Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/J8GxDrJZwkEym0JBf1uFWq5I594.roa
File: J8GxDrJZwkEym0JBf1uFWq5I594.roa (raw, json)
Hash identifier: nHqVbPA6NAbaTtLeNKqHOPAB6X+JUaaYZ6ezd9fdCZc=
Subject key identifier: 27:C1:B1:0E:B2:59:C2:41:32:9B:42:41:7F:5B:85:5A:AE:48:E7:DE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4905
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/J8GxDrJZwkEym0JBf1uFWq5I594.roa
Signing time: Thu 25 Apr 2024 22:53:20 +0000
ROA not before: Thu 25 Apr 2024 22:53:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18693 (0x4905)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 22:53:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=27C1B10EB259C241329B42417F5B855AAE48E7DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:30:9f:ed:b7:0c:56:f3:ca:90:92:e0:1c:8b:
c6:eb:18:69:74:9e:0c:a4:d0:09:a1:3c:a3:92:0d:
9b:1f:8d:6a:27:15:ed:5e:c7:84:2c:a9:47:2e:c5:
48:32:c5:55:47:50:3d:83:ef:46:5f:98:82:09:e4:
3f:8b:61:82:69:21:a4:32:fc:fa:c2:33:19:4b:3f:
51:c8:42:0f:b9:53:41:53:df:93:3c:2f:24:d2:c1:
9b:0e:b2:78:04:5d:9f:34:56:81:45:c2:d9:12:e6:
81:d7:11:48:93:62:9d:08:04:80:b9:3a:df:8c:82:
95:46:8f:be:cb:77:d4:74:61:d6:c9:c6:68:f1:89:
85:47:33:f2:d3:b5:8e:dc:8f:f4:aa:f0:a4:b9:a0:
28:6f:87:68:ea:9c:91:5f:cb:8b:d4:69:08:d8:88:
cf:05:04:eb:d4:2f:94:3c:5d:06:a3:09:5c:12:35:
59:e9:fe:41:6e:2c:43:0b:d1:87:f4:f3:cc:a2:bd:
8f:99:bb:77:a8:45:0c:5f:e2:dd:4d:2c:a1:4f:2e:
98:22:2f:06:25:6a:e7:b2:a2:ef:95:17:33:2e:99:
29:5e:a5:8a:9b:30:60:bb:37:1f:51:b3:40:b4:04:
4c:54:42:47:89:7d:b3:f9:33:70:dd:89:86:96:80:
c4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:C1:B1:0E:B2:59:C2:41:32:9B:42:41:7F:5B:85:5A:AE:48:E7:DE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/J8GxDrJZwkEym0JBf1uFWq5I594.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
84:84:14:08:4d:8f:6e:d5:ed:6a:e0:5c:bf:98:02:16:7b:fe:
ce:23:cd:75:43:89:3f:d0:74:b1:e3:33:c0:28:61:82:d3:c1:
54:f0:90:62:77:75:29:b4:c1:76:78:c1:f7:d0:8e:96:c2:0e:
25:af:00:ac:72:ca:4c:1f:17:2e:5c:a4:a2:1d:85:df:10:d5:
23:48:97:ce:fa:dd:2e:8e:02:81:97:66:98:ef:76:c5:01:5b:
65:1e:10:8f:41:63:60:d4:98:d3:1c:bd:78:a5:8d:a8:52:63:
0f:2f:87:91:a6:29:62:ca:8d:d2:fa:a8:0d:17:2b:d0:f7:be:
57:16:2b:c7:e2:93:49:88:9c:53:72:ba:38:eb:a1:8b:7c:46:
bf:03:ca:31:1d:f2:72:99:f6:31:ad:1e:13:3d:4c:bf:88:fc:
1b:20:d6:6b:b8:58:5d:52:ce:0b:98:6c:f5:37:e5:c4:d9:4f:
42:65:eb:8c:dc:41:b3:80:d8:fd:53:e6:71:be:44:d2:66:96:
f3:10:13:15:0f:5e:e5:30:9d:16:e7:e9:c7:d1:af:dc:0d:ac:
df:8b:b9:dd:cd:0e:1f:fc:69:3c:bb:07:a1:bb:fc:0e:ca:ac:
ae:b9:5a:66:37:19:47:24:e6:7b:c5:2a:ee:34:e5:3b:57:97:
2c:5b:04:23
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUy
MjUzMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI3QzFCMTBFQjI1OUMy
NDEzMjlCNDI0MTdGNUI4NTVBQUU0OEU3REUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHMJ/ttwxW88qQkuAci8brGGl0ngyk0AmhPKOSDZsfjWonFe1e
x4QsqUcuxUgyxVVHUD2D70ZfmIIJ5D+LYYJpIaQy/PrCMxlLP1HIQg+5U0FT35M8
LyTSwZsOsngEXZ80VoFFwtkS5oHXEUiTYp0IBIC5Ot+MgpVGj77Ld9R0YdbJxmjx
iYVHM/LTtY7cj/Sq8KS5oChvh2jqnJFfy4vUaQjYiM8FBOvUL5Q8XQajCVwSNVnp
/kFuLEML0Yf088yivY+Zu3eoRQxf4t1NLKFPLpgiLwYlaueyou+VFzMumSlepYqb
MGC7Nx9Rs0C0BExUQkeJfbP5M3DdiYaWgMSnAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUJ8GxDrJZwkEym0JBf1uFWq5I594wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0o4R3hEckpad2tFeW0w
SkJmMXVGV3E1STU5NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAISEFAhNj27V7Wrg
XL+YAhZ7/s4jzXVDiT/QdLHjM8AoYYLTwVTwkGJ3dSm0wXZ4wffQjpbCDiWvAKxy
ykwfFy5cpKIdhd8Q1SNIl8763S6OAoGXZpjvdsUBW2UeEI9BY2DUmNMcvXiljahS
Yw8vh5GmKWLKjdL6qA0XK9D3vlcWK8fik0mInFNyujjroYt8Rr8DyjEd8nKZ9jGt
HhM9TL+I/Bsg1mu4WF1SzguYbPU35cTZT0Jl64zcQbOA2P1T5nG+RNJmlvMQExUP
XuUwnRbn6cfRr9wNrN+Lud3NDh/8aTy7B6G7/A7KrK65WmY3GUck5nvFKu405TtX
lyxbBCM=
-----END CERTIFICATE-----
Generated at Sun May 18 15:31:30 2025 by rpki-client