Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6oNSoEoKSXJQq3cgdRSVXQOQWIU.roa
File: 6oNSoEoKSXJQq3cgdRSVXQOQWIU.roa (raw, json)
Hash identifier: V0fksYIHEM45k+83/tRQgwx7C47w+ruZdSeneLDYpSU=
Subject key identifier: EA:83:52:A0:4A:0A:49:72:50:AB:77:20:75:14:95:5D:03:90:58:85
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 42B5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6oNSoEoKSXJQq3cgdRSVXQOQWIU.roa
Signing time: Wed 17 Apr 2024 12:52:58 +0000
ROA not before: Wed 17 Apr 2024 12:52:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17077 (0x42b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 12:52:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EA8352A04A0A497250AB77207514955D03905885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:27:55:3a:e0:cf:76:2a:cd:15:5c:cb:ae:7d:
5c:c0:50:a3:3f:a6:be:cd:06:df:e4:d3:df:1b:f3:
54:f8:cb:18:a8:3a:4f:b1:29:98:79:3d:ba:08:21:
72:25:75:92:97:58:d1:88:5d:40:f9:06:22:16:49:
6c:88:9e:62:c2:40:d5:1f:c7:a1:09:6c:4e:27:79:
44:da:c0:64:df:db:30:54:e9:5c:35:13:02:fe:ca:
d1:5d:be:1f:d5:37:71:89:fd:80:1b:51:d2:96:53:
90:c0:a9:c0:7d:1d:ee:c4:b0:62:db:4d:20:cd:24:
12:bc:1a:f3:f2:1d:cf:fa:f8:5f:8c:14:54:7e:b4:
ee:49:4e:bb:18:81:a9:aa:61:e9:7d:72:2d:73:a1:
4b:3a:f6:33:c0:e8:cc:f5:85:12:9c:5a:19:d6:ea:
8a:59:b9:59:63:91:d5:69:55:89:81:6f:5a:77:19:
02:9e:7d:87:63:fe:48:0c:d1:a7:e1:a5:57:83:05:
a1:de:9f:8f:53:49:f5:97:f9:dc:ca:97:8b:56:36:
b6:a5:57:e1:d5:23:fb:85:02:3c:bc:12:6c:63:4a:
68:23:7d:c8:d2:8b:d1:da:6c:cd:29:b8:db:d8:42:
95:fc:17:e7:2f:39:5b:5e:42:30:7d:4f:4a:16:bd:
65:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:83:52:A0:4A:0A:49:72:50:AB:77:20:75:14:95:5D:03:90:58:85
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6oNSoEoKSXJQq3cgdRSVXQOQWIU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4e:99:42:5b:07:c4:08:44:f6:56:db:79:dd:04:d1:1b:92:9a:
37:26:b9:ad:71:26:85:72:b3:e7:f1:69:1a:9c:63:a9:fc:56:
2e:8a:52:e1:fe:1c:a4:de:aa:a1:a6:5f:99:b7:20:b7:8d:4d:
de:a0:2e:30:e3:64:5f:54:38:05:18:1a:7e:07:50:78:25:96:
cf:d3:e3:bd:d2:83:ca:19:e5:ac:24:16:bf:8f:58:1a:05:40:
69:b5:ec:42:8a:27:b9:9c:85:79:73:e5:6a:87:cb:c2:10:f2:
f0:ec:ce:f2:41:27:d5:1f:8c:06:8e:df:80:97:2e:34:fc:88:
49:e3:3c:f2:7b:01:f5:8b:34:14:31:9d:30:04:b4:90:08:8d:
31:a2:05:31:1e:90:f4:e0:47:8c:63:bf:82:a9:c0:95:0f:19:
c4:f5:69:e1:bf:e3:9a:5e:85:1a:97:55:04:bd:80:f1:8c:5e:
c4:8a:39:3e:da:3e:7a:e8:60:ae:3a:1d:c1:6f:5a:d1:a3:64:
11:11:98:01:4b:e0:60:fd:2d:74:4a:f5:4f:51:49:62:0d:eb:
2d:7f:73:64:c1:97:d6:98:99:e9:89:35:46:c0:71:ed:32:73:
9c:0d:5c:82:e5:bf:b5:31:75:2b:b7:76:90:30:51:00:82:55:
24:31:94:f1
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQrUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcx
MjUyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVBODM1MkEwNEEwQTQ5
NzI1MEFCNzcyMDc1MTQ5NTVEMDM5MDU4ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmJ1U64M92Ks0VXMuufVzAUKM/pr7NBt/k098b81T4yxioOk+x
KZh5PboIIXIldZKXWNGIXUD5BiIWSWyInmLCQNUfx6EJbE4neUTawGTf2zBU6Vw1
EwL+ytFdvh/VN3GJ/YAbUdKWU5DAqcB9He7EsGLbTSDNJBK8GvPyHc/6+F+MFFR+
tO5JTrsYgamqYel9ci1zoUs69jPA6Mz1hRKcWhnW6opZuVljkdVpVYmBb1p3GQKe
fYdj/kgM0afhpVeDBaHen49TSfWX+dzKl4tWNralV+HVI/uFAjy8EmxjSmgjfcjS
i9HabM0puNvYQpX8F+cvOVteQjB9T0oWvWWTAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU6oNSoEoKSXJQq3cgdRSVXQOQWIUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZvTlNvRW9LU1hKUXEz
Y2dkUlNWWFFPUVdJVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAE6ZQlsHxAhE9lbb
ed0E0RuSmjcmua1xJoVys+fxaRqcY6n8Vi6KUuH+HKTeqqGmX5m3ILeNTd6gLjDj
ZF9UOAUYGn4HUHglls/T473Sg8oZ5awkFr+PWBoFQGm17EKKJ7mchXlz5WqHy8IQ
8vDszvJBJ9UfjAaO34CXLjT8iEnjPPJ7AfWLNBQxnTAEtJAIjTGiBTEekPTgR4xj
v4KpwJUPGcT1aeG/45pehRqXVQS9gPGMXsSKOT7aPnroYK46HcFvWtGjZBERmAFL
4GD9LXRK9U9RSWIN6y1/c2TBl9aYmemJNUbAce0yc5wNXILlv7UxdSu3dpAwUQCC
VSQxlPE=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:03:43 2025 by rpki-client