Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TqgC7vzI-Wh_z4BY9RW2PLfsr54.roa
File: TqgC7vzI-Wh_z4BY9RW2PLfsr54.roa (raw, json)
Hash identifier: 3uXiB+OsjF66PcBQavOxu/SFW/JvPr3ph14OODMA8ek=
Subject key identifier: 4E:A8:02:EE:FC:C8:F9:68:7F:CF:80:58:F5:15:B6:3C:B7:EC:AF:9E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4399
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TqgC7vzI-Wh_z4BY9RW2PLfsr54.roa
Signing time: Thu 18 Apr 2024 17:23:00 +0000
ROA not before: Thu 18 Apr 2024 17:23:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17305 (0x4399)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 17:23:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4EA802EEFCC8F9687FCF8058F515B63CB7ECAF9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2a:b7:ea:93:90:d0:5b:e7:30:48:f4:ea:b4:
98:5b:55:8d:a3:4f:c7:06:ab:2d:17:6e:07:5e:df:
9b:04:c8:c1:d0:b2:5a:c6:05:f8:64:ea:0e:a9:8b:
ea:7c:0e:2b:ee:af:0b:8a:1a:ab:3b:fb:1e:a5:d4:
f6:f3:a1:df:58:da:39:c9:c8:f7:48:b5:f6:20:71:
06:c6:65:f1:3b:56:03:3d:77:a9:a9:64:af:1c:c3:
3f:29:6e:65:b0:51:5e:70:b7:d2:9c:7d:e4:2d:41:
b8:21:b5:36:4a:68:e8:05:f5:8a:05:33:14:e5:6e:
02:fb:b6:42:09:e7:dd:cd:27:ef:6b:03:ca:10:af:
cf:e2:c2:04:83:f4:ea:c3:09:01:c0:e9:f6:2d:89:
c1:9d:ab:14:5e:fe:1d:ab:4d:d0:5a:72:aa:a6:9f:
83:74:f2:f6:fb:45:e3:1b:96:01:e9:c7:e7:45:5a:
76:8d:c9:70:b1:5c:ad:bd:68:5c:6b:8c:5d:74:3f:
9b:9f:a2:9f:7e:c2:aa:49:99:44:86:df:72:d8:89:
87:8a:6d:33:79:5b:7c:e6:ea:d0:36:12:6b:9f:1e:
98:37:4e:ad:61:5b:8d:6f:3c:f6:86:26:05:25:c6:
c1:19:30:84:bf:8c:7c:74:53:ee:97:61:c4:6d:af:
d4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A8:02:EE:FC:C8:F9:68:7F:CF:80:58:F5:15:B6:3C:B7:EC:AF:9E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TqgC7vzI-Wh_z4BY9RW2PLfsr54.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
00:04:9a:6f:a9:54:f5:4e:da:5b:45:01:d4:98:58:78:2f:ad:
86:62:bf:2d:d3:4f:fa:c7:85:3b:cd:69:98:c8:37:ea:5b:19:
b3:f9:95:d8:3e:7a:b4:61:58:83:f9:e0:48:84:2c:8e:af:40:
ba:97:c7:0d:15:28:1a:d4:66:bc:46:54:d9:35:91:33:41:60:
59:d4:4e:4c:6d:44:fd:64:64:23:1f:2e:68:ce:39:1d:58:f7:
b2:c5:55:0e:46:4d:e7:4a:a2:b5:f3:6a:ab:a5:3f:03:60:fd:
ab:c0:dc:c3:31:a9:84:58:d4:d1:92:98:a3:fa:cc:70:1a:f0:
22:e7:28:a5:23:c1:b7:89:8d:88:19:55:ec:d7:e4:ac:81:d9:
1e:68:ba:2b:89:20:07:ed:0a:53:6c:2e:e3:9b:7a:f2:d2:26:
b1:ee:29:ac:f3:aa:3b:f3:14:e1:30:33:ba:0b:72:a1:ac:5a:
ca:b1:6d:cc:3a:22:3c:9b:b9:1e:5e:ca:eb:76:fe:f0:76:84:
0d:be:26:b7:00:f9:a1:58:75:83:48:dc:37:e6:c8:30:b5:82:
c9:8a:ee:49:93:40:ce:d7:17:12:f3:89:98:c2:7d:b4:82:24:
44:b8:b6:88:a6:8e:e1:9a:2c:4a:bf:6f:22:e4:84:3b:20:09:
96:82:a6:45
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQ5kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
NzIzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRFQTgwMkVFRkNDOEY5
Njg3RkNGODA1OEY1MTVCNjNDQjdFQ0FGOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3Krfqk5DQW+cwSPTqtJhbVY2jT8cGqy0Xbgde35sEyMHQslrG
Bfhk6g6pi+p8DivurwuKGqs7+x6l1Pbzod9Y2jnJyPdItfYgcQbGZfE7VgM9d6mp
ZK8cwz8pbmWwUV5wt9KcfeQtQbghtTZKaOgF9YoFMxTlbgL7tkIJ593NJ+9rA8oQ
r8/iwgSD9OrDCQHA6fYticGdqxRe/h2rTdBacqqmn4N08vb7ReMblgHpx+dFWnaN
yXCxXK29aFxrjF10P5ufop9+wqpJmUSG33LYiYeKbTN5W3zm6tA2EmufHpg3Tq1h
W41vPPaGJgUlxsEZMIS/jHx0U+6XYcRtr9SFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUTqgC7vzI+Wh/z4BY9RW2PLfsr54wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RxZ0M3dnpJLVdoX3o0
Qlk5UlcyUExmc3I1NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAAEmm+pVPVO2ltF
AdSYWHgvrYZivy3TT/rHhTvNaZjIN+pbGbP5ldg+erRhWIP54EiELI6vQLqXxw0V
KBrUZrxGVNk1kTNBYFnUTkxtRP1kZCMfLmjOOR1Y97LFVQ5GTedKorXzaqulPwNg
/avA3MMxqYRY1NGSmKP6zHAa8CLnKKUjwbeJjYgZVezX5KyB2R5ouiuJIAftClNs
LuObevLSJrHuKazzqjvzFOEwM7oLcqGsWsqxbcw6IjybuR5eyut2/vB2hA2+JrcA
+aFYdYNI3DfmyDC1gsmK7kmTQM7XFxLziZjCfbSCJES4toimjuGaLEq/byLkhDsg
CZaCpkU=
-----END CERTIFICATE-----
Generated at Sun May 18 01:20:39 2025 by rpki-client