Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/x6qMJEywGmcs6vZw6haUepLbtJs.roa
File: x6qMJEywGmcs6vZw6haUepLbtJs.roa (raw, json)
Hash identifier: pZSae/RVCSYbxTo9yHDyLDqJuUeAKZWJqE1k1KAkmD8=
Subject key identifier: C7:AA:8C:24:4C:B0:1A:67:2C:EA:F6:70:EA:16:94:7A:92:DB:B4:9B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D6D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/x6qMJEywGmcs6vZw6haUepLbtJs.roa
Signing time: Wed 01 May 2024 19:53:39 +0000
ROA not before: Wed 01 May 2024 19:53:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19821 (0x4d6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 19:53:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C7AA8C244CB01A672CEAF670EA16947A92DBB49B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8a:8a:bd:6f:e7:13:4d:fc:4c:28:f0:43:34:
e5:6a:c7:73:91:69:e3:cb:b4:64:00:66:49:b4:d0:
b7:d8:72:df:de:89:74:34:55:f1:b2:44:f2:4a:e9:
fa:d4:b0:f9:df:71:9f:68:d9:fa:ab:99:f7:94:92:
f6:aa:a5:c7:6d:8a:6d:7a:44:3d:07:e1:07:28:15:
9f:39:eb:e8:b8:e4:be:cd:f0:89:5e:17:a2:82:f1:
cd:2b:17:35:77:6b:17:3c:d3:ff:75:16:32:fb:d2:
2e:a9:52:05:5c:64:24:86:96:e1:86:dc:ab:f8:da:
cd:64:04:b8:ef:1b:23:d4:45:f4:a4:71:bb:ed:17:
31:28:9e:af:80:20:7f:00:b8:cc:36:7e:15:ad:00:
39:82:99:8f:d3:b8:16:13:79:d0:75:37:f4:55:18:
ab:da:ef:01:6c:19:0c:58:b0:61:bc:44:42:72:34:
bc:a6:3f:4c:9c:13:cf:64:1f:20:20:8d:f0:9e:4e:
70:19:3b:1a:0d:36:f1:fa:8c:f5:58:40:68:dd:7b:
08:b8:0b:87:af:71:55:7f:f4:7f:94:98:7b:dd:af:
25:77:e8:8c:88:42:d1:96:99:15:99:d0:ac:95:dd:
3d:62:d2:aa:f6:08:9d:46:e8:19:87:cd:66:1b:ad:
81:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:AA:8C:24:4C:B0:1A:67:2C:EA:F6:70:EA:16:94:7A:92:DB:B4:9B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/x6qMJEywGmcs6vZw6haUepLbtJs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9e:d3:08:fa:ec:f9:e8:0a:37:9c:8f:ae:9e:32:50:b1:7b:a4:
6e:50:1c:18:55:12:03:4e:87:36:5e:d4:f9:87:ad:f5:50:42:
31:82:61:d9:ef:40:bc:58:6d:13:32:79:4c:5a:b2:08:dc:b3:
8a:35:82:ce:4a:48:52:3b:2c:04:21:47:62:68:fd:9c:6b:49:
90:7d:47:f4:24:c5:cb:54:fd:8a:b6:ca:68:64:22:e4:3f:b8:
3d:ad:75:88:0b:82:c0:e4:d7:8b:d6:6f:7e:2a:f0:83:2b:e1:
9f:7f:a9:3c:ef:ba:72:ae:ee:95:86:e9:ca:72:ba:94:ee:40:
e3:b0:f2:c4:c3:2c:af:65:d7:fe:00:bf:ec:e5:27:b7:4b:98:
ad:9a:fb:19:73:87:37:95:e6:65:d8:40:47:6f:72:94:2f:24:
f0:8a:bd:6d:22:dd:5d:0d:3f:bd:6f:73:8f:da:ba:21:a3:08:
12:4d:9f:64:e2:61:60:02:5a:16:19:2f:07:72:ca:94:00:c6:
9b:d0:07:6b:04:37:9e:01:78:31:b4:2f:83:07:7a:ce:9e:6c:
b6:97:5a:a8:98:48:80:55:4a:33:70:79:90:f8:8f:4e:15:cb:
28:3b:52:b6:04:d6:64:09:1b:8e:d8:a3:c4:e7:2c:a0:f4:15:
90:f0:ea:21
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTW0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEx
OTUzMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM3QUE4QzI0NENCMDFB
NjcyQ0VBRjY3MEVBMTY5NDdBOTJEQkI0OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsioq9b+cTTfxMKPBDNOVqx3ORaePLtGQAZkm00LfYct/eiXQ0
VfGyRPJK6frUsPnfcZ9o2fqrmfeUkvaqpcdtim16RD0H4QcoFZ856+i45L7N8Ile
F6KC8c0rFzV3axc80/91FjL70i6pUgVcZCSGluGG3Kv42s1kBLjvGyPURfSkcbvt
FzEonq+AIH8AuMw2fhWtADmCmY/TuBYTedB1N/RVGKva7wFsGQxYsGG8REJyNLym
P0ycE89kHyAgjfCeTnAZOxoNNvH6jPVYQGjdewi4C4evcVV/9H+UmHvdryV36IyI
QtGWmRWZ0KyV3T1i0qr2CJ1G6BmHzWYbrYFRAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUx6qMJEywGmcs6vZw6haUepLbtJswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3g2cU1KRXl3R21jczZ2
Wnc2aGFVZXBMYnRKcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJ7TCPrs+egKN5yP
rp4yULF7pG5QHBhVEgNOhzZe1PmHrfVQQjGCYdnvQLxYbRMyeUxasgjcs4o1gs5K
SFI7LAQhR2Jo/ZxrSZB9R/QkxctU/Yq2ymhkIuQ/uD2tdYgLgsDk14vWb34q8IMr
4Z9/qTzvunKu7pWG6cpyupTuQOOw8sTDLK9l1/4Av+zlJ7dLmK2a+xlzhzeV5mXY
QEdvcpQvJPCKvW0i3V0NP71vc4/auiGjCBJNn2TiYWACWhYZLwdyypQAxpvQB2sE
N54BeDG0L4MHes6ebLaXWqiYSIBVSjNweZD4j04Vyyg7UrYE1mQJG47Yo8TnLKD0
FZDw6iE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:16 2025 by rpki-client