Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/nOeybLazo9lL97jZX7U06bCcD_I.roa
File: nOeybLazo9lL97jZX7U06bCcD_I.roa (raw, json)
Hash identifier: gkIHuSh2cGMtQt7A8KGIV1c5qDos67jmxEzNljJnA5Y=
Subject key identifier: 9C:E7:B2:6C:B6:B3:A3:D9:4B:F7:B8:D9:5F:B5:34:E9:B0:9C:0F:F2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3389
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nOeybLazo9lL97jZX7U06bCcD_I.roa
Signing time: Thu 28 Mar 2024 07:22:04 +0000
ROA not before: Thu 28 Mar 2024 07:22:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13193 (0x3389)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 07:22:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9CE7B26CB6B3A3D94BF7B8D95FB534E9B09C0FF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:df:1f:d3:20:62:fa:57:cc:91:fa:d3:62:81:
d1:2c:08:c2:6a:b3:96:5b:c5:fb:eb:81:71:e8:04:
8a:83:3a:88:13:71:f0:96:2c:d8:38:e2:6e:a9:d4:
45:ce:38:64:39:cf:34:b8:45:b8:85:be:dc:27:94:
21:40:28:c2:0a:e6:7a:0f:85:b0:1f:f1:07:57:5b:
16:47:64:57:19:aa:56:0c:5d:c4:27:d1:89:2e:95:
6f:e7:16:26:ec:1d:c1:bb:e0:f4:16:86:86:1f:af:
a3:4c:5b:8e:0a:7f:ba:58:39:36:eb:4f:e9:83:7f:
18:88:ec:97:35:60:9e:6b:58:f4:61:7f:19:92:8b:
63:5d:8a:ce:36:a6:4b:f8:cc:81:02:44:68:a5:56:
ea:e9:e6:0f:61:af:58:e8:3a:51:c3:79:13:32:b4:
3b:d5:01:e1:28:04:79:a9:00:71:f6:13:0c:30:5a:
6d:e8:b2:8b:6d:90:9c:32:9d:eb:6b:2a:0a:35:2f:
46:e7:2f:fc:05:a6:20:bb:4d:56:ec:4e:56:05:87:
ea:74:9c:54:c3:5e:38:8f:f7:73:eb:f8:6a:ab:21:
6c:16:cc:3c:09:a0:d6:26:d2:e9:75:e2:27:04:47:
de:2d:0c:86:0d:b8:db:9d:4e:c2:e9:54:3b:92:d4:
a7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E7:B2:6C:B6:B3:A3:D9:4B:F7:B8:D9:5F:B5:34:E9:B0:9C:0F:F2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nOeybLazo9lL97jZX7U06bCcD_I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5d:2d:3a:2c:b0:38:15:f9:f8:46:67:df:b0:b1:09:95:a4:51:
71:e6:bd:d7:f0:a7:c7:6f:95:e9:ae:c2:ff:e7:77:1f:eb:b5:
0d:2e:5f:b1:ac:17:32:64:e0:e8:d3:a7:e5:0d:a9:70:33:90:
80:f1:54:d9:9f:27:93:b6:a8:00:1e:73:0a:12:7f:a6:14:69:
d9:57:7e:e1:95:b9:1b:ee:22:66:46:c3:fb:64:3c:63:45:8e:
5a:5f:ca:70:5a:c8:94:5e:79:a1:58:ba:c1:58:07:97:4d:cf:
f7:6d:f9:1f:23:bb:23:2e:60:58:43:da:15:61:39:64:0c:1c:
6a:46:99:07:fc:57:58:a1:80:ae:28:8a:a9:64:1a:cf:94:df:
5c:d9:06:5e:21:c4:12:6f:72:5c:7f:d0:a9:f1:f1:5f:d7:70:
0d:5b:a6:07:44:4b:57:0c:67:de:e6:79:ee:11:d8:d5:27:7f:
c9:3c:58:97:d6:55:3d:7c:d2:e2:6f:69:69:1b:f8:5e:9a:78:
d2:44:b4:36:79:d3:0b:41:5d:bc:8e:e2:24:d7:44:74:10:a6:
bb:de:fc:e0:79:16:54:9d:19:d7:3a:4b:2a:31:72:f0:f2:61:
19:19:9d:72:94:7b:c8:35:f0:fe:6f:6a:48:6c:a2:30:4e:02:
e4:e1:9c:7c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICM4kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgw
NzIyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlDRTdCMjZDQjZCM0Ez
RDk0QkY3QjhEOTVGQjUzNEU5QjA5QzBGRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp3x/TIGL6V8yR+tNigdEsCMJqs5ZbxfvrgXHoBIqDOogTcfCW
LNg44m6p1EXOOGQ5zzS4RbiFvtwnlCFAKMIK5noPhbAf8QdXWxZHZFcZqlYMXcQn
0YkulW/nFibsHcG74PQWhoYfr6NMW44Kf7pYOTbrT+mDfxiI7Jc1YJ5rWPRhfxmS
i2Ndis42pkv4zIECRGilVurp5g9hr1joOlHDeRMytDvVAeEoBHmpAHH2EwwwWm3o
sottkJwynetrKgo1L0bnL/wFpiC7TVbsTlYFh+p0nFTDXjiP93Pr+GqrIWwWzDwJ
oNYm0ul14icER94tDIYNuNudTsLpVDuS1KdlAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUnOeybLazo9lL97jZX7U06bCcD/IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25PZXliTGF6bzlsTDk3
alpYN1UwNmJDY0RfSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAF0tOiywOBX5+EZn
37CxCZWkUXHmvdfwp8dvlemuwv/ndx/rtQ0uX7GsFzJk4OjTp+UNqXAzkIDxVNmf
J5O2qAAecwoSf6YUadlXfuGVuRvuImZGw/tkPGNFjlpfynBayJReeaFYusFYB5dN
z/dt+R8juyMuYFhD2hVhOWQMHGpGmQf8V1ihgK4oiqlkGs+U31zZBl4hxBJvclx/
0Knx8V/XcA1bpgdES1cMZ97mee4R2NUnf8k8WJfWVT180uJvaWkb+F6aeNJEtDZ5
0wtBXbyO4iTXRHQQprve/OB5FlSdGdc6SyoxcvDyYRkZnXKUe8g18P5vakhsojBO
AuThnHw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:13:16 2025 by rpki-client