Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lA6rIOSI0y2BekBQ3XvheohllMI.roa
File: lA6rIOSI0y2BekBQ3XvheohllMI.roa (raw, json)
Hash identifier: m2yIrZXoTn1l0fTlWdFpGzuk4GMeuJwTlaqP1GyFZ1I=
Subject key identifier: 94:0E:AB:20:E4:88:D3:2D:81:7A:40:50:DD:7B:E1:7A:88:65:94:C2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B19
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lA6rIOSI0y2BekBQ3XvheohllMI.roa
Signing time: Sun 28 Apr 2024 17:23:26 +0000
ROA not before: Sun 28 Apr 2024 17:23:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19225 (0x4b19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 17:23:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=940EAB20E488D32D817A4050DD7BE17A886594C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:15:70:87:09:0a:6d:89:85:30:0c:10:59:e9:
5a:66:3c:d2:2d:e3:59:35:52:7e:be:25:d4:2d:0b:
11:29:6b:69:dc:74:d0:38:2d:60:98:de:4b:7b:c6:
af:45:77:4b:32:b7:fa:b3:d5:40:06:68:9c:83:3c:
c4:6a:18:54:7f:54:7b:13:e7:5d:18:00:9c:d8:17:
f7:64:a1:81:7e:c8:09:e4:0c:f1:5b:25:81:5d:26:
8d:e7:f3:76:8e:c5:67:e4:b1:a0:13:bf:3f:25:2f:
0d:59:e7:e1:72:26:50:2c:7e:58:a2:0a:8b:30:d6:
d2:f5:64:f6:c2:5a:c2:3d:f3:5d:36:e8:c2:e1:07:
a8:f9:c2:d0:91:7e:db:88:78:cb:2e:aa:24:60:ac:
9d:d2:00:6e:17:07:12:7a:2f:d7:cc:0d:de:f6:49:
d5:99:6f:b9:c0:4d:ed:f9:62:ae:92:ca:45:bd:3b:
3b:e6:34:08:73:3c:6e:d0:96:43:ef:86:8e:1b:d9:
9a:03:15:4f:3b:d0:82:23:49:c7:c3:4d:0b:58:5f:
07:c0:11:a8:bd:dd:28:f8:4d:42:51:e9:bc:2f:22:
ce:47:5f:ab:f2:f9:86:c5:d1:8c:49:e0:90:5c:2d:
04:a6:7a:09:e3:fc:71:88:c1:09:84:cf:9c:bd:59:
47:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:0E:AB:20:E4:88:D3:2D:81:7A:40:50:DD:7B:E1:7A:88:65:94:C2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lA6rIOSI0y2BekBQ3XvheohllMI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8f:3e:ea:1c:17:b7:3b:ae:a1:92:fd:fb:5b:2f:75:9a:de:db:
10:ff:aa:85:f9:4b:1d:ce:08:55:89:02:e5:e9:0d:37:87:2d:
85:d8:fc:3b:a3:e4:80:78:d3:e5:70:75:b8:17:82:47:a2:1b:
26:59:4e:73:3c:b3:6f:d0:d2:5c:9e:74:fc:17:e8:05:78:38:
ca:f3:db:9d:57:00:2c:56:eb:a8:84:0d:fd:91:bf:0d:77:ec:
8c:32:e7:12:d8:9f:34:43:8b:f4:80:09:1a:52:bb:e0:92:6c:
54:ab:fe:4e:be:15:c6:58:01:6f:c0:42:22:b3:5d:88:f5:6c:
ed:1a:ec:f0:71:23:c6:0b:16:97:f7:f8:5e:bf:45:ac:5e:8b:
74:ab:42:f4:f8:56:3a:99:54:5c:76:85:d0:db:39:24:0d:71:
31:05:1f:f6:c4:bf:45:38:af:46:32:c0:40:6e:e8:65:76:ae:
ae:23:ca:20:e7:56:6a:b2:44:f4:86:32:0f:9b:a1:f4:6a:27:
c4:24:7b:bb:47:cd:d6:b7:c4:a3:6c:4c:95:5d:a9:06:8e:2e:
32:5a:ae:b7:40:7a:b7:51:09:59:a6:c3:61:ef:5b:4d:c8:f2:
be:b3:db:b5:97:b2:69:40:8f:ea:6c:2a:36:02:49:06:b7:33:
1d:e6:57:9f
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSxkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgx
NzIzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk0MEVBQjIwRTQ4OEQz
MkQ4MTdBNDA1MEREN0JFMTdBODg2NTk0QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9FXCHCQptiYUwDBBZ6VpmPNIt41k1Un6+JdQtCxEpa2ncdNA4
LWCY3kt7xq9Fd0syt/qz1UAGaJyDPMRqGFR/VHsT510YAJzYF/dkoYF+yAnkDPFb
JYFdJo3n83aOxWfksaATvz8lLw1Z5+FyJlAsfliiCosw1tL1ZPbCWsI981026MLh
B6j5wtCRftuIeMsuqiRgrJ3SAG4XBxJ6L9fMDd72SdWZb7nATe35Yq6SykW9Ozvm
NAhzPG7QlkPvho4b2ZoDFU870IIjScfDTQtYXwfAEai93Sj4TUJR6bwvIs5HX6vy
+YbF0YxJ4JBcLQSmegnj/HGIwQmEz5y9WUdDAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUlA6rIOSI0y2BekBQ3XvheohllMIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xBNnJJT1NJMHkyQmVr
QlEzWHZoZW9obGxNSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAI8+6hwXtzuuoZL9
+1svdZre2xD/qoX5Sx3OCFWJAuXpDTeHLYXY/Duj5IB40+VwdbgXgkeiGyZZTnM8
s2/Q0lyedPwX6AV4OMrz251XACxW66iEDf2Rvw137Iwy5xLYnzRDi/SACRpSu+CS
bFSr/k6+FcZYAW/AQiKzXYj1bO0a7PBxI8YLFpf3+F6/Raxei3SrQvT4VjqZVFx2
hdDbOSQNcTEFH/bEv0U4r0YywEBu6GV2rq4jyiDnVmqyRPSGMg+bofRqJ8Qke7tH
zda3xKNsTJVdqQaOLjJarrdAerdRCVmmw2HvW03I8r6z27WXsmlAj+psKjYCSQa3
Mx3mV58=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:28 2025 by rpki-client