Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jQiuMWnBwGhAIRCysdw2MnIywjo.roa
File: jQiuMWnBwGhAIRCysdw2MnIywjo.roa (raw, json)
Hash identifier: 3prolcfKfChACwJyAxwRqHyCcmqEDGqXvwKosTH5y8E=
Subject key identifier: 8D:08:AE:31:69:C1:C0:68:40:21:10:B2:B1:DC:36:32:72:32:C2:3A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F21
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jQiuMWnBwGhAIRCysdw2MnIywjo.roa
Signing time: Sat 04 May 2024 02:23:52 +0000
ROA not before: Sat 04 May 2024 02:23:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20257 (0x4f21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 02:23:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8D08AE3169C1C068402110B2B1DC36327232C23A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d5:83:3c:62:fd:fa:f5:d5:68:ad:3a:93:4f:
8d:7d:f6:84:b2:9a:d5:01:23:29:20:a8:bc:2d:72:
46:8d:1d:07:77:4e:27:22:cf:51:9d:d3:7f:58:12:
58:36:5d:6e:43:b4:52:b3:54:9b:11:8f:d8:4e:8c:
8a:ca:4e:07:1e:83:c7:b4:af:6f:0e:c5:66:dc:06:
92:6c:7d:80:ce:3c:cd:ee:42:f3:91:2f:23:ba:1f:
ce:fd:a2:51:31:ac:92:8b:13:4c:fc:24:45:90:31:
17:45:e1:1d:6a:95:26:9c:9b:73:28:d0:29:e1:c1:
bc:12:15:34:dc:68:07:7b:46:67:87:3c:34:af:5c:
68:e8:d1:0c:0c:8e:06:91:76:49:89:3a:3d:fa:21:
3b:de:c1:7e:50:01:64:7d:fa:0d:e5:37:63:27:5f:
0c:75:4b:cd:92:b7:c5:49:16:eb:43:98:f1:2a:6e:
6e:fd:0a:b7:5f:6e:5d:30:8f:8b:a6:84:e2:50:70:
ea:80:ec:9b:e3:e2:8a:f2:c4:10:40:db:16:5c:b8:
72:75:09:bc:36:4b:da:92:56:21:7a:46:70:c5:9e:
71:a0:ae:7e:d9:0e:4f:25:3b:3a:f8:e8:36:8a:11:
90:ae:37:53:99:50:29:fe:14:79:f1:ae:f8:a2:96:
fc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:08:AE:31:69:C1:C0:68:40:21:10:B2:B1:DC:36:32:72:32:C2:3A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jQiuMWnBwGhAIRCysdw2MnIywjo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8b:cd:db:b8:ff:66:ac:8f:0b:3a:ed:96:87:c9:3c:05:e3:1f:
c7:a9:51:73:86:b7:ef:1f:62:8c:e8:92:0b:21:7f:14:12:92:
50:7e:70:50:5a:ae:cf:53:91:01:33:60:cc:e4:0a:f0:bd:4c:
21:b5:67:ef:d6:c4:17:81:41:b2:cd:22:c0:93:e8:51:78:96:
58:5a:ac:2c:51:46:7e:42:d4:0f:05:14:fb:26:1e:4a:72:04:
06:1a:6e:db:17:2b:33:40:e7:60:5b:61:84:dc:97:bd:3a:c2:
2d:4e:b8:a3:e4:b7:6f:fa:79:73:cf:8c:d3:fa:ca:6c:91:82:
5c:52:bf:9d:e4:80:da:32:4c:2a:e3:8b:ee:40:d9:49:b5:02:
00:5b:53:b2:fe:e6:11:2d:a1:e8:d1:92:55:b4:dc:d8:99:28:
88:ed:ef:72:10:30:e9:f8:d4:da:29:b8:10:88:eb:67:2f:bb:
84:a3:ab:e3:79:5e:49:c0:39:31:cd:82:58:75:04:59:ee:20:
9f:d7:54:df:48:6c:b6:5d:b7:f6:09:2a:be:79:ca:f2:49:24:
69:3d:58:e2:0b:69:b0:73:94:ed:35:05:7a:52:0c:da:89:16:
d5:a5:57:c1:1a:37:c6:e1:0e:44:a3:74:c0:0a:8e:56:c1:2f:
5a:2a:7d:65
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTyEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQw
MjIzNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhEMDhBRTMxNjlDMUMw
Njg0MDIxMTBCMkIxREMzNjMyNzIzMkMyM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCm1YM8Yv369dVorTqTT4199oSymtUBIykgqLwtckaNHQd3Tici
z1Gd039YElg2XW5DtFKzVJsRj9hOjIrKTgceg8e0r28OxWbcBpJsfYDOPM3uQvOR
LyO6H879olExrJKLE0z8JEWQMRdF4R1qlSacm3Mo0CnhwbwSFTTcaAd7RmeHPDSv
XGjo0QwMjgaRdkmJOj36ITvewX5QAWR9+g3lN2MnXwx1S82St8VJFutDmPEqbm79
Crdfbl0wj4umhOJQcOqA7Jvj4oryxBBA2xZcuHJ1Cbw2S9qSViF6RnDFnnGgrn7Z
Dk8lOzr46DaKEZCuN1OZUCn+FHnxrviilvxtAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUjQiuMWnBwGhAIRCysdw2MnIywjowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2pRaXVNV25Cd0doQUlS
Q3lzZHcyTW5JeXdqby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIvN27j/ZqyPCzrt
lofJPAXjH8epUXOGt+8fYozokgshfxQSklB+cFBars9TkQEzYMzkCvC9TCG1Z+/W
xBeBQbLNIsCT6FF4llharCxRRn5C1A8FFPsmHkpyBAYabtsXKzNA52BbYYTcl706
wi1OuKPkt2/6eXPPjNP6ymyRglxSv53kgNoyTCrji+5A2Um1AgBbU7L+5hEtoejR
klW03NiZKIjt73IQMOn41NopuBCI62cvu4Sjq+N5XknAOTHNglh1BFnuIJ/XVN9I
bLZdt/YJKr55yvJJJGk9WOILabBzlO01BXpSDNqJFtWlV8EaN8bhDkSjdMAKjlbB
L1oqfWU=
-----END CERTIFICATE-----
Generated at Sat Apr 12 01:28:57 2025 by rpki-client