Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/EbImMFglD1ZAw65C104BTZke98k.roa
File: EbImMFglD1ZAw65C104BTZke98k.roa (raw, json)
Hash identifier: +EajCNygM5tqlKW2y8JvEF60Dzju298DJp2GkNAlMis=
Subject key identifier: 11:B2:26:30:58:25:0F:56:40:C3:AE:42:D7:4E:01:4D:99:1E:F7:C9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 39F9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EbImMFglD1ZAw65C104BTZke98k.roa
Signing time: Fri 05 Apr 2024 21:22:26 +0000
ROA not before: Fri 05 Apr 2024 21:22:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14841 (0x39f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 21:22:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=11B2263058250F5640C3AE42D74E014D991EF7C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c5:de:f8:27:a3:05:69:16:6c:70:0e:36:b3:
8b:6e:0b:cc:27:e3:51:d8:d1:53:30:be:99:aa:9e:
a0:c6:8c:76:c5:ae:75:a0:cf:42:74:09:3c:25:d8:
3c:d7:5a:11:99:bb:ad:e4:09:88:6c:34:ca:76:a6:
37:00:36:4c:57:91:f4:fd:dd:d4:49:ea:ea:d6:76:
6e:40:70:af:0f:5e:68:c0:4b:0d:77:5b:52:aa:06:
d7:6b:a4:75:69:61:ab:04:e3:1c:6c:b7:3d:41:bb:
52:c9:9b:71:44:f7:27:03:09:34:97:35:90:75:a8:
0d:6c:d7:c5:5a:c0:e0:df:cd:7c:6b:af:09:4e:20:
0e:81:68:e6:e1:b0:f6:0e:c1:41:6c:bd:1e:c0:e8:
d0:34:19:67:62:f9:c3:d6:ed:50:80:d4:90:1c:70:
93:a5:45:0a:66:35:e0:f7:db:00:b9:47:d7:ea:7d:
49:47:d2:64:66:6d:62:48:be:7d:82:e4:5c:87:07:
46:3f:39:b3:9b:e6:84:6c:4e:1d:a5:7f:7c:47:16:
fd:09:09:a3:b8:6d:99:15:81:e6:6b:b6:85:33:3c:
ef:c7:82:a0:f9:f9:88:1f:eb:ea:fe:84:1e:e7:ad:
bb:f5:25:a6:f9:34:cb:55:09:64:9c:f2:4c:f3:b0:
7d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B2:26:30:58:25:0F:56:40:C3:AE:42:D7:4E:01:4D:99:1E:F7:C9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EbImMFglD1ZAw65C104BTZke98k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
44:b8:92:a8:a5:0f:85:e0:d8:d7:34:0b:13:04:6c:d8:23:cd:
3a:29:c2:59:6a:58:8a:b3:a3:a0:35:7a:e7:50:da:1a:1d:7b:
56:01:2b:da:3e:9b:10:48:f3:97:48:47:03:41:6f:7d:97:72:
54:b3:a3:00:d4:b4:53:40:6d:90:8c:9b:cd:0f:93:5a:c1:7c:
2f:1f:dc:a1:ce:5e:c7:d8:b0:3b:da:54:61:90:86:01:c6:fb:
e1:3d:a2:2e:26:fc:c2:e3:a8:5a:a9:d4:1b:b8:bf:92:9c:46:
d3:b6:82:25:e8:86:f7:16:d6:b8:ed:87:d6:56:00:fc:6d:26:
4d:d2:54:fd:d0:42:fb:9c:11:20:b1:b0:bf:5f:dc:6e:c8:c2:
1c:49:25:23:7d:bf:83:a2:d2:8c:bd:61:d7:d8:56:50:d0:e9:
3d:d5:7d:3e:06:5e:96:8c:f3:d1:5c:e1:39:60:1d:01:98:55:
4b:3c:45:4c:cc:9a:0a:75:46:4c:ae:f5:9f:62:d2:0f:65:49:
db:7b:30:42:91:30:70:26:13:e6:58:1d:c2:51:3f:ed:f5:f0:
90:e9:fc:6d:51:e0:bf:7d:74:b4:91:ca:af:b3:62:e8:b6:ee:
90:c2:41:08:29:2e:e2:d3:cc:db:81:cf:b9:c3:ce:66:8c:dc:
cf:45:a2:d6
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOfkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUy
MTIyMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDExQjIyNjMwNTgyNTBG
NTY0MEMzQUU0MkQ3NEUwMTREOTkxRUY3QzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRxd74J6MFaRZscA42s4tuC8wn41HY0VMwvpmqnqDGjHbFrnWg
z0J0CTwl2DzXWhGZu63kCYhsNMp2pjcANkxXkfT93dRJ6urWdm5AcK8PXmjASw13
W1KqBtdrpHVpYasE4xxstz1Bu1LJm3FE9ycDCTSXNZB1qA1s18VawODfzXxrrwlO
IA6BaObhsPYOwUFsvR7A6NA0GWdi+cPW7VCA1JAccJOlRQpmNeD32wC5R9fqfUlH
0mRmbWJIvn2C5FyHB0Y/ObOb5oRsTh2lf3xHFv0JCaO4bZkVgeZrtoUzPO/HgqD5
+Ygf6+r+hB7nrbv1Jab5NMtVCWSc8kzzsH1HAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUEbImMFglD1ZAw65C104BTZke98kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ViSW1NRmdsRDFaQXc2
NUMxMDRCVFprZTk4ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAES4kqilD4Xg2Nc0
CxMEbNgjzTopwllqWIqzo6A1eudQ2hode1YBK9o+mxBI85dIRwNBb32XclSzowDU
tFNAbZCMm80Pk1rBfC8f3KHOXsfYsDvaVGGQhgHG++E9oi4m/MLjqFqp1Bu4v5Kc
RtO2giXohvcW1rjth9ZWAPxtJk3SVP3QQvucESCxsL9f3G7IwhxJJSN9v4Oi0oy9
YdfYVlDQ6T3VfT4GXpaM89Fc4TlgHQGYVUs8RUzMmgp1Rkyu9Z9i0g9lSdt7MEKR
MHAmE+ZYHcJRP+318JDp/G1R4L99dLSRyq+zYui27pDCQQgpLuLTzNuBz7nDzmaM
3M9FotY=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:00:08 2025 by rpki-client