Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/s2Tv1n6Qmr8XXPgXW9W1kqTjljI.roa
File: s2Tv1n6Qmr8XXPgXW9W1kqTjljI.roa (raw, json)
Hash identifier: jxbR3mNegxVjCMEy8m/Hzv95LvMbvaaYsmC4uGVQ3S0=
Subject key identifier: B3:64:EF:D6:7E:90:9A:BF:17:5C:F8:17:5B:D5:B5:92:A4:E3:96:32
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 42DD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/s2Tv1n6Qmr8XXPgXW9W1kqTjljI.roa
Signing time: Wed 17 Apr 2024 17:52:59 +0000
ROA not before: Wed 17 Apr 2024 17:52:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17117 (0x42dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 17:52:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B364EFD67E909ABF175CF8175BD5B592A4E39632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1f:f9:f5:4d:54:e9:bf:15:3f:f2:7e:2e:0e:
04:74:ef:fc:c7:c4:96:48:70:4e:a1:e6:00:36:01:
93:73:e3:58:db:c7:05:ed:de:0f:6c:f9:68:f1:77:
d3:d7:25:8d:e4:51:9f:0b:50:2b:72:cc:73:96:5d:
00:95:65:00:3f:1c:73:f4:99:e9:96:ed:55:43:40:
5c:9a:09:62:e6:33:b6:12:4a:5d:89:10:be:d0:a5:
2e:2f:82:bf:ac:a4:d4:37:6a:29:a1:e4:88:d5:1b:
5a:b6:27:df:33:5c:86:8f:f9:d5:8b:76:54:9b:df:
8a:37:39:0d:ed:09:6d:b5:2c:37:41:ec:ba:1f:9d:
52:72:63:48:40:d9:ca:00:9d:6a:e0:e1:76:8f:29:
ef:8c:8f:a1:10:72:af:24:49:3b:64:1c:db:7f:7d:
8b:41:42:b2:8b:64:27:0c:9b:37:f8:ab:42:6c:89:
f2:2a:fe:0b:8d:05:24:f2:d5:ff:bb:55:13:bc:64:
ee:4e:b4:f4:7d:88:af:41:d9:4c:1f:8f:80:df:c3:
af:a2:b1:4b:29:26:1f:2f:ad:29:a4:8b:b6:28:2a:
a2:05:c1:e9:ac:65:31:ad:80:ca:a5:32:48:39:c4:
74:33:ca:cc:9a:39:94:54:f2:51:ad:4d:88:4d:b6:
e1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:64:EF:D6:7E:90:9A:BF:17:5C:F8:17:5B:D5:B5:92:A4:E3:96:32
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/s2Tv1n6Qmr8XXPgXW9W1kqTjljI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4f:b0:04:43:82:00:e8:4a:cf:36:44:3a:9d:fc:4d:db:0e:55:
82:66:ce:44:9d:1e:f3:e9:77:8b:70:f2:1f:9e:5b:c9:9f:2e:
ef:5b:e7:42:39:6a:a6:f1:ac:26:eb:e8:a9:38:1a:38:d3:81:
da:25:4e:f9:40:5d:f1:5d:23:9c:00:a8:5f:80:af:08:66:c2:
78:6c:e2:90:21:fe:0e:c1:07:ef:c8:32:09:9d:8b:2a:e3:96:
d3:7a:ee:c8:db:40:64:ae:11:81:0a:a0:32:7a:b7:d9:21:a2:
2a:5e:8e:c2:2b:f7:fe:19:d9:d1:f6:e2:f3:d1:07:4e:cf:c0:
a3:51:96:c0:a6:3a:69:5b:e1:52:92:75:09:21:b4:5a:fe:5e:
04:64:f6:0f:bd:a0:2f:b3:77:a8:08:09:7f:31:7b:c6:49:0b:
1e:9c:36:60:d2:02:de:a2:8a:31:7c:73:d1:f2:bd:57:84:2f:
d7:87:eb:1c:15:79:34:0e:96:36:b0:de:07:7d:98:60:bd:7f:
b4:f4:67:86:0f:ce:5a:99:e2:bf:21:f2:e4:d2:84:12:2c:10:
78:2a:be:d2:e1:cf:3e:6d:54:4b:36:ea:d0:69:60:1e:7b:d4:
f7:cb:c1:20:0c:8c:a1:0b:57:c5:b2:60:79:29:7d:27:58:b9:
22:bb:39:14
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQt0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcx
NzUyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIzNjRFRkQ2N0U5MDlB
QkYxNzVDRjgxNzVCRDVCNTkyQTRFMzk2MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdH/n1TVTpvxU/8n4uDgR07/zHxJZIcE6h5gA2AZNz41jbxwXt
3g9s+Wjxd9PXJY3kUZ8LUCtyzHOWXQCVZQA/HHP0memW7VVDQFyaCWLmM7YSSl2J
EL7QpS4vgr+spNQ3aimh5IjVG1q2J98zXIaP+dWLdlSb34o3OQ3tCW21LDdB7Lof
nVJyY0hA2coAnWrg4XaPKe+Mj6EQcq8kSTtkHNt/fYtBQrKLZCcMmzf4q0JsifIq
/guNBSTy1f+7VRO8ZO5OtPR9iK9B2Uwfj4Dfw6+isUspJh8vrSmki7YoKqIFwems
ZTGtgMqlMkg5xHQzysyaOZRU8lGtTYhNtuEhAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUs2Tv1n6Qmr8XXPgXW9W1kqTjljIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3MyVHYxbjZRbXI4WFhQ
Z1hXOVcxa3FUamxqSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAE+wBEOCAOhKzzZE
Op38TdsOVYJmzkSdHvPpd4tw8h+eW8mfLu9b50I5aqbxrCbr6Kk4GjjTgdolTvlA
XfFdI5wAqF+Arwhmwnhs4pAh/g7BB+/IMgmdiyrjltN67sjbQGSuEYEKoDJ6t9kh
oipejsIr9/4Z2dH24vPRB07PwKNRlsCmOmlb4VKSdQkhtFr+XgRk9g+9oC+zd6gI
CX8xe8ZJCx6cNmDSAt6iijF8c9HyvVeEL9eH6xwVeTQOljaw3gd9mGC9f7T0Z4YP
zlqZ4r8h8uTShBIsEHgqvtLhzz5tVEs26tBpYB571PfLwSAMjKELV8WyYHkpfSdY
uSK7ORQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:39 2025 by rpki-client