Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fBPVgnrD4nUUOKKc26EWUwNdNDg.roa
File: fBPVgnrD4nUUOKKc26EWUwNdNDg.roa (raw, json)
Hash identifier: zdxY4T9Yd/ZFFB5smC8Nhu/T/Ue5doo2Xvg9YS6AzUE=
Subject key identifier: 7C:13:D5:82:7A:C3:E2:75:14:38:A2:9C:DB:A1:16:53:03:5D:34:38
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33F5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fBPVgnrD4nUUOKKc26EWUwNdNDg.roa
Signing time: Thu 28 Mar 2024 20:52:04 +0000
ROA not before: Thu 28 Mar 2024 20:52:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13301 (0x33f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 20:52:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7C13D5827AC3E2751438A29CDBA11653035D3438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:40:1a:c9:9e:5e:ad:9e:b9:09:19:30:26:16:
69:93:82:2e:65:6d:c8:a4:f9:18:7d:ea:90:d8:2b:
28:31:fe:e6:3d:c4:b4:de:41:eb:44:9e:73:43:63:
1f:8e:e8:27:3f:dc:f0:3a:32:95:5f:8e:fd:8d:cd:
54:1f:b1:67:fe:9d:ec:61:48:0f:2b:a3:8b:7c:d9:
9d:ab:2d:b4:76:ef:9f:81:59:74:b7:08:00:e6:20:
4d:61:04:6b:81:10:10:13:e8:54:3b:d4:4b:cf:7d:
9e:3c:49:f9:e7:4a:7f:85:69:8e:af:a9:10:e8:d4:
ac:c6:88:54:83:be:65:a9:06:89:1e:19:e0:9c:f4:
f0:55:80:48:6f:2a:ef:2a:1e:d2:a9:52:2e:8e:32:
74:23:22:57:4f:53:87:15:3a:01:b8:3a:07:65:8a:
f7:3a:4f:a8:06:88:80:a7:5e:08:c9:fe:01:5d:c9:
9a:78:77:ee:0a:66:34:a2:de:8b:db:9a:32:d6:3b:
ad:78:a4:63:34:7e:eb:5e:3e:c6:94:b1:5d:a5:1b:
a0:7e:48:11:4f:f5:fc:69:66:1b:d0:50:c4:22:8c:
eb:38:0d:f6:9c:7b:a6:e2:11:e3:45:fe:59:7b:54:
48:a9:a0:74:8f:60:98:17:c9:10:cc:9e:f9:32:fd:
98:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:13:D5:82:7A:C3:E2:75:14:38:A2:9C:DB:A1:16:53:03:5D:34:38
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fBPVgnrD4nUUOKKc26EWUwNdNDg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
0b:49:89:d0:e5:85:95:cb:2a:23:3d:8a:a6:a1:cf:07:8c:66:
ef:0e:1b:b5:21:47:2f:59:3c:62:11:7e:87:bd:5f:7d:64:b5:
e5:d7:18:30:07:ee:ad:bc:dc:dc:27:e5:0a:61:52:33:94:f9:
34:25:d7:14:71:05:89:12:b9:9c:cc:3b:e1:9b:36:2c:05:76:
9f:7b:6c:a2:44:40:0d:09:0f:47:0d:29:2a:67:87:81:6f:51:
17:1b:ea:dd:e4:1b:5d:ff:18:36:1f:28:37:16:00:c8:ec:80:
f4:2d:5f:be:0c:f8:da:b5:7b:53:60:ae:9b:75:5c:2b:b7:76:
2b:ac:d9:1e:80:cf:3a:ed:61:b6:c1:e0:b3:f2:da:f2:a8:88:
d0:23:65:0a:33:a4:9e:ac:81:26:07:60:8a:66:ff:47:02:fe:
0a:5f:4b:86:d5:81:88:f8:ae:1c:df:79:0f:8f:c7:2a:66:2a:
32:c9:87:6c:93:86:c5:39:d2:62:a7:6a:f3:fd:7a:d9:46:ab:
e2:14:90:9c:96:7a:b9:27:20:5e:c7:09:45:6f:e8:98:27:6a:
44:45:84:cc:f0:08:3c:8d:09:c1:5c:b9:ed:e1:3a:b3:28:02:
27:ed:19:79:89:4f:c1:16:9e:67:9b:a9:99:89:25:20:57:9d:
fa:1b:42:8a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICM/UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgy
MDUyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdDMTNENTgyN0FDM0Uy
NzUxNDM4QTI5Q0RCQTExNjUzMDM1RDM0MzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3QBrJnl6tnrkJGTAmFmmTgi5lbcik+Rh96pDYKygx/uY9xLTe
QetEnnNDYx+O6Cc/3PA6MpVfjv2NzVQfsWf+nexhSA8ro4t82Z2rLbR275+BWXS3
CADmIE1hBGuBEBAT6FQ71EvPfZ48SfnnSn+FaY6vqRDo1KzGiFSDvmWpBokeGeCc
9PBVgEhvKu8qHtKpUi6OMnQjIldPU4cVOgG4Ogdlivc6T6gGiICnXgjJ/gFdyZp4
d+4KZjSi3ovbmjLWO614pGM0futePsaUsV2lG6B+SBFP9fxpZhvQUMQijOs4Dfac
e6biEeNF/ll7VEipoHSPYJgXyRDMnvky/ZjnAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUfBPVgnrD4nUUOKKc26EWUwNdNDgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ZCUFZnbnJENG5VVU9L
S2MyNkVXVXdOZE5EZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAtJidDlhZXLKiM9
iqahzweMZu8OG7UhRy9ZPGIRfoe9X31kteXXGDAH7q283Nwn5QphUjOU+TQl1xRx
BYkSuZzMO+GbNiwFdp97bKJEQA0JD0cNKSpnh4FvURcb6t3kG13/GDYfKDcWAMjs
gPQtX74M+Nq1e1Ngrpt1XCu3dius2R6AzzrtYbbB4LPy2vKoiNAjZQozpJ6sgSYH
YIpm/0cC/gpfS4bVgYj4rhzfeQ+PxypmKjLJh2yThsU50mKnavP9etlGq+IUkJyW
erknIF7HCUVv6JgnakRFhMzwCDyNCcFcue3hOrMoAiftGXmJT8EWnmebqZmJJSBX
nfobQoo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:20 2025 by rpki-client