Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/AO8q2Ly0Im8bYzFowAXHVguawKk.roa
File: AO8q2Ly0Im8bYzFowAXHVguawKk.roa (raw, json)
Hash identifier: 0JibTL5jVyR+ZR1JY9YP8s81DssZlPFJ9XkBe+CVvMA=
Subject key identifier: 00:EF:2A:D8:BC:B4:22:6F:1B:63:31:68:C0:05:C7:56:0B:9A:C0:A9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3AD5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AO8q2Ly0Im8bYzFowAXHVguawKk.roa
Signing time: Sun 07 Apr 2024 00:52:29 +0000
ROA not before: Sun 07 Apr 2024 00:52:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15061 (0x3ad5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 00:52:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=00EF2AD8BCB4226F1B633168C005C7560B9AC0A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:53:0a:e8:32:8a:77:5a:64:34:eb:3a:c7:cf:
15:af:fa:99:63:df:2c:2d:89:9a:b4:0e:31:48:6c:
d7:1d:d7:00:3b:a0:77:06:ba:02:21:d7:43:18:26:
b2:89:3b:db:cf:45:4b:9f:ca:a9:1f:05:1b:ae:36:
8a:d2:04:ca:75:c1:83:e1:09:7c:62:5c:8c:36:a3:
58:11:b8:77:fb:9e:f5:9a:cd:89:8f:9a:87:46:da:
ce:57:7c:08:70:a4:86:53:30:08:19:29:3f:a5:02:
30:59:1e:65:27:06:8a:3e:c9:01:3a:69:51:b1:8a:
cd:95:36:1f:f4:b1:e4:cc:b0:54:04:5d:9c:df:eb:
bb:96:59:08:de:3e:d6:1a:59:c6:ae:f5:50:5e:e9:
85:a4:f4:64:2a:b2:50:67:cd:ce:3e:91:a5:17:42:
dd:6d:ed:ed:0b:70:fb:76:d8:f1:44:4d:b2:16:59:
2f:70:67:22:6c:e6:77:0b:9d:67:39:61:c5:2d:0b:
81:28:35:9b:c8:8d:d8:cf:00:68:d6:10:b6:b7:15:
17:ae:8d:9b:32:79:92:c6:e7:2f:ce:c0:09:1b:4e:
ca:cc:f4:0c:3e:98:36:f9:14:79:18:36:8d:55:94:
15:25:7b:22:24:c2:ab:95:40:fc:81:9d:be:5a:d4:
b8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:EF:2A:D8:BC:B4:22:6F:1B:63:31:68:C0:05:C7:56:0B:9A:C0:A9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AO8q2Ly0Im8bYzFowAXHVguawKk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5f:28:52:58:2f:f5:a5:a8:81:40:e2:75:55:91:5e:a8:b5:0d:
a2:41:d3:81:a3:e2:b9:2b:f6:90:a4:46:71:b4:34:02:a9:a5:
64:d3:f3:42:56:f5:f1:92:01:5d:41:6b:ef:74:ae:b2:5b:aa:
51:bd:a3:89:5d:cc:dc:5f:85:1e:29:67:76:5f:5f:ff:20:fa:
8f:39:bd:2b:f3:59:ac:65:e6:cc:6e:e9:da:ac:61:b9:0e:45:
05:89:5c:65:25:d0:35:6f:c0:c8:06:be:d7:fb:8a:8d:e1:e5:
4b:ce:61:02:ef:cb:d1:c1:9b:e4:d5:a5:c4:1f:7d:85:56:c7:
86:30:9d:c3:4c:ec:6b:1a:93:b3:95:08:ce:8a:0e:03:a8:2e:
bc:da:b0:61:ce:2d:18:6c:ef:b2:35:aa:5f:96:13:25:22:0d:
1b:51:28:0d:f3:b1:02:ef:a1:ac:ab:14:0a:8c:4e:dc:a5:8c:
6f:33:73:ae:1c:8c:1d:c6:3f:ae:92:5d:b3:51:41:5c:da:d0:
bf:65:9a:a5:b3:65:d4:a6:a8:38:7c:aa:bd:54:e9:74:7d:7b:
34:62:9f:0d:a9:af:c3:11:70:12:b5:01:88:85:95:56:aa:5c:
09:eb:8c:d4:d0:97:b8:14:32:e1:8a:d4:30:90:28:19:a5:d0:
68:6d:7f:a3
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOtUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcw
MDUyMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAwRUYyQUQ4QkNCNDIy
NkYxQjYzMzE2OEMwMDVDNzU2MEI5QUMwQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaUwroMop3WmQ06zrHzxWv+plj3ywtiZq0DjFIbNcd1wA7oHcG
ugIh10MYJrKJO9vPRUufyqkfBRuuNorSBMp1wYPhCXxiXIw2o1gRuHf7nvWazYmP
modG2s5XfAhwpIZTMAgZKT+lAjBZHmUnBoo+yQE6aVGxis2VNh/0seTMsFQEXZzf
67uWWQjePtYaWcau9VBe6YWk9GQqslBnzc4+kaUXQt1t7e0LcPt22PFETbIWWS9w
ZyJs5ncLnWc5YcUtC4EoNZvIjdjPAGjWELa3FReujZsyeZLG5y/OwAkbTsrM9Aw+
mDb5FHkYNo1VlBUleyIkwquVQPyBnb5a1Li9AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUAO8q2Ly0Im8bYzFowAXHVguawKkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0FPOHEyTHkwSW04Yll6
Rm93QVhIVmd1YXdLay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAF8oUlgv9aWogUDi
dVWRXqi1DaJB04Gj4rkr9pCkRnG0NAKppWTT80JW9fGSAV1Ba+90rrJbqlG9o4ld
zNxfhR4pZ3ZfX/8g+o85vSvzWaxl5sxu6dqsYbkORQWJXGUl0DVvwMgGvtf7io3h
5UvOYQLvy9HBm+TVpcQffYVWx4YwncNM7Gsak7OVCM6KDgOoLrzasGHOLRhs77I1
ql+WEyUiDRtRKA3zsQLvoayrFAqMTtyljG8zc64cjB3GP66SXbNRQVza0L9lmqWz
ZdSmqDh8qr1U6XR9ezRinw2pr8MRcBK1AYiFlVaqXAnrjNTQl7gUMuGK1DCQKBml
0Ghtf6M=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:10:25 2025 by rpki-client