Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/a-JtNv1GeVUHy6w0CP94umQdz98.roa
File: a-JtNv1GeVUHy6w0CP94umQdz98.roa (raw, json)
Hash identifier: jTxXqj/TRVhKyQWBqdk3IU8yZ4PLUSowZjbovATRU44=
Subject key identifier: 6B:E2:6D:36:FD:46:79:55:07:CB:AC:34:08:FF:78:BA:64:1D:CF:DF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 565D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/a-JtNv1GeVUHy6w0CP94umQdz98.roa
Signing time: Mon 13 May 2024 17:54:18 +0000
ROA not before: Mon 13 May 2024 17:54:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22109 (0x565d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 17:54:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6BE26D36FD46795507CBAC3408FF78BA641DCFDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b6:6d:01:d3:84:b0:02:01:b9:fc:61:6c:b9:
e7:ea:04:20:90:87:7a:81:53:ca:ae:19:0c:13:4f:
3b:0d:fb:b0:cc:f7:01:9e:a3:0f:75:cc:ef:ec:20:
aa:6b:1c:8a:7c:64:5f:e4:ae:f6:3b:8a:4a:0d:bb:
4f:dd:b2:1c:d0:c4:20:db:30:ce:35:e5:3b:4c:cc:
1d:0e:b6:b8:89:9a:23:af:e8:a2:42:c4:ad:3b:67:
ba:02:a4:ea:b4:b3:a6:77:4f:53:36:38:37:61:8d:
c6:44:e2:be:7c:c6:22:cc:bd:4a:f5:8f:f4:fd:fb:
0a:e1:13:57:b8:a2:9c:11:b2:bd:61:3c:92:30:78:
20:af:f3:9d:d8:35:18:75:20:9f:4e:cf:7c:26:98:
6c:a5:5e:90:9f:9d:24:09:af:68:c4:98:40:9e:e9:
43:44:79:36:85:9b:d1:96:84:9a:61:65:91:68:da:
9f:eb:90:dc:3e:a0:28:d1:ca:91:d7:e9:c0:7b:97:
67:95:40:3d:be:f0:63:a7:0a:16:92:fe:4f:fe:5c:
81:1f:f0:58:c4:70:05:4b:08:19:51:91:ad:dd:94:
d4:f4:1e:d8:2d:20:b6:2c:94:74:56:58:8f:35:95:
bb:a5:c5:5b:75:3c:4b:92:51:96:bd:d6:57:ac:63:
d2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E2:6D:36:FD:46:79:55:07:CB:AC:34:08:FF:78:BA:64:1D:CF:DF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/a-JtNv1GeVUHy6w0CP94umQdz98.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b9:a9:91:a2:3e:be:f4:f9:8b:16:1f:42:a7:27:68:fa:d6:34:
fe:29:c3:22:40:54:ac:63:31:51:9d:76:90:6b:a0:4b:91:2b:
9c:34:be:73:8a:a1:dc:98:c1:4a:da:16:0f:31:e9:80:30:c6:
3e:16:ea:c2:b3:42:a7:7c:a6:c7:af:f0:fb:ea:eb:c0:45:b6:
fa:ba:10:64:8b:41:29:2b:9c:01:30:f9:5b:39:86:4b:06:9e:
ad:75:46:4e:66:af:44:c5:08:df:cb:3f:83:ef:bd:47:82:a9:
fa:9d:c2:d6:f0:1b:9a:ab:95:57:a1:be:5c:91:27:41:68:b6:
c9:fc:5a:ca:06:62:f9:65:ea:d3:e8:f2:f4:c2:c0:5e:14:cf:
fe:4f:5f:c9:f5:e0:d4:87:a5:91:2f:5c:92:f8:6d:10:80:6a:
74:c6:ab:98:65:e7:83:d5:93:fd:57:38:d6:72:3b:b2:17:71:
db:aa:49:0b:00:7e:9a:e2:56:ec:d5:37:0e:01:12:9d:ef:9c:
49:c1:ec:b7:cf:65:ed:b8:fc:b2:34:61:2c:97:86:98:c1:51:
63:76:ed:46:54:77:23:b1:1d:32:dc:b2:62:1d:94:70:e5:52:
3d:e3:ea:70:ca:3b:6a:dc:43:94:fd:a8:bc:df:19:92:ec:b4:
4b:af:93:53
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVl0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMx
NzU0MThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZCRTI2RDM2RkQ0Njc5
NTUwN0NCQUMzNDA4RkY3OEJBNjQxRENGREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDltm0B04SwAgG5/GFsuefqBCCQh3qBU8quGQwTTzsN+7DM9wGe
ow91zO/sIKprHIp8ZF/krvY7ikoNu0/dshzQxCDbMM415TtMzB0OtriJmiOv6KJC
xK07Z7oCpOq0s6Z3T1M2ODdhjcZE4r58xiLMvUr1j/T9+wrhE1e4opwRsr1hPJIw
eCCv853YNRh1IJ9Oz3wmmGylXpCfnSQJr2jEmECe6UNEeTaFm9GWhJphZZFo2p/r
kNw+oCjRypHX6cB7l2eVQD2+8GOnChaS/k/+XIEf8FjEcAVLCBlRka3dlNT0Htgt
ILYslHRWWI81lbulxVt1PEuSUZa91lesY9KbAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUa+JtNv1GeVUHy6w0CP94umQdz98wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2EtSnROdjFHZVZVSHk2
dzBDUDk0dW1RZHo5OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALmpkaI+vvT5ixYf
QqcnaPrWNP4pwyJAVKxjMVGddpBroEuRK5w0vnOKodyYwUraFg8x6YAwxj4W6sKz
Qqd8psev8Pvq68BFtvq6EGSLQSkrnAEw+Vs5hksGnq11Rk5mr0TFCN/LP4PvvUeC
qfqdwtbwG5qrlVehvlyRJ0Fotsn8WsoGYvll6tPo8vTCwF4Uz/5PX8n14NSHpZEv
XJL4bRCAanTGq5hl54PVk/1XONZyO7IXcduqSQsAfpriVuzVNw4BEp3vnEnB7LfP
Ze24/LI0YSyXhpjBUWN27UZUdyOxHTLcsmIdlHDlUj3j6nDKO2rcQ5T9qLzfGZLs
tEuvk1M=
-----END CERTIFICATE-----
Generated at Sat Jun 21 05:36:22 2025 by rpki-client