67:23:bc:b4:
ed:6e:e0:7c:5a:12:8a:1d:85:16:43:25:3c:f7:b6:
4f:50:01:a9:2a:f9:0e:22:dd:8d:a8:f0:85:f7:a7:
79:09:e5:84:b2:43:12:fd:22:4f:d3:18:cc:5a:4b:
78:50:df:a4:3f:bd:1a:bb:02:1b:a8:f9:81:e5:30:
bc:c0:f4:cc:fc:59:57:ea:44:84:68:7e:41:c9:07:
96:24:79:66:de:bd:4a:0d:7c:14:3b:f8:38:54:7e:
51:e2:af:72:19:19:fa:c7:bd:62:07:9c:4a:9f:b0:
1f:ec:e3:49:d9:9d:49:00:d0:cf:dd:d0:e6:48:a3:
ea:cf:98:9f:3d:83:ba:7c:e5:6e:dd:68:db:ca:8d:
3f:d9:b0:0f:b5:d0:ce:37:89:71:81:e7:5d:d3:22:
ff:a6:a3:07:9d:8b:b2:0f:99:1b:82:89:97:4c:c3:
19:28:82:77:87:18:ac:dd:c9:bc:08:1a:8b:23:50:
c4:01:d9:40:7d:59:5f:c0:82:35:e1:c9:c7:03:ae:
5f:31:ad:47:93:3c:7e:6f:55:aa:af:29:91:6f:09:
71:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:C6:08:5E:68:2A:A0:46:5D:7A:02:6D:F7:AB:A9:BC:1B:BD:AC:CE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/f8YIXmgqoEZdegJt96upvBu9rM4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a6:77:2b:57:be:97:43:82:77:9a:18:e6:60:41:49:01:41:a7:
cd:a5:79:cf:19:11:78:5e:40:ae:23:6b:19:8e:ac:eb:6c:4c:
f8:3e:b4:7c:ac:54:17:c8:08:0c:b0:32:ac:f2:8b:e9:10:c7:
44:0c:23:20:d1:5c:56:c2:ce:4b:a5:ad:d2:ad:ca:12:e1:ea:
60:95:4a:47:e9:a7:d8:ad:a9:73:f9:f3:e7:56:2e:25:ec:42:
13:3a:af:74:b0:e1:84:d8:74:83:b4:d2:6a:50:da:93:53:6c:
0e:a5:93:3a:67:df:41:6f:db:1c:97:e7:43:aa:54:b9:df:ac:
5d:ce:ed:15:40:91:d5:de:b5:52:ff:75:0d:d7:36:53:7a:19:
1d:23:de:ba:58:5d:ec:a1:ab:de:d2:57:a9:72:e8:8f:fd:10:
7f:b3:93:c4:92:74:9e:8e:1e:11:1c:1a:cc:a3:1e:a5:4c:dd:
32:b6:61:24:e5:10:7c:dd:16:0c:24:77:d7:7d:ea:3e:ef:e9:
ed:f9:bb:8a:1c:c9:58:ca:b1:c7:a0:55:58:c9:61:02:5c:91:
62:0d:87:1d:af:13:7e:d5:11:95:4e:58:ba:67:b2:b3:a1:95:
f3:7e:69:fa:4c:3b:5c:76:68:7e:ff:e7:7f:22:23:5c:10:cc:
fd:f4:2e:4a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTwEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMy
MjIzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdGQzYwODVFNjgyQUEw
NDY1RDdBMDI2REY3QUJBOUJDMUJCREFDQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwXqFEWm+ofMKjj5vRSrwGIaEzJOREShjM3IshEpBwgvJHy8FH
oK3yZyO8tO1u4HxaEoodhRZDJTz3tk9QAakq+Q4i3Y2o8IX3p3kJ5YSyQxL9Ik/T
GMxaS3hQ36Q/vRq7Ahuo+YHlMLzA9Mz8WVfqRIRofkHJB5YkeWbevUoNfBQ7+DhU
flHir3IZGfrHvWIHnEqfsB/s40nZnUkA0M/d0OZIo+rPmJ89g7p85W7daNvKjT/Z
sA+10M43iXGB513TIv+mowedi7IPmRuCiZdMwxkogneHGKzdybwIGosjUMQB2UB9
WV/AgjXhyccDrl8xrUeTPH5vVaqvKZFvCXE1AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUf8YIXmgqoEZdegJt96upvBu9rM4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Y4WUlYbWdxb0VaZGVn
SnQ5NnVwdkJ1OXJNNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKZ3K1e+l0OCd5oY
5mBBSQFBp82lec8ZEXheQK4jaxmOrOtsTPg+tHysVBfICAywMqzyi+kQx0QMIyDR
XFbCzkulrdKtyhLh6mCVSkfpp9itqXP58+dWLiXsQhM6r3Sw4YTYdIO00mpQ2pNT
bA6lkzpn30Fv2xyX50OqVLnfrF3O7RVAkdXetVL/dQ3XNlN6GR0j3rpYXeyhq97S
V6ly6I/9EH+zk8SSdJ6OHhEcGsyjHqVM3TK2YSTlEHzdFgwkd9d96j7v6e35u4oc
yVjKscegVVjJYQJckWINhx2vE37VEZVOWLpnsrOhlfN+afpMO1x2aH7/538iI1wQ
zP30Lko=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:16 2025 by rpki-client