Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ict7vVcStAdVgpPaWRK86cJYjw0.roa
File: ict7vVcStAdVgpPaWRK86cJYjw0.roa (raw, json)
Hash identifier: pQPrPuLlbXSHO3UvJd0LO9rk4qeEqXJvmggSL3cuuc4=
Subject key identifier: 89:CB:7B:BD:57:12:B4:07:55:82:93:DA:59:12:BC:E9:C2:58:8F:0D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34C5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ict7vVcStAdVgpPaWRK86cJYjw0.roa
Signing time: Fri 29 Mar 2024 22:52:05 +0000
ROA not before: Fri 29 Mar 2024 22:52:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13509 (0x34c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 22:52:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=89CB7BBD5712B407558293DA5912BCE9C2588F0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:98:58:d8:6f:1a:9d:42:b7:3c:4f:d5:87:16:
b2:ce:68:aa:77:46:1d:b0:b8:65:b3:d6:c8:a1:1a:
f2:16:4c:d6:ca:91:d6:2e:14:89:f0:8e:8d:45:06:
0f:fe:39:70:b3:58:e9:ca:07:57:f3:55:73:a7:8a:
0b:f4:2a:1f:5e:0e:47:b4:f6:23:f4:c5:55:86:79:
83:3a:4c:44:b7:22:a8:04:6b:21:33:b3:8d:4a:3a:
61:11:a4:24:cd:6f:d3:90:98:82:5c:bf:e2:59:c6:
ca:77:89:7c:2a:37:c2:a9:e4:c5:81:cd:30:f3:3a:
be:52:6c:80:2b:42:98:44:ea:bc:ad:5a:98:be:eb:
40:e0:fb:b3:e6:94:0d:5f:8c:f2:0c:e4:97:42:f7:
f1:4e:7d:cd:b6:71:0a:45:3d:88:e8:4f:11:c5:40:
32:39:cf:23:9d:7f:c1:2d:b7:f8:d9:bc:c0:36:28:
06:aa:cf:dc:e9:10:6e:f7:a8:76:45:79:b3:8b:d3:
85:eb:49:c0:ed:7a:7e:93:b3:ce:c5:ab:0d:43:92:
21:93:32:ef:3b:4b:3a:e7:4a:92:de:b5:51:8c:4b:
b7:41:b0:37:56:f0:6d:10:a6:88:29:93:a7:a2:0f:
1b:37:73:28:73:e9:13:64:c7:cc:8a:9e:83:54:5d:
2b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CB:7B:BD:57:12:B4:07:55:82:93:DA:59:12:BC:E9:C2:58:8F:0D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ict7vVcStAdVgpPaWRK86cJYjw0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
1e:e6:a9:fd:09:9e:16:67:8f:35:d0:c1:06:df:40:00:ec:41:
eb:9a:e5:2b:26:f0:f3:19:3b:cd:26:84:b9:fc:ab:22:3d:34:
70:41:60:9d:1b:0a:c2:e0:08:e7:18:a4:15:21:42:b0:ad:a7:
1a:cd:67:3f:9a:de:0b:8f:50:6c:6f:38:c4:51:73:3f:c6:54:
39:ae:35:e5:82:6e:f3:28:76:bc:64:4e:74:ef:da:cf:d5:2d:
1e:c2:41:82:a8:49:30:5f:11:30:8f:bb:11:b7:62:51:13:41:
cb:54:36:a3:94:88:0f:d4:6a:51:e7:cc:e9:bd:84:6a:eb:70:
5e:f3:bf:41:a2:96:09:4d:4a:db:11:97:8c:23:2a:c1:07:e9:
e9:b0:d2:09:ea:96:d9:fc:44:3e:c4:ae:9e:7d:4f:b2:0f:dd:
2c:0b:2b:7e:ab:7e:30:94:80:18:d3:b8:2c:0d:3f:11:50:64:
3f:50:f5:56:bc:4f:46:39:91:ab:64:20:68:0b:13:7e:23:18:
20:69:42:f0:7c:03:84:ac:e2:7f:19:2d:42:b9:3c:a6:0f:30:
8d:28:18:26:31:f2:29:a1:e9:10:b0:2f:31:95:d7:0e:94:8d:
5f:e8:a6:d2:08:f3:ae:ea:fe:a2:b9:1a:29:b6:9e:fb:7b:01:
36:2b:ec:81
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjky
MjUyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg5Q0I3QkJENTcxMkI0
MDc1NTgyOTNEQTU5MTJCQ0U5QzI1ODhGMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3mFjYbxqdQrc8T9WHFrLOaKp3Rh2wuGWz1sihGvIWTNbKkdYu
FInwjo1FBg/+OXCzWOnKB1fzVXOnigv0Kh9eDke09iP0xVWGeYM6TES3IqgEayEz
s41KOmERpCTNb9OQmIJcv+JZxsp3iXwqN8Kp5MWBzTDzOr5SbIArQphE6rytWpi+
60Dg+7PmlA1fjPIM5JdC9/FOfc22cQpFPYjoTxHFQDI5zyOdf8Ett/jZvMA2KAaq
z9zpEG73qHZFebOL04XrScDten6Ts87Fqw1DkiGTMu87SzrnSpLetVGMS7dBsDdW
8G0Qpogpk6eiDxs3cyhz6RNkx8yKnoNUXSsXAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUict7vVcStAdVgpPaWRK86cJYjw0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ljdDd2VmNTdEFkVmdw
UGFXUks4NmNKWWp3MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAB7mqf0JnhZnjzXQ
wQbfQADsQeua5Ssm8PMZO80mhLn8qyI9NHBBYJ0bCsLgCOcYpBUhQrCtpxrNZz+a
3guPUGxvOMRRcz/GVDmuNeWCbvModrxkTnTv2s/VLR7CQYKoSTBfETCPuxG3YlET
QctUNqOUiA/UalHnzOm9hGrrcF7zv0GilglNStsRl4wjKsEH6emw0gnqltn8RD7E
rp59T7IP3SwLK36rfjCUgBjTuCwNPxFQZD9Q9Va8T0Y5katkIGgLE34jGCBpQvB8
A4Ss4n8ZLUK5PKYPMI0oGCYx8imh6RCwLzGV1w6UjV/optII867q/qK5Gim2nvt7
ATYr7IE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:17:20 2025 by rpki-client