Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6QwiWDjVONdVVUgGdohi1T7o1MU.roa
File: 6QwiWDjVONdVVUgGdohi1T7o1MU.roa (raw, json)
Hash identifier: JVVuFrl79T7+Hfiv5LL6YDvGVuk/39OVbOLLxke33oA=
Subject key identifier: E9:0C:22:58:38:D5:38:D7:55:55:48:06:76:88:62:D5:3E:E8:D4:C5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35A1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6QwiWDjVONdVVUgGdohi1T7o1MU.roa
Signing time: Sun 31 Mar 2024 02:22:37 +0000
ROA not before: Sun 31 Mar 2024 02:22:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13729 (0x35a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 02:22:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E90C225838D538D755554806768862D53EE8D4C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2f:45:db:21:44:ac:17:74:1c:4b:d1:e2:32:
fa:96:7b:1c:8e:bc:87:2f:61:50:bd:9b:42:56:07:
0f:db:e3:bd:c2:cd:d4:3c:e3:56:60:bc:d6:7b:27:
f2:e5:8f:d2:76:6b:90:e5:1a:74:ce:4e:ae:34:dd:
10:ce:7a:41:f2:4f:86:36:f3:24:54:e8:b4:a6:98:
ce:77:cb:f7:1f:a6:08:80:90:fb:43:e2:de:0e:21:
c6:ed:5c:ae:f5:99:31:73:78:d9:d1:fa:9e:2c:e4:
b2:06:81:de:79:32:74:f1:41:a4:ca:e3:19:bb:62:
dc:55:a4:bf:f5:33:e8:77:7c:8a:71:2f:16:de:90:
15:ad:c8:85:c6:98:db:ce:cc:40:11:0a:c4:db:e5:
d5:cb:36:1e:de:8e:05:f9:df:8b:08:f5:6e:1d:d3:
9f:8a:29:07:99:e8:fa:22:01:8c:56:fe:14:5d:e4:
19:1c:64:3d:c3:93:48:e1:b1:ac:4d:b3:d2:73:ef:
a4:f0:f6:92:ee:a8:6e:af:dd:a3:91:70:9e:d4:2d:
c7:12:48:95:73:97:40:a4:cd:22:bd:e5:29:6c:44:
e9:23:e9:bc:5c:fd:7b:77:0b:60:f9:cf:19:e3:f8:
b7:81:d1:19:d9:48:cb:4d:ee:71:95:44:58:3f:1d:
d5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:0C:22:58:38:D5:38:D7:55:55:48:06:76:88:62:D5:3E:E8:D4:C5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6QwiWDjVONdVVUgGdohi1T7o1MU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
36:ff:e8:b2:72:88:5f:89:d8:86:7c:fb:98:52:9f:f7:81:b6:
16:27:c2:51:70:7e:c7:a3:c5:f0:97:42:38:a1:9c:2d:02:fe:
68:0f:fe:b2:e7:33:b7:68:dd:03:93:dc:d9:25:b3:04:ec:e8:
09:64:75:2e:6d:2d:b4:3e:7f:b6:5f:e2:b2:58:d1:97:91:cb:
a2:1d:8c:10:be:eb:af:60:41:2f:f2:a3:f0:0d:d6:97:bb:e0:
2e:4b:c5:15:0c:ee:6f:a3:0f:08:d3:e2:8e:32:1c:77:83:f8:
7c:0c:6a:53:7e:56:83:3c:bc:48:73:7e:72:af:b2:f7:2d:0d:
36:67:ac:c1:58:d7:b5:35:f6:3c:a2:ea:dc:0b:b8:a6:79:be:
cb:2d:70:86:1d:a1:62:03:24:ff:27:78:20:a3:75:e6:23:c8:
40:66:98:87:6b:1b:5c:d2:7f:e9:92:14:22:64:02:94:f4:88:
27:14:18:d4:5b:4c:b7:2d:6a:32:aa:2d:61:26:39:40:93:ee:
e1:e9:96:ea:7f:45:e0:c2:d4:35:95:23:07:ed:e0:3b:38:20:
76:3c:7c:c2:2b:60:72:d5:69:9e:71:22:83:3c:56:d7:be:fc:
36:e3:6c:f4:65:a6:01:af:87:d1:47:f1:1e:30:6b:3f:66:f6:
b8:30:53:8d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNaEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
MjIyMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU5MEMyMjU4MzhENTM4
RDc1NTU1NDgwNjc2ODg2MkQ1M0VFOEQ0QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpL0XbIUSsF3QcS9HiMvqWexyOvIcvYVC9m0JWBw/b473CzdQ8
41ZgvNZ7J/Llj9J2a5DlGnTOTq403RDOekHyT4Y28yRU6LSmmM53y/cfpgiAkPtD
4t4OIcbtXK71mTFzeNnR+p4s5LIGgd55MnTxQaTK4xm7YtxVpL/1M+h3fIpxLxbe
kBWtyIXGmNvOzEARCsTb5dXLNh7ejgX534sI9W4d05+KKQeZ6PoiAYxW/hRd5Bkc
ZD3Dk0jhsaxNs9Jz76Tw9pLuqG6v3aORcJ7ULccSSJVzl0CkzSK95SlsROkj6bxc
/Xt3C2D5zxnj+LeB0RnZSMtN7nGVRFg/HdWnAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU6QwiWDjVONdVVUgGdohi1T7o1MUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZRd2lXRGpWT05kVlZV
Z0dkb2hpMVQ3bzFNVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADb/6LJyiF+J2IZ8
+5hSn/eBthYnwlFwfsejxfCXQjihnC0C/mgP/rLnM7do3QOT3NklswTs6AlkdS5t
LbQ+f7Zf4rJY0ZeRy6IdjBC+669gQS/yo/AN1pe74C5LxRUM7m+jDwjT4o4yHHeD
+HwMalN+VoM8vEhzfnKvsvctDTZnrMFY17U19jyi6twLuKZ5vsstcIYdoWIDJP8n
eCCjdeYjyEBmmIdrG1zSf+mSFCJkApT0iCcUGNRbTLctajKqLWEmOUCT7uHplup/
ReDC1DWVIwft4Ds4IHY8fMIrYHLVaZ5xIoM8Vte+/DbjbPRlpgGvh9FH8R4waz9m
9rgwU40=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:22:46 2025 by rpki-client