Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vgrxHn-Z-0f5Ey4oShkQ0mJa6YM.roa
File: vgrxHn-Z-0f5Ey4oShkQ0mJa6YM.roa (raw, json)
Hash identifier: Hi0hnf4OIVGsSgWT58Jirz/36evMhwUNgJVLAvJVdXA=
Subject key identifier: BE:0A:F1:1E:7F:99:FB:47:F9:13:2E:28:4A:19:10:D2:62:5A:E9:83
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4AE9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vgrxHn-Z-0f5Ey4oShkQ0mJa6YM.roa
Signing time: Sun 28 Apr 2024 11:23:30 +0000
ROA not before: Sun 28 Apr 2024 11:23:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19177 (0x4ae9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 11:23:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BE0AF11E7F99FB47F9132E284A1910D2625AE983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:32:a7:72:15:d7:29:e4:c6:4c:10:e4:fd:18:
9f:bb:3c:b8:67:4f:0a:5f:fd:01:b1:40:5f:a7:72:
20:5b:3c:9d:c3:eb:0b:8d:a0:ea:b2:4b:f4:9e:ad:
b1:28:96:c1:f4:d5:d7:66:e8:d7:a9:a8:c1:68:d1:
32:f6:b5:05:8f:8a:be:fa:00:f8:e3:4e:13:22:0f:
ef:d7:3b:6b:0c:58:63:6f:b5:69:a7:2a:ee:f3:ba:
d4:00:4f:77:6b:10:bd:d5:46:66:ad:f0:4b:35:6b:
39:ec:cc:cb:bb:ad:ad:fd:ab:61:23:7b:bf:9c:8b:
ec:1f:dd:71:80:df:bd:4c:f9:23:1a:08:f8:f7:c3:
e8:c0:6b:fe:7d:7f:9f:dc:64:16:1c:86:00:15:68:
11:bc:f3:bc:38:5c:5b:1b:41:9b:19:01:36:6a:2d:
3e:56:5f:1a:f7:fe:4f:68:ba:b1:bb:3a:40:7d:21:
b0:61:9a:e7:d4:69:e0:93:78:ab:0c:a9:59:f9:e8:
67:e4:58:40:2b:00:3b:75:47:81:6c:14:21:5f:0c:
d4:c5:8a:6c:15:81:b1:fd:34:99:14:94:64:44:99:
5c:14:5d:af:75:65:85:1c:4d:ce:05:b5:2d:c4:24:
7f:94:b9:3c:ae:00:d9:36:99:d3:8d:7f:28:69:4d:
1b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:0A:F1:1E:7F:99:FB:47:F9:13:2E:28:4A:19:10:D2:62:5A:E9:83
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vgrxHn-Z-0f5Ey4oShkQ0mJa6YM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
ad:ab:a5:98:44:c5:d4:d9:8d:4c:93:c8:94:ec:ce:28:7f:45:
e0:a8:47:e7:27:b6:99:4f:4f:c4:62:40:9c:e9:81:d7:82:9a:
c9:d2:68:6f:39:92:ff:1d:e9:99:5c:f6:2e:e7:28:64:37:e7:
07:a1:63:42:3f:a9:74:ae:b6:c3:3a:54:06:ca:9a:b2:6d:fa:
4d:ec:da:17:5d:e8:39:0c:75:de:42:4d:0c:89:dd:df:63:18:
d4:0b:a3:fc:a8:ce:40:11:97:27:79:a6:78:11:88:d3:de:25:
80:5b:b4:87:82:9d:65:c2:ad:7e:ca:7e:24:1c:1e:c4:22:11:
71:23:7b:c8:52:0c:4d:12:84:a9:d7:cc:b8:cb:65:08:46:9b:
24:8e:7a:00:64:b5:4b:ea:3d:2e:45:a4:f0:37:db:a9:fa:5b:
71:d3:42:47:7f:a7:13:bf:af:87:9a:35:e4:f3:11:85:fe:32:
ec:bf:92:59:57:22:e3:7d:89:5c:ff:9a:06:80:71:e1:32:54:
b9:d6:1d:79:c7:5d:df:bd:dc:bf:83:d7:5f:1b:8d:1b:68:8a:
00:be:0f:71:31:d2:48:fd:0f:1b:95:49:30:e8:db:19:25:e1:
43:f6:ff:a1:cc:83:a6:4b:bb:9c:de:3e:92:11:2e:92:04:09:
dd:54:e2:e0
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSukwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgx
MTIzMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJFMEFGMTFFN0Y5OUZC
NDdGOTEzMkUyODRBMTkxMEQyNjI1QUU5ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+MqdyFdcp5MZMEOT9GJ+7PLhnTwpf/QGxQF+nciBbPJ3D6wuN
oOqyS/SerbEolsH01ddm6NepqMFo0TL2tQWPir76APjjThMiD+/XO2sMWGNvtWmn
Ku7zutQAT3drEL3VRmat8Es1aznszMu7ra39q2Eje7+ci+wf3XGA371M+SMaCPj3
w+jAa/59f5/cZBYchgAVaBG887w4XFsbQZsZATZqLT5WXxr3/k9ourG7OkB9IbBh
mufUaeCTeKsMqVn56GfkWEArADt1R4FsFCFfDNTFimwVgbH9NJkUlGREmVwUXa91
ZYUcTc4FtS3EJH+UuTyuANk2mdONfyhpTRtDAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUvgrxHn+Z+0f5Ey4oShkQ0mJa6YMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZncnhIbi1aLTBmNUV5
NG9TaGtRMG1KYTZZTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAK2rpZhExdTZjUyT
yJTszih/ReCoR+cntplPT8RiQJzpgdeCmsnSaG85kv8d6Zlc9i7nKGQ35wehY0I/
qXSutsM6VAbKmrJt+k3s2hdd6DkMdd5CTQyJ3d9jGNQLo/yozkARlyd5pngRiNPe
JYBbtIeCnWXCrX7KfiQcHsQiEXEje8hSDE0ShKnXzLjLZQhGmySOegBktUvqPS5F
pPA326n6W3HTQkd/pxO/r4eaNeTzEYX+Muy/kllXIuN9iVz/mgaAceEyVLnWHXnH
Xd+93L+D118bjRtoigC+D3Ex0kj9DxuVSTDo2xkl4UP2/6HMg6ZLu5zePpIRLpIE
Cd1U4uA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:07 2025 by rpki-client