Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6oAgK7ylkZr2to7mB60ujN664RA.roa
File: 6oAgK7ylkZr2to7mB60ujN664RA.roa (raw, json)
Hash identifier: 6YeMcDHv6hiMc0rCpmWzm/gJlXj/s3prAleOGg6C6Co=
Subject key identifier: EA:80:20:2B:BC:A5:91:9A:F6:B6:8E:E6:07:AD:2E:8C:DE:BA:E1:10
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DD1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6oAgK7ylkZr2to7mB60ujN664RA.roa
Signing time: Thu 02 May 2024 08:23:45 +0000
ROA not before: Thu 02 May 2024 08:23:45 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19921 (0x4dd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 08:23:45 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EA80202BBCA5919AF6B68EE607AD2E8CDEBAE110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:86:81:2c:5b:30:95:87:3e:7b:06:a6:41:5d:
a0:45:43:03:e2:e8:91:76:65:2c:a4:87:29:e9:95:
a9:60:99:40:64:f8:0f:b4:ab:42:17:da:85:62:60:
c4:08:08:c3:bf:63:46:b4:04:52:5f:5d:50:60:be:
7a:14:f2:78:a3:7f:53:2b:6b:16:cc:fc:29:fa:f4:
14:f9:62:81:f7:42:8f:f0:3f:f3:c8:bf:f5:5d:db:
8d:e6:07:fb:89:92:e5:3e:07:fc:c9:5e:d5:54:a3:
b4:88:7c:db:7c:62:d5:c3:41:4b:d6:7a:70:9d:d5:
14:d0:13:3b:55:84:39:61:37:c0:48:75:5f:5c:6a:
0f:e6:8e:bb:06:a0:b4:ac:94:68:a6:47:e4:ec:75:
ee:96:76:2e:53:d5:16:15:ae:b8:15:bc:0b:be:ed:
77:a5:44:13:81:ac:f7:0b:bc:87:0a:da:2d:0a:05:
fc:a8:cb:9c:e0:23:ff:48:f5:d4:b6:dc:f4:1e:a4:
75:f2:09:c3:8a:b3:80:e0:8c:ce:60:4d:fe:db:70:
27:40:01:17:c8:31:58:d0:98:f5:99:ab:fd:dd:0e:
99:52:3d:28:36:12:3f:e9:56:1f:a3:08:27:af:f7:
9e:37:78:94:d1:66:e1:5d:68:99:7e:91:c9:aa:4b:
f6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:80:20:2B:BC:A5:91:9A:F6:B6:8E:E6:07:AD:2E:8C:DE:BA:E1:10
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6oAgK7ylkZr2to7mB60ujN664RA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
93:77:a0:c7:16:65:25:11:a4:fa:0e:ea:a7:4c:54:10:cf:1b:
91:15:dd:4b:3d:84:13:f9:e1:b4:ca:fb:e4:d4:12:a3:8d:41:
c1:39:02:9a:be:26:49:f7:d4:9c:bf:ed:7b:b0:8c:2c:f9:a3:
26:bb:81:d9:45:94:d2:7a:a4:1c:fa:43:6d:d6:8d:bc:19:4d:
73:fe:16:01:b2:05:70:d0:cc:41:92:68:01:b4:ee:11:b0:4b:
33:78:b0:3a:df:ab:a4:54:6b:4c:32:7d:2e:9a:b7:9d:04:34:
25:1f:6b:87:ec:b7:70:d5:c4:45:24:09:ba:ab:c6:c0:54:8a:
6f:04:59:20:8f:73:33:06:e3:a8:60:a1:af:34:21:8f:2b:7a:
a3:64:4c:c2:2d:74:80:bb:ac:ed:4b:b4:b7:49:26:3e:f6:6f:
59:91:0b:d2:4c:35:fc:3f:41:b5:06:ed:8b:d9:9a:9f:d9:75:
3a:bb:f0:29:9c:37:74:aa:5b:ac:c9:f1:7b:6e:e4:4a:b9:03:
36:48:53:8c:ee:b4:bb:ec:b1:6d:8b:41:42:15:c6:fb:d7:b8:
af:04:b4:90:29:5b:f6:97:9c:98:3c:54:1d:82:f5:fa:71:46:
69:6a:97:f5:d2:b6:3e:fa:57:44:54:ba:8c:a5:2b:a7:bf:48:
fb:74:22:8a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTdEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIw
ODIzNDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVBODAyMDJCQkNBNTkx
OUFGNkI2OEVFNjA3QUQyRThDREVCQUUxMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5hoEsWzCVhz57BqZBXaBFQwPi6JF2ZSykhynplalgmUBk+A+0
q0IX2oViYMQICMO/Y0a0BFJfXVBgvnoU8nijf1MraxbM/Cn69BT5YoH3Qo/wP/PI
v/Vd243mB/uJkuU+B/zJXtVUo7SIfNt8YtXDQUvWenCd1RTQEztVhDlhN8BIdV9c
ag/mjrsGoLSslGimR+Tsde6Wdi5T1RYVrrgVvAu+7XelRBOBrPcLvIcK2i0KBfyo
y5zgI/9I9dS23PQepHXyCcOKs4DgjM5gTf7bcCdAARfIMVjQmPWZq/3dDplSPSg2
Ej/pVh+jCCev9543eJTRZuFdaJl+kcmqS/aFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU6oAgK7ylkZr2to7mB60ujN664RAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZvQWdLN3lsa1pyMnRv
N21CNjB1ak42NjRSQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJN3oMcWZSURpPoO
6qdMVBDPG5EV3Us9hBP54bTK++TUEqONQcE5Apq+Jkn31Jy/7XuwjCz5oya7gdlF
lNJ6pBz6Q23WjbwZTXP+FgGyBXDQzEGSaAG07hGwSzN4sDrfq6RUa0wyfS6at50E
NCUfa4fst3DVxEUkCbqrxsBUim8EWSCPczMG46hgoa80IY8reqNkTMItdIC7rO1L
tLdJJj72b1mRC9JMNfw/QbUG7YvZmp/ZdTq78CmcN3SqW6zJ8Xtu5Eq5AzZIU4zu
tLvssW2LQUIVxvvXuK8EtJApW/aXnJg8VB2C9fpxRmlql/XStj76V0RUuoylK6e/
SPt0Ioo=
-----END CERTIFICATE-----
Generated at Sat Jun 21 19:18:18 2025 by rpki-client