Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fwNjiG4ogwKP0ZoV6or0oYMQkLU.roa
File: fwNjiG4ogwKP0ZoV6or0oYMQkLU.roa (raw, json)
Hash identifier: tTBMhlRPjOdpmGrisSidWyHH5n00vYUzqu3F2C/vq1Y=
Subject key identifier: 7F:03:63:88:6E:28:83:02:8F:D1:9A:15:EA:8A:F4:A1:83:10:90:B5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5025
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fwNjiG4ogwKP0ZoV6or0oYMQkLU.roa
Signing time: Sun 05 May 2024 10:53:48 +0000
ROA not before: Sun 05 May 2024 10:53:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20517 (0x5025)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 10:53:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7F0363886E2883028FD19A15EA8AF4A1831090B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ac:6e:5f:e9:44:12:3a:56:df:66:63:d5:04:
7a:3a:20:6e:92:c4:96:73:83:a5:99:54:4d:60:f9:
16:b1:73:45:b9:00:57:43:90:a5:b8:cd:28:6c:47:
04:a8:4a:89:bd:ae:ee:97:cc:ef:2a:a4:09:73:90:
33:33:e9:25:da:1d:34:06:92:59:9b:99:21:bf:17:
c2:ce:c6:ba:ab:32:02:a8:eb:ce:43:47:d8:8f:ef:
01:eb:6b:d5:fe:37:b5:86:78:dd:ba:15:82:ef:99:
6a:a2:22:df:53:be:dd:a5:d2:cd:85:08:8e:71:d5:
32:34:40:ec:e7:d9:a4:15:d3:cc:cc:03:00:04:82:
99:1d:a2:f0:a9:4c:1e:fd:ac:99:16:41:16:b7:64:
c4:0b:81:f1:0e:f3:64:c1:e0:48:63:40:84:43:84:
26:ce:ad:46:49:03:21:40:09:b5:64:bb:d6:6e:e3:
2f:39:fa:3c:f0:13:cb:f2:e4:dd:25:eb:f6:8c:88:
be:97:88:67:b7:92:4c:5d:96:da:de:f6:c6:d8:90:
45:e9:f8:27:ce:e7:51:62:38:b2:10:4f:69:4e:52:
d1:61:53:9c:bb:83:0e:54:30:b2:c1:f2:6b:87:a8:
b9:4a:da:d9:29:ec:cc:a2:be:c8:c1:af:58:0f:04:
d0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:03:63:88:6E:28:83:02:8F:D1:9A:15:EA:8A:F4:A1:83:10:90:B5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fwNjiG4ogwKP0ZoV6or0oYMQkLU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8b:26:89:bf:dc:3b:c1:c8:c6:8d:3c:d0:ac:79:e3:1a:f5:56:
57:98:f1:b4:a0:12:a0:43:90:a0:be:92:a7:fe:3a:ce:20:cd:
74:22:25:62:00:1f:66:af:30:7d:d7:59:65:2c:5c:a9:1d:bc:
7d:79:b2:aa:63:93:7e:e3:fe:02:94:06:37:e4:c9:9a:34:0f:
6d:b1:34:c8:b4:13:42:f8:3f:97:81:6d:cd:ea:e0:39:f4:d1:
bd:24:ab:f5:42:84:05:d7:d1:a7:df:16:f7:af:04:3d:d6:a2:
fb:1e:3e:28:ad:cd:d8:e5:3f:cb:87:26:d4:cb:23:72:02:16:
bb:ce:d2:1a:4a:a0:09:03:1c:6c:04:fb:3b:c6:c2:19:a4:19:
e9:a4:c1:10:7e:20:f5:38:31:30:cb:89:b7:ac:2b:2e:f5:90:
af:73:47:49:f4:6a:c1:6a:e7:50:3b:f2:58:01:ea:17:30:5e:
85:90:d8:85:25:33:0f:f0:25:cf:74:57:9e:31:da:8b:a8:3b:
07:6a:7a:bb:e4:a2:5d:42:b9:bf:95:67:8d:ef:44:5b:02:1a:
e8:35:a3:0f:5b:6d:4e:12:7c:3e:6b:35:59:cb:f5:27:49:d4:
90:fb:f1:fe:23:7a:12:31:57:3e:02:84:2d:56:83:ae:5c:f0:
2f:70:f5:ed
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUCUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUx
MDUzNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdGMDM2Mzg4NkUyODgz
MDI4RkQxOUExNUVBOEFGNEExODMxMDkwQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxrG5f6UQSOlbfZmPVBHo6IG6SxJZzg6WZVE1g+Raxc0W5AFdD
kKW4zShsRwSoSom9ru6XzO8qpAlzkDMz6SXaHTQGklmbmSG/F8LOxrqrMgKo685D
R9iP7wHra9X+N7WGeN26FYLvmWqiIt9Tvt2l0s2FCI5x1TI0QOzn2aQV08zMAwAE
gpkdovCpTB79rJkWQRa3ZMQLgfEO82TB4EhjQIRDhCbOrUZJAyFACbVku9Zu4y85
+jzwE8vy5N0l6/aMiL6XiGe3kkxdltre9sbYkEXp+CfO51FiOLIQT2lOUtFhU5y7
gw5UMLLB8muHqLlK2tkp7MyivsjBr1gPBNDFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUfwNjiG4ogwKP0ZoV6or0oYMQkLUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Z3TmppRzRvZ3dLUDBa
b1Y2b3Iwb1lNUWtMVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIsmib/cO8HIxo08
0Kx54xr1VleY8bSgEqBDkKC+kqf+Os4gzXQiJWIAH2avMH3XWWUsXKkdvH15sqpj
k37j/gKUBjfkyZo0D22xNMi0E0L4P5eBbc3q4Dn00b0kq/VChAXX0affFvevBD3W
ovsePiitzdjlP8uHJtTLI3ICFrvO0hpKoAkDHGwE+zvGwhmkGemkwRB+IPU4MTDL
ibesKy71kK9zR0n0asFq51A78lgB6hcwXoWQ2IUlMw/wJc90V54x2ouoOwdqervk
ol1Cub+VZ43vRFsCGug1ow9bbU4SfD5rNVnL9SdJ1JD78f4jehIxVz4ChC1Wg65c
8C9w9e0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:37:34 2025 by rpki-client