Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hQsWcP2wS4Xy6kzpuu5u9gxBuMQ.roa
File: hQsWcP2wS4Xy6kzpuu5u9gxBuMQ.roa (raw, json)
Hash identifier: z9FHdfcS5t70UyF3muHnx4pSn6fadm4PnvB8pJQOVwo=
Subject key identifier: 85:0B:16:70:FD:B0:4B:85:F2:EA:4C:E9:BA:EE:6E:F6:0C:41:B8:C4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 412D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hQsWcP2wS4Xy6kzpuu5u9gxBuMQ.roa
Signing time: Mon 15 Apr 2024 11:53:23 +0000
ROA not before: Mon 15 Apr 2024 11:53:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16685 (0x412d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 11:53:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=850B1670FDB04B85F2EA4CE9BAEE6EF60C41B8C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:23:9c:47:f3:4a:86:ec:8d:03:e8:55:27:fa:
20:c2:0d:5e:3b:1e:36:84:e5:d0:f8:72:ff:1a:de:
ca:a2:6b:6e:35:fa:94:0f:ea:ec:c6:8c:b7:08:a4:
eb:f8:49:60:12:63:13:fd:73:3d:94:df:ec:89:ab:
30:72:f7:31:2a:a8:03:5e:06:0c:02:4a:c5:1a:06:
be:af:2a:18:4d:63:05:7f:9f:b5:b1:a0:5b:62:d4:
11:72:3c:ea:c1:37:77:2b:6d:bc:ea:02:46:0d:8c:
92:c4:c6:2a:7c:c5:b5:05:db:65:a6:ba:c5:20:d3:
51:41:49:b2:58:91:53:48:69:f1:67:9e:6e:f5:fb:
1f:58:7e:ee:b0:a2:f1:b4:c4:df:ad:58:60:34:26:
1c:3c:e2:c0:b1:36:51:fb:98:60:3c:de:98:f5:6f:
59:fc:db:00:b2:96:36:e3:fe:d6:a8:31:b7:c1:4f:
17:ba:dc:1c:73:59:e7:f3:35:74:4a:59:6a:e8:c9:
ed:0b:f8:66:37:40:f0:86:6e:48:2c:8e:32:c2:97:
e3:4e:7e:d5:18:48:4b:c7:13:72:dd:5a:22:7f:ec:
93:72:74:a3:2f:29:db:0c:f1:0c:a5:19:81:e0:b3:
59:43:34:87:3f:12:ef:56:f8:f2:a2:f9:6d:ac:e7:
6a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:0B:16:70:FD:B0:4B:85:F2:EA:4C:E9:BA:EE:6E:F6:0C:41:B8:C4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hQsWcP2wS4Xy6kzpuu5u9gxBuMQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
58:00:cd:05:0b:78:65:b1:5b:06:0c:b6:94:b9:23:2e:90:cf:
d0:8a:3a:b5:6e:9d:9d:5e:ad:95:5a:1d:77:d6:89:95:c7:54:
ac:18:24:aa:aa:33:f5:5f:ef:ba:80:1e:8f:dd:01:be:36:01:
9b:49:af:63:b8:86:c2:ae:c0:30:d6:c9:b2:a4:96:57:47:89:
3e:28:ef:79:9f:bf:57:cf:80:12:af:3f:de:d9:62:b7:d4:a6:
34:1f:c0:e6:e4:f3:3a:9d:dc:3c:d0:81:1f:5c:f7:c0:66:cd:
b4:96:40:24:0d:a8:80:5b:15:66:e8:bc:0e:78:fd:29:61:65:
78:2f:db:d9:57:0f:a9:93:c5:b2:b5:4e:63:08:da:1e:9d:d6:
05:de:05:fd:09:96:1b:ef:52:81:d1:26:3a:f6:8e:e7:a9:b3:
c1:a0:81:ab:89:d6:3f:f2:9a:3e:96:65:0e:04:cd:35:78:4c:
a2:9d:40:e2:cb:f7:02:93:16:4a:22:d1:e9:0c:62:f8:1c:83:
81:48:8b:59:dc:e2:13:f3:f5:5f:5a:e0:06:37:d4:c0:60:12:
0c:d7:77:0b:e1:de:76:fe:24:39:a1:d8:38:49:a0:31:5a:e0:
cd:ee:f1:18:f9:7a:b0:e7:96:91:8a:ce:89:1e:43:22:9e:fd:
8c:7a:b4:6b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQS0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUx
MTUzMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg1MEIxNjcwRkRCMDRC
ODVGMkVBNENFOUJBRUU2RUY2MEM0MUI4QzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoI5xH80qG7I0D6FUn+iDCDV47HjaE5dD4cv8a3sqia241+pQP
6uzGjLcIpOv4SWASYxP9cz2U3+yJqzBy9zEqqANeBgwCSsUaBr6vKhhNYwV/n7Wx
oFti1BFyPOrBN3crbbzqAkYNjJLExip8xbUF22WmusUg01FBSbJYkVNIafFnnm71
+x9Yfu6wovG0xN+tWGA0Jhw84sCxNlH7mGA83pj1b1n82wCyljbj/taoMbfBTxe6
3BxzWefzNXRKWWroye0L+GY3QPCGbkgsjjLCl+NOftUYSEvHE3LdWiJ/7JNydKMv
KdsM8QylGYHgs1lDNIc/Eu9W+PKi+W2s52qPAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUhQsWcP2wS4Xy6kzpuu5u9gxBuMQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hRc1djUDJ3UzRYeTZr
enB1dTV1OWd4QnVNUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFgAzQULeGWxWwYM
tpS5Iy6Qz9CKOrVunZ1erZVaHXfWiZXHVKwYJKqqM/Vf77qAHo/dAb42AZtJr2O4
hsKuwDDWybKklldHiT4o73mfv1fPgBKvP97ZYrfUpjQfwObk8zqd3DzQgR9c98Bm
zbSWQCQNqIBbFWbovA54/SlhZXgv29lXD6mTxbK1TmMI2h6d1gXeBf0JlhvvUoHR
Jjr2jueps8GggauJ1j/ymj6WZQ4EzTV4TKKdQOLL9wKTFkoi0ekMYvgcg4FIi1nc
4hPz9V9a4AY31MBgEgzXdwvh3nb+JDmh2DhJoDFa4M3u8Rj5erDnlpGKzokeQyKe
/Yx6tGs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:49 2025 by rpki-client