Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lv7TkOQLM2yovvn9kUHmYlWY5Tw.roa
File: lv7TkOQLM2yovvn9kUHmYlWY5Tw.roa (raw, json)
Hash identifier: ozzzzwgBQeRaPemXhCwdn1ytWnNUHfTpMUXzSPlthTI=
Subject key identifier: 96:FE:D3:90:E4:0B:33:6C:A8:BE:F9:FD:91:41:E6:62:55:98:E5:3C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 429D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lv7TkOQLM2yovvn9kUHmYlWY5Tw.roa
Signing time: Wed 17 Apr 2024 09:53:00 +0000
ROA not before: Wed 17 Apr 2024 09:53:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17053 (0x429d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 09:53:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=96FED390E40B336CA8BEF9FD9141E6625598E53C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bf:ac:e8:3c:71:85:7c:3d:36:ba:db:1b:67:
15:cb:56:62:cb:01:e3:d3:53:4d:52:de:bc:fd:42:
ac:b6:9d:4f:f3:50:5f:63:6a:be:48:d9:35:e4:18:
0e:64:03:63:f0:37:0b:80:2f:4e:c9:a8:03:9e:03:
86:bb:39:67:f5:89:20:b9:9d:ed:19:3b:43:46:27:
a8:9e:fa:95:07:b9:f9:38:9d:c7:df:02:5a:9f:4d:
10:d9:4b:ff:fe:c9:23:44:f0:37:fe:e3:70:9c:09:
2b:21:97:64:61:46:30:a5:3e:c8:1c:29:63:b2:6e:
d9:e0:4d:a4:d7:6c:94:9c:94:08:93:90:77:45:d8:
98:f3:ea:db:62:e4:0d:43:b0:0e:bd:1e:7c:84:be:
ba:e3:9a:eb:6b:10:b2:f4:8f:19:b1:67:55:2f:25:
ff:8c:95:79:bf:7d:c7:31:3d:84:e5:b6:3f:8d:3f:
29:e7:d2:c1:8d:df:ae:4b:81:86:73:9b:d0:8d:7e:
62:78:fa:81:b1:39:27:86:c2:0b:0c:f3:09:a8:65:
4e:8a:66:91:ff:72:90:ca:3a:8e:18:2d:40:85:53:
fd:4d:7e:13:72:d8:ad:96:d9:0a:2c:52:cf:ee:b0:
d5:57:e9:3b:67:50:ba:f2:49:64:8d:e8:e3:92:71:
3e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:FE:D3:90:E4:0B:33:6C:A8:BE:F9:FD:91:41:E6:62:55:98:E5:3C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lv7TkOQLM2yovvn9kUHmYlWY5Tw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
84:ff:1e:32:7f:98:d9:9c:43:14:cb:8e:15:c0:d4:11:b9:c2:
9d:9f:aa:86:01:40:cb:7b:8e:d2:d6:28:d6:67:34:0c:d7:f3:
a5:c1:31:d7:ad:ca:09:85:01:43:95:d4:2b:e7:ef:8e:37:42:
27:db:60:39:bb:95:91:87:9d:f4:af:24:ab:ad:52:d3:9f:f5:
ae:ea:a2:64:09:19:c3:c9:d2:1a:11:e2:76:b0:50:16:34:fd:
25:a3:81:b0:6f:c2:b0:56:52:3c:49:5e:18:72:52:8f:e0:23:
3f:53:28:71:47:45:e7:24:0c:a3:4f:fe:40:fa:70:27:a5:4c:
e2:61:a6:24:f4:95:c1:60:f2:65:3d:7b:22:71:4d:23:88:5a:
4a:e5:d9:94:7d:e1:9c:cd:ae:41:f5:2a:2e:15:99:87:94:ec:
e9:98:dd:c0:6e:80:4b:a1:85:1c:f9:1d:d1:a6:8f:4e:76:d0:
45:10:40:26:81:7d:1f:e5:d9:95:d4:e3:31:90:6c:46:c7:69:
5e:ef:bf:38:71:fc:9d:cf:65:6e:53:c1:ac:77:74:53:70:38:
cc:94:3a:ac:34:e0:1d:66:df:75:92:1b:5e:43:52:89:85:2f:
af:64:b6:3f:29:b8:cc:ec:6c:a7:6c:01:57:76:01:f2:f7:1a:
33:95:75:cc
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQp0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
OTUzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk2RkVEMzkwRTQwQjMz
NkNBOEJFRjlGRDkxNDFFNjYyNTU5OEU1M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2v6zoPHGFfD02utsbZxXLVmLLAePTU01S3rz9Qqy2nU/zUF9j
ar5I2TXkGA5kA2PwNwuAL07JqAOeA4a7OWf1iSC5ne0ZO0NGJ6ie+pUHufk4ncff
AlqfTRDZS//+ySNE8Df+43CcCSshl2RhRjClPsgcKWOybtngTaTXbJSclAiTkHdF
2Jjz6tti5A1DsA69HnyEvrrjmutrELL0jxmxZ1UvJf+MlXm/fccxPYTltj+NPynn
0sGN365LgYZzm9CNfmJ4+oGxOSeGwgsM8wmoZU6KZpH/cpDKOo4YLUCFU/1NfhNy
2K2W2QosUs/usNVX6TtnULrySWSN6OOScT4zAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUlv7TkOQLM2yovvn9kUHmYlWY5TwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2x2N1RrT1FMTTJ5b3Z2
bjlrVUhtWWxXWTVUdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIT/HjJ/mNmcQxTL
jhXA1BG5wp2fqoYBQMt7jtLWKNZnNAzX86XBMdetygmFAUOV1Cvn7443QifbYDm7
lZGHnfSvJKutUtOf9a7qomQJGcPJ0hoR4nawUBY0/SWjgbBvwrBWUjxJXhhyUo/g
Iz9TKHFHReckDKNP/kD6cCelTOJhpiT0lcFg8mU9eyJxTSOIWkrl2ZR94ZzNrkH1
Ki4VmYeU7OmY3cBugEuhhRz5HdGmj0520EUQQCaBfR/l2ZXU4zGQbEbHaV7vvzhx
/J3PZW5Twax3dFNwOMyUOqw04B1m33WSG15DUomFL69ktj8puMzsbKdsAVd2AfL3
GjOVdcw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:42 2025 by rpki-client