Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QZB8qZheJugohicpkwTD4MUHN6c.roa
File: QZB8qZheJugohicpkwTD4MUHN6c.roa (raw, json)
Hash identifier: dKN0qrGx+RG9E6sL0q2rEx4/DIXVe4sqDuIyvKX8Gv0=
Subject key identifier: 41:90:7C:A9:98:5E:26:E8:28:86:27:29:93:04:C3:E0:C5:07:37:A7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 32F5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QZB8qZheJugohicpkwTD4MUHN6c.roa
Signing time: Wed 27 Mar 2024 12:52:01 +0000
ROA not before: Wed 27 Mar 2024 12:52:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13045 (0x32f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 12:52:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=41907CA9985E26E8288627299304C3E0C50737A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ce:74:91:ea:6a:79:91:bc:7a:ed:49:2f:5a:
d2:07:c8:2b:b2:2d:af:3b:dd:38:b9:86:6a:6b:cf:
1f:e4:73:8b:b2:4a:24:4b:5f:a6:74:fd:91:37:de:
19:03:b4:c4:d9:b3:81:6d:ec:4a:12:82:da:c1:72:
d3:e0:35:ed:06:15:1f:7a:c6:62:28:6e:ee:3a:70:
7b:31:42:1f:dc:63:71:e4:99:97:c0:26:e2:6f:df:
4c:4e:f0:16:57:a5:6d:52:d1:7b:20:c7:95:23:f2:
01:91:9c:f6:30:0f:20:ad:e2:74:5c:da:1b:16:a8:
bc:fb:86:e8:54:0c:cf:30:f3:05:3b:e5:fe:d9:d4:
d5:b2:f3:6c:46:52:9b:a9:f5:3f:28:f1:28:4e:fe:
b3:4a:0e:00:3b:9b:45:2f:e5:74:14:67:1d:79:02:
04:0a:55:06:12:c8:48:1b:aa:0f:5f:ef:96:83:ac:
fc:f3:34:68:e6:2c:24:5f:e4:4e:be:de:02:1d:43:
0d:90:7b:26:87:ad:91:f8:b3:97:50:a5:e7:79:3c:
a4:23:7b:18:86:53:05:6a:eb:65:80:16:f2:14:1a:
cc:5d:6d:40:7d:e3:30:8d:b3:77:a9:88:a8:99:b6:
c4:7b:5d:25:50:97:dd:d4:5d:b6:24:cb:c1:9c:80:
6e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:90:7C:A9:98:5E:26:E8:28:86:27:29:93:04:C3:E0:C5:07:37:A7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QZB8qZheJugohicpkwTD4MUHN6c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
21:e7:31:0b:d6:08:00:37:dc:b8:11:21:a1:30:90:ea:09:b9:
0e:a2:83:dd:bb:4c:2a:75:e2:cc:f4:38:13:44:eb:2f:b2:b4:
08:e5:2c:9f:98:79:b4:03:4e:77:3c:fb:fc:b8:f4:1b:88:28:
23:a3:80:37:be:5a:90:ae:aa:b8:ea:6e:40:99:29:83:30:fd:
06:b7:3b:4c:2b:c4:73:70:7f:60:a1:00:e9:ff:01:cc:69:07:
73:2c:9b:be:0f:cc:e0:36:51:a5:39:cf:11:10:3c:80:80:9c:
83:6d:6a:22:15:8e:42:db:e4:48:25:13:c0:67:4f:d6:f9:1f:
59:c4:69:21:00:d6:13:ed:19:63:8d:15:35:e7:98:06:75:22:
46:d7:b0:82:3a:7d:fc:58:ac:63:fa:ae:b7:a0:28:17:65:fd:
ba:6b:fe:7c:b2:70:51:ff:0c:cc:6f:cf:e5:77:61:c8:b6:6e:
39:20:ac:92:cf:b4:d5:02:80:92:19:b0:eb:48:ae:8c:5f:f5:
0e:f5:cd:11:55:52:20:26:4c:a1:f2:4a:df:a0:b4:bd:6e:3b:
97:09:18:ab:f7:a5:c2:e6:bc:2f:e9:66:36:ae:e7:ec:51:3f:
bd:3e:bf:b8:1f:59:c3:2a:4b:7e:e8:7e:31:03:f8:da:3e:ba:
e4:4c:fb:c3
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICMvUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcx
MjUyMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQxOTA3Q0E5OTg1RTI2
RTgyODg2MjcyOTkzMDRDM0UwQzUwNzM3QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRznSR6mp5kbx67UkvWtIHyCuyLa873Ti5hmprzx/kc4uySiRL
X6Z0/ZE33hkDtMTZs4Ft7EoSgtrBctPgNe0GFR96xmIobu46cHsxQh/cY3HkmZfA
JuJv30xO8BZXpW1S0Xsgx5Uj8gGRnPYwDyCt4nRc2hsWqLz7huhUDM8w8wU75f7Z
1NWy82xGUpup9T8o8ShO/rNKDgA7m0Uv5XQUZx15AgQKVQYSyEgbqg9f75aDrPzz
NGjmLCRf5E6+3gIdQw2QeyaHrZH4s5dQped5PKQjexiGUwVq62WAFvIUGsxdbUB9
4zCNs3epiKiZtsR7XSVQl93UXbYky8GcgG55AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUQZB8qZheJugohicpkwTD4MUHN6cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FaQjhxWmhlSnVnb2hp
Y3Brd1RENE1VSE42Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACHnMQvWCAA33LgR
IaEwkOoJuQ6ig927TCp14sz0OBNE6y+ytAjlLJ+YebQDTnc8+/y49BuIKCOjgDe+
WpCuqrjqbkCZKYMw/Qa3O0wrxHNwf2ChAOn/AcxpB3Msm74PzOA2UaU5zxEQPICA
nINtaiIVjkLb5EglE8BnT9b5H1nEaSEA1hPtGWONFTXnmAZ1IkbXsII6ffxYrGP6
rregKBdl/bpr/nyycFH/DMxvz+V3Yci2bjkgrJLPtNUCgJIZsOtIroxf9Q71zRFV
UiAmTKHySt+gtL1uO5cJGKv3pcLmvC/pZjau5+xRP70+v7gfWcMqS37ofjED+No+
uuRM+8M=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:05:48 2025 by rpki-client