Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zhIEpYdNGKHTq-i4Eqgyo3R1rZQ.roa
File: zhIEpYdNGKHTq-i4Eqgyo3R1rZQ.roa (raw, json)
Hash identifier: 9FZZmQCNuS8ow5KGSPzpcfk3/dpZk65wQ8LC5pWb2Xw=
Subject key identifier: CE:12:04:A5:87:4D:18:A1:D3:AB:E8:B8:12:A8:32:A3:74:75:AD:94
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 556D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zhIEpYdNGKHTq-i4Eqgyo3R1rZQ.roa
Signing time: Sun 12 May 2024 11:54:12 +0000
ROA not before: Sun 12 May 2024 11:54:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21869 (0x556d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 11:54:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CE1204A5874D18A1D3ABE8B812A832A37475AD94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:16:30:92:57:92:3c:ae:5d:8f:da:32:1a:1c:
fc:f1:45:ad:16:8a:d3:66:01:74:1d:5f:64:95:51:
23:67:7b:3b:97:5c:28:81:7a:f5:23:07:d8:eb:8c:
50:a7:17:20:4a:67:47:c0:8f:c0:b6:7f:44:0a:55:
b6:b0:3b:f4:2f:f1:f6:b9:f2:d3:f7:2c:02:f2:47:
9f:78:af:72:3e:29:f0:f2:08:9f:3e:41:d0:dc:b6:
97:6f:6b:fa:ec:bb:03:ab:4b:2d:eb:66:e6:54:0f:
94:5c:82:8c:34:f1:83:ec:de:b2:69:63:ab:0b:6a:
ac:7b:e0:51:38:56:3f:14:dd:9d:69:19:62:c3:3b:
fc:32:83:76:a3:39:0a:6d:8b:d3:4a:c9:0d:c8:4f:
20:8d:47:d8:48:f1:fd:3f:75:cc:23:2c:ec:94:85:
7d:76:4a:5b:e2:d2:0a:ef:ee:af:43:55:90:b0:d0:
f2:e2:64:5c:e8:f6:24:18:c2:4a:49:cf:14:5b:ab:
bd:c7:91:31:ce:7c:ee:ab:76:54:5e:21:d1:7b:0a:
b1:9b:2d:ee:62:8b:3b:a5:37:71:2c:7f:52:a2:17:
af:2e:2b:19:fa:30:79:44:f0:32:25:26:a4:65:3d:
b0:1b:5e:2a:0d:82:2f:92:a7:af:05:1d:2e:0b:a3:
58:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:12:04:A5:87:4D:18:A1:D3:AB:E8:B8:12:A8:32:A3:74:75:AD:94
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zhIEpYdNGKHTq-i4Eqgyo3R1rZQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
81:6d:81:9f:5c:08:f0:cf:db:93:13:3a:80:c6:f9:fd:84:26:
d8:67:03:6a:40:43:f2:25:80:80:fc:5b:a3:a2:20:41:e7:54:
bb:cd:e3:04:b6:4b:73:d8:8d:d4:28:dd:24:39:47:b8:cf:45:
06:d3:5e:67:b3:ce:25:33:dc:7f:db:6e:cb:4e:aa:30:79:83:
89:ab:5e:ca:d0:c0:5a:e5:fe:1c:da:6b:50:84:32:83:fd:25:
14:4c:e3:4d:0d:0b:08:76:71:b8:97:c9:4a:c6:d2:bb:57:9d:
86:9e:4d:7a:0e:67:9a:54:2b:9e:7e:72:34:d0:48:4c:52:59:
43:11:5e:34:6d:89:0e:c4:f9:95:03:69:03:3d:7e:d8:84:2a:
81:7e:d7:37:69:ac:b3:0d:c5:d2:e5:10:99:6c:1a:ea:44:dd:
f0:07:b5:ca:05:27:93:6d:ad:0c:a1:76:46:41:00:3e:f5:af:
ff:c5:3d:41:2d:1b:b2:0e:c4:46:c1:9c:ad:cd:87:3b:57:50:
76:7b:4d:e3:de:ee:4e:2f:89:c6:4b:0d:af:98:10:e3:97:67:
0f:d0:a1:0c:a6:99:1b:ed:84:33:9f:75:bf:84:67:aa:f1:e6:
f8:c3:6c:34:43:87:44:fb:f5:c0:96:29:c7:7b:8b:09:a2:8d:
40:85:a1:86
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVW0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIx
MTU0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENFMTIwNEE1ODc0RDE4
QTFEM0FCRThCODEyQTgzMkEzNzQ3NUFEOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9FjCSV5I8rl2P2jIaHPzxRa0WitNmAXQdX2SVUSNnezuXXCiB
evUjB9jrjFCnFyBKZ0fAj8C2f0QKVbawO/Qv8fa58tP3LALyR594r3I+KfDyCJ8+
QdDctpdva/rsuwOrSy3rZuZUD5Rcgow08YPs3rJpY6sLaqx74FE4Vj8U3Z1pGWLD
O/wyg3ajOQpti9NKyQ3ITyCNR9hI8f0/dcwjLOyUhX12Slvi0grv7q9DVZCw0PLi
ZFzo9iQYwkpJzxRbq73HkTHOfO6rdlReIdF7CrGbLe5iizulN3Esf1KiF68uKxn6
MHlE8DIlJqRlPbAbXioNgi+Sp68FHS4Lo1izAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUzhIEpYdNGKHTq+i4Eqgyo3R1rZQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3poSUVwWWROR0tIVHEt
aTRFcWd5bzNSMXJaUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIFtgZ9cCPDP25MT
OoDG+f2EJthnA2pAQ/IlgID8W6OiIEHnVLvN4wS2S3PYjdQo3SQ5R7jPRQbTXmez
ziUz3H/bbstOqjB5g4mrXsrQwFrl/hzaa1CEMoP9JRRM400NCwh2cbiXyUrG0rtX
nYaeTXoOZ5pUK55+cjTQSExSWUMRXjRtiQ7E+ZUDaQM9ftiEKoF+1zdprLMNxdLl
EJlsGupE3fAHtcoFJ5NtrQyhdkZBAD71r//FPUEtG7IOxEbBnK3NhztXUHZ7TePe
7k4vicZLDa+YEOOXZw/QoQymmRvthDOfdb+EZ6rx5vjDbDRDh0T79cCWKcd7iwmi
jUCFoYY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:36 2025 by rpki-client