Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hHGIFQWXlKvHeh5q9F2LdMotkgE.roa
File: hHGIFQWXlKvHeh5q9F2LdMotkgE.roa (raw, json)
Hash identifier: VHqrs0y7eKSFbQZYTMY0agNu3uHhkVjwQERJWrHlfyY=
Subject key identifier: 84:71:88:15:05:97:94:AB:C7:7A:1E:6A:F4:5D:8B:74:CA:2D:92:01
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3BD5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hHGIFQWXlKvHeh5q9F2LdMotkgE.roa
Signing time: Mon 08 Apr 2024 08:52:35 +0000
ROA not before: Mon 08 Apr 2024 08:52:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15317 (0x3bd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 08:52:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=84718815059794ABC77A1E6AF45D8B74CA2D9201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:db:14:40:75:ca:90:5f:aa:ba:ad:13:94:bf:
82:28:fc:ec:4e:73:f5:51:78:76:66:a9:3f:f8:3f:
2c:b9:a3:6c:a9:77:c5:28:f4:75:9a:22:0e:9b:46:
74:ff:90:d1:bc:2f:15:bf:64:62:83:02:a1:23:0e:
17:2d:51:6e:ba:93:3a:ff:cf:4e:5f:d9:3e:45:d3:
66:3e:16:a9:ad:48:02:19:8e:92:74:57:16:05:63:
09:92:1f:57:a6:df:0b:e0:4d:a4:50:93:27:40:8d:
b0:4d:fc:8b:8d:62:41:74:de:87:d9:37:bf:ac:0a:
66:1f:72:6b:6c:87:2f:0d:1b:27:3a:79:1a:67:db:
b6:97:c0:98:80:80:bd:ec:6f:2b:f2:39:8a:c2:a5:
92:08:6f:60:67:ba:01:d4:01:fe:2d:a2:2e:eb:4a:
2b:92:7a:a3:89:fe:62:0d:23:bb:a6:f8:5f:bb:ea:
ea:28:f9:53:4d:18:ac:c3:e9:73:80:49:b3:25:2e:
97:91:b4:4b:fc:ca:95:fd:04:0b:59:09:c9:e5:b4:
19:26:f5:3b:e3:b5:2c:f4:a5:ff:e0:95:0f:bc:53:
a6:f9:40:bf:bf:85:c2:74:a1:79:6e:93:2f:64:3f:
a0:4f:ea:04:ae:70:e5:e1:f0:1d:64:7c:5e:a8:57:
43:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:71:88:15:05:97:94:AB:C7:7A:1E:6A:F4:5D:8B:74:CA:2D:92:01
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hHGIFQWXlKvHeh5q9F2LdMotkgE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3d:96:05:12:56:7e:16:c5:bf:c1:cb:ac:a1:27:4e:ae:e6:52:
ce:4d:46:76:d1:ab:5b:d3:21:0e:99:88:d5:ca:31:03:af:14:
51:a3:b2:79:39:3d:f2:60:a5:66:c1:47:a4:a1:bd:11:b6:f0:
67:ad:e6:2b:6f:16:d9:dd:5d:a1:41:2a:a1:0c:72:3b:8f:d8:
3c:54:4a:a0:78:f2:b7:97:0e:f3:92:04:4c:a1:31:8e:2f:3c:
44:7b:e7:1b:1c:67:9f:8c:7f:89:6e:a5:af:c1:9b:1f:7c:e0:
a3:4b:1c:4e:48:9b:37:9e:28:72:1f:23:cf:ca:69:fe:d3:16:
24:37:7a:4a:d1:76:83:79:20:ec:93:09:a9:51:6b:97:86:a4:
6f:f0:fd:81:2b:4c:41:8f:6f:85:0f:e5:16:08:55:fc:7c:39:
48:ad:82:20:ed:75:b8:2a:13:f7:c5:5d:7f:68:35:f2:2d:9f:
37:2e:f4:a9:41:95:73:4b:1e:df:d5:83:2a:50:f7:df:1c:ba:
94:aa:25:57:cb:cf:dd:d8:cb:20:cf:a4:20:b6:76:58:b0:b3:
01:ba:5b:90:c6:b5:97:f2:4e:be:48:53:97:47:07:bd:e8:7f:
19:5a:c9:aa:21:26:fb:ed:83:70:d6:8a:09:49:86:98:82:4f:
75:01:45:c7
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICO9UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgw
ODUyMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg0NzE4ODE1MDU5Nzk0
QUJDNzdBMUU2QUY0NUQ4Qjc0Q0EyRDkyMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDi2xRAdcqQX6q6rROUv4Io/OxOc/VReHZmqT/4Pyy5o2ypd8Uo
9HWaIg6bRnT/kNG8LxW/ZGKDAqEjDhctUW66kzr/z05f2T5F02Y+FqmtSAIZjpJ0
VxYFYwmSH1em3wvgTaRQkydAjbBN/IuNYkF03ofZN7+sCmYfcmtshy8NGyc6eRpn
27aXwJiAgL3sbyvyOYrCpZIIb2BnugHUAf4toi7rSiuSeqOJ/mINI7um+F+76uoo
+VNNGKzD6XOASbMlLpeRtEv8ypX9BAtZCcnltBkm9TvjtSz0pf/glQ+8U6b5QL+/
hcJ0oXluky9kP6BP6gSucOXh8B1kfF6oV0NrAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUhHGIFQWXlKvHeh5q9F2LdMotkgEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hIR0lGUVdYbEt2SGVo
NXE5RjJMZE1vdGtnRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAD2WBRJWfhbFv8HL
rKEnTq7mUs5NRnbRq1vTIQ6ZiNXKMQOvFFGjsnk5PfJgpWbBR6ShvRG28Get5itv
FtndXaFBKqEMcjuP2DxUSqB48reXDvOSBEyhMY4vPER75xscZ5+Mf4lupa/Bmx98
4KNLHE5ImzeeKHIfI8/Kaf7TFiQ3ekrRdoN5IOyTCalRa5eGpG/w/YErTEGPb4UP
5RYIVfx8OUitgiDtdbgqE/fFXX9oNfItnzcu9KlBlXNLHt/VgypQ998cupSqJVfL
z93YyyDPpCC2dliwswG6W5DGtZfyTr5IU5dHB73ofxlayaohJvvtg3DWiglJhpiC
T3UBRcc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:22 2025 by rpki-client