Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/7JWYNWdIkJtFoX11KbswcDG2Lp0.roa
File: 7JWYNWdIkJtFoX11KbswcDG2Lp0.roa (raw, json)
Hash identifier: VZ9zs08K6upc9u/P48dhJ+fDe+1piMoDBc9ToHhea0E=
Subject key identifier: EC:95:98:35:67:48:90:9B:45:A1:7D:75:29:BB:30:70:31:B6:2E:9D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B8D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7JWYNWdIkJtFoX11KbswcDG2Lp0.roa
Signing time: Sun 07 Apr 2024 23:52:33 +0000
ROA not before: Sun 07 Apr 2024 23:52:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15245 (0x3b8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 23:52:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EC9598356748909B45A17D7529BB307031B62E9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4d:1f:43:89:65:ba:7e:30:d1:ba:e2:8b:91:
2d:ea:92:52:1e:97:d0:45:c9:85:2d:db:63:06:b3:
95:0b:bb:63:a5:69:c5:ee:b6:4c:5b:5f:b5:72:1f:
09:10:f9:58:2f:eb:59:e6:0d:b3:10:1a:bb:1f:2b:
c4:19:bd:77:8a:3d:bd:54:8a:e6:aa:10:15:8f:43:
dd:53:31:6a:f6:54:ae:de:57:6b:23:f9:83:3a:f2:
5b:30:78:59:87:5b:22:8c:a7:31:95:80:b8:89:df:
73:ec:b2:db:1b:46:5f:30:c3:20:50:67:2c:ad:ec:
89:d1:5a:cd:ab:29:9d:c1:df:59:df:36:71:5d:0d:
e9:61:ad:6b:f1:64:6d:b1:87:d4:7f:3a:ce:b0:89:
bd:93:7b:83:82:a2:1b:17:f6:e1:14:22:a8:24:d0:
d2:4a:cb:ed:e7:d0:22:87:8d:77:1b:15:85:21:07:
fc:89:8a:12:60:fc:35:d4:10:a0:b0:a0:47:52:9e:
8c:26:46:e3:cb:d8:7e:83:31:d0:88:79:0c:b2:63:
96:00:44:04:a3:5e:8b:cd:31:73:36:ae:f5:68:19:
3a:09:7c:21:12:a8:fa:5a:40:9d:7b:7b:e1:36:54:
75:b5:cb:c6:e5:ed:57:61:b3:ee:89:b5:6c:d6:07:
9d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:95:98:35:67:48:90:9B:45:A1:7D:75:29:BB:30:70:31:B6:2E:9D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7JWYNWdIkJtFoX11KbswcDG2Lp0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
72:c0:95:72:fd:f9:ee:44:78:60:f6:92:2f:11:33:e7:5b:2b:
31:ad:4f:a3:36:bd:e2:df:da:77:19:c3:61:ee:7f:d3:78:44:
44:db:b4:e8:59:80:77:f3:e7:4f:74:54:69:26:dc:a5:d0:33:
75:9a:33:f0:d0:a8:c7:cc:96:8b:26:c5:a9:c6:42:e4:1f:1c:
e8:fc:4f:9b:43:b5:73:31:ac:a2:30:c4:2d:6e:cc:81:5d:8e:
af:bc:ac:79:8b:c6:28:e8:a3:2e:bf:a3:89:3b:b7:7e:ce:73:
93:48:ca:c8:69:7d:4d:71:a7:b9:a4:3d:9e:7a:a5:42:a3:a2:
a2:8f:bf:36:ee:d8:7a:b0:5e:4a:86:55:92:8a:88:ee:db:38:
d7:8a:66:05:f7:f3:10:46:cd:21:c1:87:1a:2e:c3:f3:bb:ae:
78:84:6a:ce:46:2b:eb:7b:78:c1:96:42:29:9f:a4:ac:25:3c:
d1:ca:54:b6:0f:cd:0a:52:7a:84:a9:f0:4f:61:08:7e:4d:b4:
27:e7:46:14:72:e8:59:1f:e5:43:df:28:fa:ec:b0:86:ad:3f:
ca:54:4e:70:2f:7a:03:4f:82:c0:9e:fc:1d:51:ea:c0:be:21:
ae:1a:5e:48:b5:23:51:bd:7e:0b:f3:42:74:67:3b:78:63:88:
46:bf:db:a8
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICO40wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcy
MzUyMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVDOTU5ODM1Njc0ODkw
OUI0NUExN0Q3NTI5QkIzMDcwMzFCNjJFOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBTR9DiWW6fjDRuuKLkS3qklIel9BFyYUt22MGs5ULu2OlacXu
tkxbX7VyHwkQ+Vgv61nmDbMQGrsfK8QZvXeKPb1UiuaqEBWPQ91TMWr2VK7eV2sj
+YM68lsweFmHWyKMpzGVgLiJ33PsstsbRl8wwyBQZyyt7InRWs2rKZ3B31nfNnFd
DelhrWvxZG2xh9R/Os6wib2Te4OCohsX9uEUIqgk0NJKy+3n0CKHjXcbFYUhB/yJ
ihJg/DXUEKCwoEdSnowmRuPL2H6DMdCIeQyyY5YARASjXovNMXM2rvVoGToJfCES
qPpaQJ17e+E2VHW1y8bl7Vdhs+6JtWzWB50ZAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU7JWYNWdIkJtFoX11KbswcDG2Lp0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzdKV1lOV2RJa0p0Rm9Y
MTFLYnN3Y0RHMkxwMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHLAlXL9+e5EeGD2
ki8RM+dbKzGtT6M2veLf2ncZw2Huf9N4RETbtOhZgHfz5090VGkm3KXQM3WaM/DQ
qMfMlosmxanGQuQfHOj8T5tDtXMxrKIwxC1uzIFdjq+8rHmLxijooy6/o4k7t37O
c5NIyshpfU1xp7mkPZ56pUKjoqKPvzbu2HqwXkqGVZKKiO7bONeKZgX38xBGzSHB
hxouw/O7rniEas5GK+t7eMGWQimfpKwlPNHKVLYPzQpSeoSp8E9hCH5NtCfnRhRy
6Fkf5UPfKPrssIatP8pUTnAvegNPgsCe/B1R6sC+Ia4aXki1I1G9fgvzQnRnO3hj
iEa/26g=
-----END CERTIFICATE-----
Generated at Sat May 17 20:14:46 2025 by rpki-client