Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/HmyKElTUGns68sUQwNdz44MmHcw.roa
File: HmyKElTUGns68sUQwNdz44MmHcw.roa (raw, json)
Hash identifier: YHC7s+ordDYkkFbdwMbcH910bqe3N9k0gmpmoNJzk6o=
Subject key identifier: 1E:6C:8A:12:54:D4:1A:7B:3A:F2:C5:10:C0:D7:73:E3:83:26:1D:CC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33A1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HmyKElTUGns68sUQwNdz44MmHcw.roa
Signing time: Thu 28 Mar 2024 10:22:02 +0000
ROA not before: Thu 28 Mar 2024 10:22:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13217 (0x33a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 10:22:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1E6C8A1254D41A7B3AF2C510C0D773E383261DCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f1:62:2e:1d:28:7c:ec:af:8a:d7:92:ef:5d:
58:b0:17:c6:d1:61:55:77:76:47:2c:e8:68:b7:e2:
84:a0:02:a2:7e:3e:94:f6:8a:01:ec:c9:96:48:59:
11:05:9d:fc:92:d2:5f:aa:d0:c2:fc:17:77:a2:10:
c4:ba:7e:20:47:20:6a:00:5f:64:24:3d:65:88:b5:
01:4f:e8:7b:32:68:2e:2f:4a:2f:89:63:b5:27:8a:
a9:0e:53:e5:60:5c:c6:02:ef:91:dd:ab:80:e0:79:
d8:40:52:f3:ba:e2:f0:56:8c:15:d1:a4:8f:f1:d8:
75:66:c0:82:a9:2a:56:7a:94:5c:1b:53:98:51:3d:
50:7b:29:3e:52:64:b8:62:16:a9:be:38:c8:ee:7c:
38:0c:19:6b:e2:5a:7c:d4:80:f3:fb:24:85:d8:67:
a5:d6:89:a1:d1:13:be:de:81:74:23:d5:dc:a8:77:
20:c2:9e:57:8e:db:ac:92:79:75:3e:a4:ab:38:ea:
66:99:20:8f:9d:ca:9b:cc:d8:49:47:21:f1:9b:d8:
54:3b:d3:b4:6d:f9:39:b4:e9:f9:25:ed:31:7f:4f:
9d:a4:7b:6d:d8:71:fa:f9:46:16:27:3e:bf:c8:e7:
4f:30:f8:ad:18:e5:fb:a9:07:8b:d8:41:f4:c1:5b:
2a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:6C:8A:12:54:D4:1A:7B:3A:F2:C5:10:C0:D7:73:E3:83:26:1D:CC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HmyKElTUGns68sUQwNdz44MmHcw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
11:7e:73:72:ee:d7:43:36:10:e3:3e:48:55:fb:71:24:fb:f8:
be:5f:95:9f:66:d5:01:4b:90:94:ef:8f:4d:93:9d:ea:e6:b9:
16:a5:a1:91:0e:af:d5:ea:c2:46:a3:d2:52:1a:57:f3:ff:bc:
0b:5e:1a:ad:66:8b:95:c0:94:b6:be:ce:40:69:d5:19:ac:b8:
04:5e:cc:a2:df:dd:27:5c:8c:a1:15:99:13:c1:ab:9a:90:c3:
8e:44:89:b1:0f:16:74:20:ee:14:dd:bc:85:60:57:21:93:2a:
3c:02:bb:72:0c:aa:85:ef:ab:72:41:0b:cb:83:46:bb:bb:87:
a4:f2:9c:2c:4f:4c:5b:ec:18:3c:a4:44:f8:d9:11:f0:07:45:
b0:4e:a2:0b:40:75:fa:fc:32:b6:8c:ec:5b:db:9a:ec:1e:35:
e9:3f:e6:4e:45:b1:bb:2d:f8:02:ec:ce:be:c7:d1:0b:20:b4:
8a:5f:89:d8:69:94:83:96:d1:46:97:5d:83:96:b9:65:e1:13:
16:36:d2:d0:7f:24:7f:89:bc:7d:77:02:51:63:36:59:f2:38:
47:94:b1:f0:a3:b7:15:be:10:5d:d4:c3:a6:05:c4:5b:02:bd:
bf:b1:ce:d5:8c:79:5d:bb:f8:ed:27:7b:66:b9:f8:b4:2e:81:
f9:be:1e:2e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICM6EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgx
MDIyMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFFNkM4QTEyNTRENDFB
N0IzQUYyQzUxMEMwRDc3M0UzODMyNjFEQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCh8WIuHSh87K+K15LvXViwF8bRYVV3dkcs6Gi34oSgAqJ+PpT2
igHsyZZIWREFnfyS0l+q0ML8F3eiEMS6fiBHIGoAX2QkPWWItQFP6HsyaC4vSi+J
Y7UniqkOU+VgXMYC75Hdq4DgedhAUvO64vBWjBXRpI/x2HVmwIKpKlZ6lFwbU5hR
PVB7KT5SZLhiFqm+OMjufDgMGWviWnzUgPP7JIXYZ6XWiaHRE77egXQj1dyodyDC
nleO26ySeXU+pKs46maZII+dypvM2ElHIfGb2FQ707Rt+Tm06fkl7TF/T52ke23Y
cfr5RhYnPr/I508w+K0Y5fupB4vYQfTBWyrHAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUHmyKElTUGns68sUQwNdz44MmHcwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0hteUtFbFRVR25zNjhz
VVF3TmR6NDRNbUhjdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABF+c3Lu10M2EOM+
SFX7cST7+L5flZ9m1QFLkJTvj02TnermuRaloZEOr9Xqwkaj0lIaV/P/vAteGq1m
i5XAlLa+zkBp1RmsuARezKLf3SdcjKEVmRPBq5qQw45EibEPFnQg7hTdvIVgVyGT
KjwCu3IMqoXvq3JBC8uDRru7h6TynCxPTFvsGDykRPjZEfAHRbBOogtAdfr8MraM
7FvbmuweNek/5k5Fsbst+ALszr7H0QsgtIpfidhplIOW0UaXXYOWuWXhExY20tB/
JH+JvH13AlFjNlnyOEeUsfCjtxW+EF3Uw6YFxFsCvb+xztWMeV27+O0ne2a5+LQu
gfm+Hi4=
-----END CERTIFICATE-----
Generated at Sun May 18 05:56:32 2025 by rpki-client