Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/y4SLFN6Gq3C0-BgBUJiKR3e4oq8.roa
File: y4SLFN6Gq3C0-BgBUJiKR3e4oq8.roa (raw, json)
Hash identifier: sZXDEkkaHGSYO35wfaMuj5tHsuolT7lN+SYrIf6s3Hk=
Subject key identifier: CB:84:8B:14:DE:86:AB:70:B4:F8:18:01:50:98:8A:47:77:B8:A2:AF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DB1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/y4SLFN6Gq3C0-BgBUJiKR3e4oq8.roa
Signing time: Thu 02 May 2024 04:23:42 +0000
ROA not before: Thu 02 May 2024 04:23:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19889 (0x4db1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 04:23:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CB848B14DE86AB70B4F8180150988A4777B8A2AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e2:a2:45:b1:e6:f0:99:8e:30:2e:3e:1f:0d:
2b:8b:e8:3a:13:1f:02:9d:a3:c4:94:ca:24:10:b6:
6a:ad:c3:55:c8:39:78:cd:4b:1b:8a:67:c6:b8:bb:
d9:91:ee:7b:94:18:99:ed:3d:05:fc:b9:cf:1a:c5:
fd:7d:db:d3:fb:21:35:4f:17:a2:f4:65:34:89:b0:
6b:7d:84:1a:b4:0b:73:41:15:76:aa:86:40:46:ef:
89:cf:f0:6f:4f:41:66:ac:c8:9b:41:71:1a:37:da:
80:18:78:7c:fa:a5:43:7e:96:ea:54:ad:0d:ca:15:
ed:f5:c0:92:2a:39:4d:52:d8:65:f9:23:86:01:7f:
c8:6d:24:d8:49:d6:94:2e:ea:8f:54:b6:16:26:4c:
41:4e:a5:d2:bf:fa:74:7e:f4:81:9a:08:71:6d:50:
52:f0:54:fb:37:30:86:31:60:27:6e:32:23:87:a9:
0c:6d:b0:73:ee:85:4e:65:3f:5a:28:0e:93:59:b1:
82:48:23:b7:33:42:0a:07:b2:4e:b3:35:62:91:9b:
b3:3f:62:ce:14:45:ab:ea:d1:ce:cb:79:3e:a5:d1:
74:53:9e:7b:cf:3a:9c:58:cd:1f:bb:51:93:4b:25:
19:75:46:0a:3a:8c:15:76:58:40:47:31:4f:ab:1d:
ff:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:84:8B:14:DE:86:AB:70:B4:F8:18:01:50:98:8A:47:77:B8:A2:AF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/y4SLFN6Gq3C0-BgBUJiKR3e4oq8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
ae:1e:45:b6:b4:46:e6:27:5c:bd:7c:6f:68:91:04:a0:40:d0:
6a:fa:63:97:d1:6c:b6:b6:59:49:55:44:2e:71:7f:51:88:6d:
c4:5e:51:b3:cb:5d:10:bc:93:b2:42:f6:69:da:5b:19:86:b4:
a3:93:c6:66:fa:c0:3c:f7:6f:bf:8d:54:2b:de:25:6c:08:c6:
01:02:78:83:c4:1e:7a:b2:65:2e:38:d3:5b:30:ec:dd:e1:5a:
23:4a:35:52:db:6d:14:9a:0c:59:b7:ae:79:f2:4c:7e:7e:aa:
b6:14:1b:95:a7:c7:08:5e:a6:ba:29:d2:b0:d9:e3:45:a3:a4:
ad:9e:90:e3:32:34:e5:44:f3:d8:3d:7e:43:f7:db:fb:8a:66:
14:81:4e:6f:28:68:05:e9:9a:23:a4:70:92:c0:ed:60:53:7f:
0f:c6:d2:99:be:55:23:3e:bd:d0:45:ce:bb:dc:31:fc:85:67:
c0:a6:eb:69:65:12:ad:10:bd:31:a4:dc:71:80:2c:52:81:b5:
ee:f6:97:af:13:36:e4:6c:51:d2:b7:72:c2:5d:81:13:c9:ca:
ac:db:3c:63:9c:4c:81:53:97:5a:1b:18:a8:b7:dd:7c:c3:dd:
0e:93:1e:bf:53:4e:e2:42:90:c3:37:08:b9:a1:cb:51:06:e0:
39:1e:47:a3
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTbEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIw
NDIzNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENCODQ4QjE0REU4NkFC
NzBCNEY4MTgwMTUwOTg4QTQ3NzdCOEEyQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD4qJFsebwmY4wLj4fDSuL6DoTHwKdo8SUyiQQtmqtw1XIOXjN
SxuKZ8a4u9mR7nuUGJntPQX8uc8axf1929P7ITVPF6L0ZTSJsGt9hBq0C3NBFXaq
hkBG74nP8G9PQWasyJtBcRo32oAYeHz6pUN+lupUrQ3KFe31wJIqOU1S2GX5I4YB
f8htJNhJ1pQu6o9UthYmTEFOpdK/+nR+9IGaCHFtUFLwVPs3MIYxYCduMiOHqQxt
sHPuhU5lP1ooDpNZsYJII7czQgoHsk6zNWKRm7M/Ys4URavq0c7LeT6l0XRTnnvP
OpxYzR+7UZNLJRl1Rgo6jBV2WEBHMU+rHf9tAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUy4SLFN6Gq3C0+BgBUJiKR3e4oq8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3k0U0xGTjZHcTNDMC1C
Z0JVSmlLUjNlNG9xOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAK4eRba0RuYnXL18
b2iRBKBA0Gr6Y5fRbLa2WUlVRC5xf1GIbcReUbPLXRC8k7JC9mnaWxmGtKOTxmb6
wDz3b7+NVCveJWwIxgECeIPEHnqyZS4401sw7N3hWiNKNVLbbRSaDFm3rnnyTH5+
qrYUG5Wnxwheprop0rDZ40WjpK2ekOMyNOVE89g9fkP32/uKZhSBTm8oaAXpmiOk
cJLA7WBTfw/G0pm+VSM+vdBFzrvcMfyFZ8Cm62llEq0QvTGk3HGALFKBte72l68T
NuRsUdK3csJdgRPJyqzbPGOcTIFTl1obGKi33XzD3Q6THr9TTuJCkMM3CLmhy1EG
4DkeR6M=
-----END CERTIFICATE-----
Generated at Mon Apr 14 06:22:45 2025 by rpki-client