Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vTKtIkIqEsaAe6PoHFSa01us7XU.roa
File: vTKtIkIqEsaAe6PoHFSa01us7XU.roa (raw, json)
Hash identifier: 9AEutsGj0dAW8dtOz1926kAZ7UJc1l7dQyKgoTyea7c=
Subject key identifier: BD:32:AD:22:42:2A:12:C6:80:7B:A3:E8:1C:54:9A:D3:5B:AC:ED:75
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 408D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vTKtIkIqEsaAe6PoHFSa01us7XU.roa
Signing time: Sun 14 Apr 2024 15:53:23 +0000
ROA not before: Sun 14 Apr 2024 15:53:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16525 (0x408d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 15:53:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BD32AD22422A12C6807BA3E81C549AD35BACED75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ad:bb:fe:aa:9b:da:57:90:f3:66:e1:33:92:
75:e5:56:3e:5c:70:df:29:3c:4c:3b:6f:fb:af:32:
fd:96:1d:00:e2:cf:56:26:8e:5d:fd:39:fe:90:71:
d9:bd:df:d6:c4:84:b2:f2:57:47:ab:a7:6a:eb:d6:
e9:58:2f:62:76:26:82:9b:c4:99:4b:2f:70:c0:1a:
76:a4:c2:0d:ee:76:15:55:ca:57:b7:6b:3d:06:fe:
37:3c:a3:7b:77:84:ba:10:a7:b1:d2:c5:e8:08:a2:
83:96:c3:d5:8a:19:08:f6:bd:73:de:e1:9a:85:18:
7f:6c:32:1f:d0:fe:c3:9e:cd:f4:dc:40:04:f4:09:
2f:68:ac:e0:12:e5:f4:a3:05:93:12:3d:21:11:01:
4e:cb:42:83:df:ad:f4:0a:3a:b3:45:94:dc:47:3a:
8e:6a:d6:6a:c7:df:fe:44:81:34:9e:31:da:08:6b:
3c:bf:95:f0:09:ac:b8:b9:cd:38:4d:b6:8c:d3:7f:
ad:f7:ea:df:57:c5:55:74:05:f0:60:f9:88:e7:9f:
d1:cd:a7:69:56:25:69:f0:05:b9:0f:b3:fb:1c:64:
e1:71:6c:88:b3:5c:8c:66:f1:8a:6f:2e:b9:fa:c8:
5a:2a:b1:b2:a3:42:1b:99:a0:b5:7f:83:53:4d:8e:
c2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:32:AD:22:42:2A:12:C6:80:7B:A3:E8:1C:54:9A:D3:5B:AC:ED:75
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vTKtIkIqEsaAe6PoHFSa01us7XU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
78:45:70:f1:59:e0:10:de:cc:97:bb:e9:a1:85:4c:85:63:08:
ac:c8:3f:68:bf:60:94:57:b3:21:2d:29:08:a1:e5:26:50:f8:
5e:e9:23:14:0e:35:62:46:56:7f:de:c9:c9:b9:db:0b:7c:69:
6f:5a:7e:5d:2c:7b:72:6c:6a:46:1d:35:b6:e9:3f:25:bd:5c:
2d:64:29:11:45:af:bb:55:07:46:a4:92:5e:a7:f2:a8:72:cb:
cb:31:bc:b9:35:9e:e8:6f:53:3d:56:8e:66:a2:47:26:34:e0:
62:2d:24:d5:a4:85:e9:4d:90:83:ce:23:8c:d7:c9:05:85:70:
af:d0:5d:30:1e:88:d3:c6:52:ad:ec:c4:03:75:1f:6a:16:c0:
a9:cd:de:7f:c3:8f:9c:49:9d:ff:35:37:e5:9c:23:bf:6c:29:
e6:d0:2a:1c:ab:4b:37:62:9f:44:d7:3a:d3:f0:0b:31:37:35:
c0:d2:2e:8d:ce:d2:0f:5e:8f:83:79:a5:d5:ff:4b:c5:e6:75:
70:39:74:18:8b:f2:77:12:26:6a:fb:fa:9f:48:1f:f6:20:b5:
26:1f:0f:94:26:17:35:af:43:0e:4c:74:57:ec:e0:78:b4:7a:
78:16:c5:52:e4:66:68:9e:f7:19:eb:8f:42:d1:c3:10:8f:be:
ee:cd:33:45
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQI0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
NTUzMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJEMzJBRDIyNDIyQTEy
QzY4MDdCQTNFODFDNTQ5QUQzNUJBQ0VENzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6rbv+qpvaV5DzZuEzknXlVj5ccN8pPEw7b/uvMv2WHQDiz1Ym
jl39Of6Qcdm939bEhLLyV0erp2rr1ulYL2J2JoKbxJlLL3DAGnakwg3udhVVyle3
az0G/jc8o3t3hLoQp7HSxegIooOWw9WKGQj2vXPe4ZqFGH9sMh/Q/sOezfTcQAT0
CS9orOAS5fSjBZMSPSERAU7LQoPfrfQKOrNFlNxHOo5q1mrH3/5EgTSeMdoIazy/
lfAJrLi5zThNtozTf6336t9XxVV0BfBg+Yjnn9HNp2lWJWnwBbkPs/scZOFxbIiz
XIxm8YpvLrn6yFoqsbKjQhuZoLV/g1NNjsK7AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUvTKtIkIqEsaAe6PoHFSa01us7XUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZUS3RJa0lxRXNhQWU2
UG9IRlNhMDF1czdYVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHhFcPFZ4BDezJe7
6aGFTIVjCKzIP2i/YJRXsyEtKQih5SZQ+F7pIxQONWJGVn/eycm52wt8aW9afl0s
e3JsakYdNbbpPyW9XC1kKRFFr7tVB0akkl6n8qhyy8sxvLk1nuhvUz1WjmaiRyY0
4GItJNWkhelNkIPOI4zXyQWFcK/QXTAeiNPGUq3sxAN1H2oWwKnN3n/Dj5xJnf81
N+WcI79sKebQKhyrSzdin0TXOtPwCzE3NcDSLo3O0g9ej4N5pdX/S8XmdXA5dBiL
8ncSJmr7+p9IH/YgtSYfD5QmFzWvQw5MdFfs4Hi0engWxVLkZmie9xnrj0LRwxCP
vu7NM0U=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:19 2025 by rpki-client