Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tzQvqVyGGLuIMhaJGXMHaxeETDI.roa
File: tzQvqVyGGLuIMhaJGXMHaxeETDI.roa (raw, json)
Hash identifier: L1qS7tNl8f5tNOybkPUOb6M0VqAAi5I5ruRormyfL5c=
Subject key identifier: B7:34:2F:A9:5C:86:18:BB:88:32:16:89:19:73:07:6B:17:84:4C:32
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5129
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tzQvqVyGGLuIMhaJGXMHaxeETDI.roa
Signing time: Mon 06 May 2024 19:24:01 +0000
ROA not before: Mon 06 May 2024 19:24:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20777 (0x5129)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 6 19:24:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B7342FA95C8618BB883216891973076B17844C32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3c:57:bb:da:3e:18:bb:97:0e:f9:f7:d3:19:
d0:cf:c4:c1:06:52:cd:23:fa:80:15:a3:be:17:f7:
c2:a2:96:aa:34:52:df:f1:a7:ea:d2:1a:0c:5c:a3:
c5:79:41:65:5f:aa:20:01:bd:42:86:05:35:44:be:
80:76:f1:c9:36:dd:62:5e:06:96:56:cc:d4:34:59:
cb:0f:c0:be:72:90:44:79:5f:38:d8:be:99:09:4f:
8b:a5:97:23:ac:f7:ce:25:08:76:b0:50:e5:c3:30:
9b:12:2a:99:be:15:cd:4f:61:8b:27:e4:ee:d1:68:
72:a0:4e:a2:c4:98:a9:36:0e:c3:d0:28:10:96:b4:
85:f1:16:77:94:5e:fb:5c:cd:ca:80:44:35:b5:5c:
e6:b8:67:36:08:3e:eb:02:cc:e2:de:50:18:f7:37:
db:65:b9:46:5b:63:9e:c4:1a:07:fc:15:c7:c6:d5:
97:d1:79:40:15:d3:99:f1:d5:f1:cc:b2:26:64:97:
8e:62:54:dc:47:21:40:a1:bc:26:0a:a5:ea:e9:5c:
e9:8f:ed:a2:55:89:86:d5:ef:cb:0c:b0:c7:59:1e:
38:d8:69:4f:51:30:8d:95:39:77:25:0d:65:43:dd:
bf:72:59:81:b7:d6:75:c5:17:a9:3e:86:19:c5:c7:
19:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:34:2F:A9:5C:86:18:BB:88:32:16:89:19:73:07:6B:17:84:4C:32
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tzQvqVyGGLuIMhaJGXMHaxeETDI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
01:f3:82:f0:f5:ae:e2:02:34:cd:25:d1:61:e2:b6:5b:8b:21:
d4:70:2d:2e:8d:3c:db:0b:f0:d3:f9:c4:09:ce:4e:27:cd:ec:
ec:3d:87:48:26:27:d8:bf:3b:77:51:12:c1:a5:11:24:4f:48:
91:35:cb:85:2c:28:aa:9b:60:26:12:c0:47:65:c9:c6:f2:81:
43:3e:b0:07:89:e0:92:00:7b:6a:2f:dd:e5:c2:9a:dd:1b:35:
0c:ce:9c:d5:3b:af:39:8f:34:80:6b:9f:81:dc:bd:2b:31:0c:
20:e9:52:90:e2:ac:c5:37:12:2c:b9:53:81:84:17:4b:5d:ec:
c0:94:01:67:7d:74:6f:f9:63:31:35:73:85:4e:ff:75:3a:a0:
4b:24:df:c1:53:64:02:68:f0:95:f0:9e:0a:96:0c:db:ab:82:
9e:fc:8e:ab:1e:72:72:a7:0e:4d:7f:da:9d:8c:f4:b9:42:21:
88:b4:73:de:cc:6c:f1:cb:1e:2f:cf:46:4c:48:fa:1c:4b:ea:
d2:90:ef:6a:f0:b6:d5:31:a7:25:b4:f3:97:64:32:53:f2:ff:
16:09:ed:f6:4b:60:18:d7:89:09:a2:31:3a:2a:80:5a:68:2c:
7a:a3:ac:83:45:e7:29:56:f7:69:b1:b5:55:c2:58:d7:2d:69:
f4:cf:a9:17
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUSkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYx
OTI0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI3MzQyRkE5NUM4NjE4
QkI4ODMyMTY4OTE5NzMwNzZCMTc4NDRDMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNPFe72j4Yu5cO+ffTGdDPxMEGUs0j+oAVo74X98Kilqo0Ut/x
p+rSGgxco8V5QWVfqiABvUKGBTVEvoB28ck23WJeBpZWzNQ0WcsPwL5ykER5XzjY
vpkJT4ullyOs984lCHawUOXDMJsSKpm+Fc1PYYsn5O7RaHKgTqLEmKk2DsPQKBCW
tIXxFneUXvtczcqARDW1XOa4ZzYIPusCzOLeUBj3N9tluUZbY57EGgf8FcfG1ZfR
eUAV05nx1fHMsiZkl45iVNxHIUChvCYKperpXOmP7aJViYbV78sMsMdZHjjYaU9R
MI2VOXclDWVD3b9yWYG31nXFF6k+hhnFxxl3AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUtzQvqVyGGLuIMhaJGXMHaxeETDIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3R6UXZxVnlHR0x1SU1o
YUpHWE1IYXhlRVRESS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAHzgvD1ruICNM0l
0WHitluLIdRwLS6NPNsL8NP5xAnOTifN7Ow9h0gmJ9i/O3dREsGlESRPSJE1y4Us
KKqbYCYSwEdlycbygUM+sAeJ4JIAe2ov3eXCmt0bNQzOnNU7rzmPNIBrn4HcvSsx
DCDpUpDirMU3Eiy5U4GEF0td7MCUAWd9dG/5YzE1c4VO/3U6oEsk38FTZAJo8JXw
ngqWDNurgp78jqsecnKnDk1/2p2M9LlCIYi0c97MbPHLHi/PRkxI+hxL6tKQ72rw
ttUxpyW085dkMlPy/xYJ7fZLYBjXiQmiMToqgFpoLHqjrINF5ylW92mxtVXCWNct
afTPqRc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:49:43 2025 by rpki-client