Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/vK09gCEsLokaqcSqAZnyfUSJhKU.roa
File: vK09gCEsLokaqcSqAZnyfUSJhKU.roa (raw, json)
Hash identifier: NHV89betGoAOjL5QXNUFZ1liO6/XAkoh/ddMlvDWq1E=
Subject key identifier: BC:AD:3D:80:21:2C:2E:89:1A:A9:C4:AA:01:99:F2:7D:44:89:84:A5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DD9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vK09gCEsLokaqcSqAZnyfUSJhKU.roa
Signing time: Thu 02 May 2024 09:24:00 +0000
ROA not before: Thu 02 May 2024 09:24:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19929 (0x4dd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 09:24:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BCAD3D80212C2E891AA9C4AA0199F27D448984A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3b:32:35:b2:76:52:f7:3f:98:f1:d0:f2:91:
b5:f0:6f:79:5a:1b:50:de:73:f1:17:af:82:c0:1e:
7e:df:ef:9d:1d:e0:e1:51:45:3a:59:34:fc:e0:6e:
92:2e:ad:4a:9b:bd:e7:d2:6a:56:ec:d7:33:1e:6d:
39:05:47:d1:03:93:13:db:1a:0d:60:38:f8:a9:7a:
02:43:4c:e4:c2:de:9d:3b:b6:3e:cf:2e:d7:46:db:
4d:38:2b:08:b6:37:be:f2:6e:d4:31:ae:c3:99:41:
fb:8e:54:ab:9b:a9:89:83:dc:ab:75:93:6f:bb:18:
4d:e1:a4:fb:9a:9a:e2:f0:ba:1f:59:d7:d7:8f:10:
38:00:7b:d9:76:f4:b3:53:4c:53:b7:a1:44:b7:60:
2e:cf:d6:68:63:dc:26:5e:17:46:33:1e:26:f7:22:
25:fa:0c:52:11:0b:cb:68:3f:be:95:db:7e:22:a1:
fc:ed:d6:50:92:d6:31:40:47:8d:92:16:4f:3c:22:
f2:5e:da:d6:f7:68:d9:ad:a9:97:69:87:ac:12:22:
df:13:c6:d4:8b:e6:0d:f9:3f:a5:95:71:8a:78:8a:
8c:3c:69:aa:b8:b2:fc:4b:e3:32:92:5d:d4:c2:5b:
c3:6b:85:96:27:ca:f5:1f:b5:1a:8e:69:ce:b7:ad:
e8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AD:3D:80:21:2C:2E:89:1A:A9:C4:AA:01:99:F2:7D:44:89:84:A5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vK09gCEsLokaqcSqAZnyfUSJhKU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
48:75:67:77:dc:b8:98:3a:f0:8b:0f:4e:5e:67:d7:3e:9f:0b:
d6:21:57:c9:af:09:79:db:e6:b7:0a:15:32:4c:fa:85:ef:e3:
cc:22:92:eb:72:e6:16:b9:9f:e6:69:a3:7a:71:46:4b:73:0f:
54:ca:cd:46:2b:62:8c:aa:83:1b:ba:d0:4b:5e:e4:62:97:24:
f7:90:42:5c:94:37:bc:a8:5c:7f:25:71:10:be:60:82:f9:4e:
7f:7a:ed:5f:48:4f:2d:11:b4:c4:41:a2:2a:0b:42:ef:f4:f4:
27:89:34:eb:3a:6b:2b:e4:c0:9e:3e:7b:14:f4:83:8a:f1:f5:
6d:0a:3c:67:e5:81:a4:76:45:07:15:91:f7:b0:6d:18:b6:ea:
a2:59:d1:ce:34:54:97:a6:80:4f:b6:a2:26:7f:93:b3:16:a3:
57:8a:0c:1b:0d:5c:df:f5:34:a5:98:96:4e:a2:30:8a:b9:08:
9f:48:d4:75:09:03:9e:3e:bb:e9:5c:15:a2:d3:e4:38:9e:ba:
08:ea:09:3e:f1:5b:49:fa:7d:6c:aa:93:37:c8:95:d4:f3:8f:
71:1d:55:48:d9:44:41:82:77:7d:d4:fa:1e:6e:bb:ef:f3:65:
eb:1f:07:cd:3e:bb:c8:c6:62:25:8c:d9:d5:4c:51:aa:e1:c8:
e5:92:f8:62
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTdkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIw
OTI0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJDQUQzRDgwMjEyQzJF
ODkxQUE5QzRBQTAxOTlGMjdENDQ4OTg0QTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCOzI1snZS9z+Y8dDykbXwb3laG1Dec/EXr4LAHn7f750d4OFR
RTpZNPzgbpIurUqbvefSalbs1zMebTkFR9EDkxPbGg1gOPipegJDTOTC3p07tj7P
LtdG2004Kwi2N77ybtQxrsOZQfuOVKubqYmD3Kt1k2+7GE3hpPuamuLwuh9Z19eP
EDgAe9l29LNTTFO3oUS3YC7P1mhj3CZeF0YzHib3IiX6DFIRC8toP76V234iofzt
1lCS1jFAR42SFk88IvJe2tb3aNmtqZdph6wSIt8TxtSL5g35P6WVcYp4iow8aaq4
svxL4zKSXdTCW8NrhZYnyvUftRqOac63reghAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUvK09gCEsLokaqcSqAZnyfUSJhKUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3ZLMDlnQ0VzTG9rYXFj
U3FBWm55ZlVTSmhLVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEh1Z3fcuJg68IsP
Tl5n1z6fC9YhV8mvCXnb5rcKFTJM+oXv48wikuty5ha5n+Zpo3pxRktzD1TKzUYr
Yoyqgxu60Ete5GKXJPeQQlyUN7yoXH8lcRC+YIL5Tn967V9ITy0RtMRBoioLQu/0
9CeJNOs6ayvkwJ4+exT0g4rx9W0KPGflgaR2RQcVkfewbRi26qJZ0c40VJemgE+2
oiZ/k7MWo1eKDBsNXN/1NKWYlk6iMIq5CJ9I1HUJA54+u+lcFaLT5DieugjqCT7x
W0n6fWyqkzfIldTzj3EdVUjZREGCd33U+h5uu+/zZesfB80+u8jGYiWM2dVMUarh
yOWS+GI=
-----END CERTIFICATE-----
Generated at Sun May 18 05:56:36 2025 by rpki-client