Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/iQI-ZVAoYn6yXNAIXEPwjm0w7OA.roa
File: iQI-ZVAoYn6yXNAIXEPwjm0w7OA.roa (raw, json)
Hash identifier: qGs6NHLtoF6Ct1miAUxStBtUlabDGlZxyQ5jfH6Gm3Q=
Subject key identifier: 89:02:3E:65:50:28:62:7E:B2:5C:D0:08:5C:43:F0:8E:6D:30:EC:E0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FDD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iQI-ZVAoYn6yXNAIXEPwjm0w7OA.roa
Signing time: Sat 13 Apr 2024 17:52:52 +0000
ROA not before: Sat 13 Apr 2024 17:52:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16349 (0x3fdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 17:52:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=89023E655028627EB25CD0085C43F08E6D30ECE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f4:a1:96:38:ad:ef:fd:af:fe:f0:01:a0:61:
ff:c5:ba:6a:b3:7c:fe:f9:ee:c6:4b:96:82:e1:bf:
3f:6c:3a:4f:8b:ba:e3:c2:20:f0:66:69:93:73:be:
02:fc:5b:06:d2:d3:b9:b0:33:ea:fa:7b:12:7b:e3:
18:53:1b:ac:b0:e9:7e:0b:77:d2:4f:7e:ff:2b:39:
93:03:18:03:b9:9f:d9:7b:00:db:07:da:c9:dd:25:
4c:24:d5:5e:0b:03:3b:a3:09:f4:d9:56:9d:e6:6e:
88:06:f2:24:73:04:c8:88:ae:c2:e0:3d:3f:75:75:
0f:d0:9c:b5:03:a3:ad:76:91:c9:34:16:67:d1:a3:
00:0a:5d:1d:eb:f3:fd:03:9e:46:26:b8:7c:3a:ad:
af:93:08:08:19:38:19:b8:51:98:8a:8a:a9:30:91:
ab:6b:43:d3:d0:b2:97:6c:ab:67:18:10:4a:88:b1:
40:1d:fb:24:03:12:e5:1c:34:3e:77:e2:91:df:eb:
b7:66:60:31:f7:e1:ae:db:45:5a:6f:ee:49:a7:a8:
61:a4:6b:25:2b:3d:73:16:18:70:a1:d1:c5:fb:f7:
d7:60:5c:ed:42:6f:6f:f0:58:4c:5b:ad:ea:39:01:
ce:f9:20:57:6c:38:9c:c4:37:72:00:a4:98:ff:0c:
8e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:02:3E:65:50:28:62:7E:B2:5C:D0:08:5C:43:F0:8E:6D:30:EC:E0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iQI-ZVAoYn6yXNAIXEPwjm0w7OA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
84:48:25:36:1c:73:7f:4c:8a:60:77:d6:a2:ed:7c:5e:5f:b8:
d6:ac:8d:e4:ff:1d:a5:d4:0a:86:19:82:9a:9d:53:8d:68:73:
f9:91:bb:9d:21:96:b9:4b:cd:d4:64:2c:4a:b9:54:2e:93:08:
fd:fc:64:33:7f:1e:d9:73:53:e6:cb:a1:d9:4a:2b:46:ae:17:
62:28:4e:e6:6e:6e:2d:21:23:78:1e:39:6c:16:5d:8c:00:5b:
78:f4:c8:48:86:b5:a5:06:95:ac:21:0a:ea:97:19:bc:1e:65:
b5:d5:2d:0d:78:03:83:ec:1c:a9:22:fe:ca:01:dd:12:ab:6b:
ee:69:d4:2e:ed:92:3b:24:64:08:ca:01:b5:19:f1:bb:45:72:
ac:f7:3b:fa:ae:3b:26:5e:7f:cc:0c:3e:57:0b:8d:64:bd:db:
51:61:7d:97:9c:48:ae:5c:fc:09:bf:3d:ae:53:0a:0a:dd:14:
81:25:c6:22:7e:42:98:9f:9b:e2:b5:d9:ad:5f:95:e1:c2:b2:
bb:28:56:38:29:68:74:16:16:c8:7e:54:5d:ff:de:56:cd:ac:
6d:5b:f9:29:f0:fb:c6:e4:0c:79:2d:f8:55:3a:d8:46:f2:83:
ab:93:d1:68:a5:b9:11:d1:60:84:ea:b7:ec:a3:22:b3:ec:a7:
f9:99:fb:cb
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICP90wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
NzUyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg5MDIzRTY1NTAyODYy
N0VCMjVDRDAwODVDNDNGMDhFNkQzMEVDRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC69KGWOK3v/a/+8AGgYf/FumqzfP757sZLloLhvz9sOk+LuuPC
IPBmaZNzvgL8WwbS07mwM+r6exJ74xhTG6yw6X4Ld9JPfv8rOZMDGAO5n9l7ANsH
2sndJUwk1V4LAzujCfTZVp3mbogG8iRzBMiIrsLgPT91dQ/QnLUDo612kck0FmfR
owAKXR3r8/0DnkYmuHw6ra+TCAgZOBm4UZiKiqkwkatrQ9PQspdsq2cYEEqIsUAd
+yQDEuUcND534pHf67dmYDH34a7bRVpv7kmnqGGkayUrPXMWGHCh0cX799dgXO1C
b2/wWExbreo5Ac75IFdsOJzEN3IApJj/DI6fAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUiQI+ZVAoYn6yXNAIXEPwjm0w7OAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lRSS1aVkFvWW42eVhO
QUlYRVB3am0wdzdPQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIRIJTYcc39MimB3
1qLtfF5fuNasjeT/HaXUCoYZgpqdU41oc/mRu50hlrlLzdRkLEq5VC6TCP38ZDN/
HtlzU+bLodlKK0auF2IoTuZubi0hI3geOWwWXYwAW3j0yEiGtaUGlawhCuqXGbwe
ZbXVLQ14A4PsHKki/soB3RKra+5p1C7tkjskZAjKAbUZ8btFcqz3O/quOyZef8wM
PlcLjWS921FhfZecSK5c/Am/Pa5TCgrdFIElxiJ+Qpifm+K12a1fleHCsrsoVjgp
aHQWFsh+VF3/3lbNrG1b+Snw+8bkDHkt+FU62Ebyg6uT0WiluRHRYITqt+yjIrPs
p/mZ+8s=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:19 2025 by rpki-client