Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/FFGbRlsPp8kx0sAoMNjXOsatb_g.roa
File: FFGbRlsPp8kx0sAoMNjXOsatb_g.roa (raw, json)
Hash identifier: bgF41S1ETsPQ8jwACbN6ow/BmlWpmu717aAheFNunI4=
Subject key identifier: 14:51:9B:46:5B:0F:A7:C9:31:D2:C0:28:30:D8:D7:3A:C6:AD:6F:F8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5435
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FFGbRlsPp8kx0sAoMNjXOsatb_g.roa
Signing time: Fri 10 May 2024 20:54:08 +0000
ROA not before: Fri 10 May 2024 20:54:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21557 (0x5435)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 20:54:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=14519B465B0FA7C931D2C02830D8D73AC6AD6FF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:82:0d:0b:3c:86:59:50:66:b2:ed:c6:6b:f6:
b7:e9:9e:2c:03:27:54:bd:e5:05:8b:c5:92:c7:7a:
8d:6a:69:62:e1:85:fb:18:e7:a4:84:64:1b:01:97:
1d:0d:c8:d7:83:91:7d:15:e4:01:a2:be:f5:5e:5e:
a7:20:ea:63:00:42:e3:bc:40:08:25:d7:f3:1c:fa:
92:26:f3:1d:4f:d9:be:91:a2:b5:7c:7a:64:60:b2:
a6:48:e4:27:97:f8:33:6f:01:68:ec:10:26:d1:c7:
cd:4a:e2:7f:13:27:a4:f6:64:8d:7c:23:1e:44:83:
b8:08:cb:65:84:07:a9:c3:a3:80:29:69:80:8a:fb:
51:0b:0a:af:08:e8:3c:3d:e6:2e:0e:50:92:4a:46:
86:89:41:e9:5c:ff:b4:a2:1b:10:dc:71:7b:a8:8d:
af:3c:14:dd:95:5a:ae:0f:6d:0a:48:c7:ee:8e:58:
7e:73:3c:1c:7f:75:1a:44:e9:05:66:ef:d4:c1:0a:
c5:fa:9c:68:f1:25:d1:55:c5:83:31:01:33:e9:d1:
73:22:b8:71:4c:f3:56:43:1d:3b:2b:05:b8:40:f2:
7c:dc:eb:2f:ba:5a:1e:a4:01:72:d9:74:4d:6c:e6:
87:c5:6a:da:27:ee:8f:3b:2c:66:71:87:ef:d8:98:
06:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:51:9B:46:5B:0F:A7:C9:31:D2:C0:28:30:D8:D7:3A:C6:AD:6F:F8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FFGbRlsPp8kx0sAoMNjXOsatb_g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
54:45:e2:86:56:08:5a:37:f1:d0:f8:1e:7a:75:8c:f2:10:b5:
c4:9b:03:4c:45:4f:c8:be:32:71:49:1b:0d:f5:86:ec:38:58:
61:4b:af:88:3c:24:eb:ce:8c:72:2a:57:fa:05:8c:03:5f:c0:
aa:78:70:87:07:f0:f4:92:67:73:78:7d:6c:2d:93:10:a3:39:
de:52:52:08:8c:5e:de:29:2b:92:e5:47:d9:f1:b0:1d:d3:79:
6b:a7:74:48:a1:3a:12:bd:21:c8:5e:c9:bb:29:45:28:63:09:
07:87:da:d7:a3:b0:31:9d:a6:8b:9a:fa:ac:d7:df:8e:70:12:
7f:eb:5f:79:e8:16:29:a3:aa:e2:7e:26:0b:e0:2a:95:e1:65:
8d:d4:9f:63:1c:8e:5c:42:25:f7:f9:bd:f3:30:41:92:13:fd:
fb:26:fd:6e:5a:98:fc:5c:1b:e6:71:41:7b:56:20:0b:8f:78:
63:a5:53:29:38:7b:3c:93:c8:97:e7:a5:eb:82:44:cd:db:35:
cc:99:e5:e7:1b:87:b5:ab:0a:b1:70:90:c6:80:f0:17:f9:cc:
8c:5c:24:a9:b4:03:14:29:4e:e7:e9:13:6a:33:5e:5f:44:86:
55:93:7b:7a:d6:1a:dd:45:e6:7b:96:7a:ea:c8:06:e6:58:7c:
64:1c:3a:a6
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVDUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAy
MDU0MDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE0NTE5QjQ2NUIwRkE3
QzkzMUQyQzAyODMwRDhENzNBQzZBRDZGRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3gg0LPIZZUGay7cZr9rfpniwDJ1S95QWLxZLHeo1qaWLhhfsY
56SEZBsBlx0NyNeDkX0V5AGivvVeXqcg6mMAQuO8QAgl1/Mc+pIm8x1P2b6RorV8
emRgsqZI5CeX+DNvAWjsECbRx81K4n8TJ6T2ZI18Ix5Eg7gIy2WEB6nDo4ApaYCK
+1ELCq8I6Dw95i4OUJJKRoaJQelc/7SiGxDccXuoja88FN2VWq4PbQpIx+6OWH5z
PBx/dRpE6QVm79TBCsX6nGjxJdFVxYMxATPp0XMiuHFM81ZDHTsrBbhA8nzc6y+6
Wh6kAXLZdE1s5ofFaton7o87LGZxh+/YmAZ1AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUFFGbRlsPp8kx0sAoMNjXOsatb/gwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ZGR2JSbHNQcDhreDBz
QW9NTmpYT3NhdGJfZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFRF4oZWCFo38dD4
Hnp1jPIQtcSbA0xFT8i+MnFJGw31huw4WGFLr4g8JOvOjHIqV/oFjANfwKp4cIcH
8PSSZ3N4fWwtkxCjOd5SUgiMXt4pK5LlR9nxsB3TeWundEihOhK9IcheybspRShj
CQeH2tejsDGdpoua+qzX345wEn/rX3noFimjquJ+JgvgKpXhZY3Un2McjlxCJff5
vfMwQZIT/fsm/W5amPxcG+ZxQXtWIAuPeGOlUyk4ezyTyJfnpeuCRM3bNcyZ5ecb
h7WrCrFwkMaA8Bf5zIxcJKm0AxQpTufpE2ozXl9EhlWTe3rWGt1F5nuWeurIBuZY
fGQcOqY=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:27:28 2025 by rpki-client