Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pO7PGjy_XTjAfMbXQxmnraj4j7E.roa
File: pO7PGjy_XTjAfMbXQxmnraj4j7E.roa (raw, json)
Hash identifier: sbj6V6qrvSyFX0gwJDq2AB8aKaiwrbg+525vkqqO4eY=
Subject key identifier: A4:EE:CF:1A:3C:BF:5D:38:C0:7C:C6:D7:43:19:A7:AD:A8:F8:8F:B1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3305
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pO7PGjy_XTjAfMbXQxmnraj4j7E.roa
Signing time: Wed 27 Mar 2024 14:52:28 +0000
ROA not before: Wed 27 Mar 2024 14:52:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13061 (0x3305)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 14:52:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A4EECF1A3CBF5D38C07CC6D74319A7ADA8F88FB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2f:8c:c5:4c:7c:2b:31:e4:95:e3:42:be:33:
54:ef:ed:48:a4:87:90:ef:c3:f8:de:e6:2e:bf:c0:
86:d0:57:ef:c8:bf:84:9d:b7:07:73:fb:89:ed:80:
4d:af:0b:5b:52:69:d4:d0:41:68:25:70:39:33:55:
cc:a5:54:d4:28:c7:11:be:f5:82:eb:81:c2:18:60:
c1:d2:8a:5a:78:a3:32:41:ce:bb:8a:f3:34:dc:fb:
6a:8b:c4:01:9d:c5:ee:96:ee:6a:12:1b:51:cd:2c:
b9:4c:2e:52:c5:c7:5e:2d:5c:78:d5:41:8f:a9:de:
0e:8f:29:12:74:00:41:e4:3b:db:6e:87:58:91:aa:
42:36:5e:3e:f1:04:8f:be:55:bd:cf:44:d5:2c:f3:
f0:a9:97:96:a5:9c:dd:72:21:c0:e7:87:b6:ca:7c:
2a:f6:73:a2:56:23:f0:80:14:a8:f7:33:3c:5f:bb:
84:7b:44:c2:6b:1c:4c:b2:e4:ff:d1:39:e2:3c:ec:
e7:05:3c:9c:74:a7:70:20:62:cf:d9:48:e9:09:6f:
2a:89:a6:e6:42:c0:48:d2:43:b8:eb:71:f7:cf:cb:
66:c6:b9:ee:3e:9c:83:6d:af:16:d7:76:a0:ee:4c:
28:dd:10:b0:0f:71:00:45:38:9e:4b:89:d7:cc:b2:
5b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:EE:CF:1A:3C:BF:5D:38:C0:7C:C6:D7:43:19:A7:AD:A8:F8:8F:B1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pO7PGjy_XTjAfMbXQxmnraj4j7E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6c:87:79:9b:a6:5d:04:de:0b:26:93:4c:94:2f:ec:13:99:51:
97:47:e1:f9:b8:dc:3f:0c:32:df:73:37:bc:a7:98:55:e2:01:
60:5b:7b:03:11:ff:ae:e6:4c:07:2d:71:1a:c6:a2:1f:ec:e8:
fb:e4:2c:48:7c:5e:5f:1e:1a:0a:42:7b:b3:76:57:3c:aa:a9:
49:9d:0f:6f:e3:99:32:fd:7f:34:00:30:fe:42:bb:42:33:d4:
0f:79:7e:35:e5:24:b4:e6:09:26:3d:2a:52:1b:c1:e5:ba:5a:
1a:77:81:f7:de:1e:76:11:e6:e6:3e:e4:b8:13:d6:8c:c6:a6:
f5:8b:9e:11:72:40:c8:bf:61:bc:b7:2d:b2:fc:e4:05:a6:eb:
21:d1:e4:19:7a:d3:69:9f:1a:fb:72:5e:6e:c5:12:8d:a8:2c:
25:3b:c5:1f:39:4f:1e:8b:c8:41:54:50:12:d1:92:77:3c:6e:
5c:1d:b7:2d:b6:9f:a7:05:7a:cf:ce:e1:02:82:27:ee:6d:c0:
f1:9d:a8:68:5c:de:1e:47:26:d6:18:26:96:61:4c:de:7e:5a:
12:d9:7a:f3:53:c3:e4:1f:32:32:aa:a2:3c:5c:ce:e2:7d:f7:
3a:6f:15:44:e1:a4:b1:80:ae:f0:49:35:64:e9:55:4b:ae:88:
a4:03:7b:ee
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICMwUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcx
NDUyMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE0RUVDRjFBM0NCRjVE
MzhDMDdDQzZENzQzMTlBN0FEQThGODhGQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4L4zFTHwrMeSV40K+M1Tv7Uikh5Dvw/je5i6/wIbQV+/Iv4Sd
twdz+4ntgE2vC1tSadTQQWglcDkzVcylVNQoxxG+9YLrgcIYYMHSilp4ozJBzruK
8zTc+2qLxAGdxe6W7moSG1HNLLlMLlLFx14tXHjVQY+p3g6PKRJ0AEHkO9tuh1iR
qkI2Xj7xBI++Vb3PRNUs8/Cpl5alnN1yIcDnh7bKfCr2c6JWI/CAFKj3Mzxfu4R7
RMJrHEyy5P/ROeI87OcFPJx0p3AgYs/ZSOkJbyqJpuZCwEjSQ7jrcffPy2bGue4+
nINtrxbXdqDuTCjdELAPcQBFOJ5LidfMslsxAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUpO7PGjy/XTjAfMbXQxmnraj4j7EwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BPN1BHanlfWFRqQWZN
YlhReG1ucmFqNGo3RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGyHeZumXQTeCyaT
TJQv7BOZUZdH4fm43D8MMt9zN7ynmFXiAWBbewMR/67mTActcRrGoh/s6PvkLEh8
Xl8eGgpCe7N2VzyqqUmdD2/jmTL9fzQAMP5Cu0Iz1A95fjXlJLTmCSY9KlIbweW6
Whp3gffeHnYR5uY+5LgT1ozGpvWLnhFyQMi/Yby3LbL85AWm6yHR5Bl602mfGvty
Xm7FEo2oLCU7xR85Tx6LyEFUUBLRknc8blwdty22n6cFes/O4QKCJ+5twPGdqGhc
3h5HJtYYJpZhTN5+WhLZevNTw+QfMjKqojxczuJ99zpvFUThpLGArvBJNWTpVUuu
iKQDe+4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:17:34 2025 by rpki-client