Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/cB-_cwKAnENeuo9pTymM5rvkJBA.roa
File: cB-_cwKAnENeuo9pTymM5rvkJBA.roa (raw, json)
Hash identifier: Bh3hbrbyEk0zR4SpQ0ySy/wqOvaUO+g52WwlfPRre+M=
Subject key identifier: 70:1F:BF:73:02:80:9C:43:5E:BA:8F:69:4F:29:8C:E6:BB:E4:24:10
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3ADD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cB-_cwKAnENeuo9pTymM5rvkJBA.roa
Signing time: Sun 07 Apr 2024 01:52:30 +0000
ROA not before: Sun 07 Apr 2024 01:52:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15069 (0x3add)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 01:52:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=701FBF7302809C435EBA8F694F298CE6BBE42410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:35:65:e7:3c:e7:65:82:f8:7a:1a:6c:65:92:
e5:6e:b0:ec:55:6a:df:c9:78:f1:67:04:65:92:77:
13:a6:d5:9e:62:8e:55:61:a0:ee:b2:22:cf:4b:54:
28:b8:f2:e2:b9:09:f6:83:5a:8f:b9:cc:35:c2:03:
91:1f:54:9f:07:0a:19:5a:63:17:cf:c7:e3:98:96:
4d:b5:e1:73:49:ed:c5:6b:f6:24:2c:e5:85:44:76:
74:33:61:a9:c0:3c:34:62:93:f3:43:19:f1:60:65:
5c:45:d6:f7:e1:13:03:85:1a:49:77:c4:63:8a:fe:
c7:d6:fe:f0:fb:18:17:68:2b:32:30:8d:97:06:a3:
fd:fd:5c:c0:67:31:64:df:30:a1:6e:1f:99:52:11:
61:ae:90:8d:8a:02:66:2a:32:f2:cd:83:c0:24:10:
a0:44:0a:3a:10:4f:5a:8e:3d:b6:e5:09:41:6b:4f:
3e:dc:5b:35:74:b1:ec:16:1e:4b:c4:6b:25:77:72:
58:5e:25:c2:09:f4:e4:68:9d:c9:56:4a:54:a9:43:
15:e5:57:ba:6a:19:fc:b7:5f:64:f6:35:68:39:3c:
7b:ee:fe:f3:4f:f9:da:1c:bd:9c:ae:39:82:f0:58:
b6:3c:18:2c:bf:69:b1:28:bf:2a:6f:a0:a3:9e:ea:
b9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:1F:BF:73:02:80:9C:43:5E:BA:8F:69:4F:29:8C:E6:BB:E4:24:10
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cB-_cwKAnENeuo9pTymM5rvkJBA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
79:3f:c8:b0:7e:7d:5d:09:90:92:45:c8:3b:5a:57:75:32:45:
7d:c3:16:1c:b2:16:16:d2:74:e8:66:c0:2e:ed:99:3f:b9:4b:
97:6c:2d:95:5d:80:fe:c1:68:32:21:20:57:82:b6:0a:ba:86:
3d:33:51:02:c4:e8:92:c7:ca:a6:5a:af:a8:5d:44:ac:3f:9e:
49:9e:24:af:48:c0:6e:20:9f:92:5b:00:4b:c5:93:3e:7d:17:
2f:83:9d:f1:93:00:07:c9:22:36:f0:57:c8:dd:b2:8a:a1:64:
25:2c:23:d7:85:4b:a0:9a:83:88:87:06:f5:cb:f0:9a:ba:06:
ff:9a:6d:c5:87:33:d3:f9:8c:ab:d5:e8:75:bf:9a:0c:24:b0:
a9:ec:04:b9:a7:f8:f8:a9:0f:07:4c:df:ac:2d:50:b0:66:a3:
4d:b2:70:d0:c7:85:57:32:be:a5:fa:7c:d6:f4:dd:4e:ca:b7:
54:b3:60:5a:dc:28:b9:10:ab:4b:9b:9e:2a:e5:76:db:79:25:
73:fd:05:9c:4b:b0:00:73:a3:a1:14:08:74:e9:a0:fc:80:65:
de:67:95:de:2e:8d:19:d4:d9:70:4e:74:cf:f8:0f:0e:9c:87:
6c:a9:35:8c:e4:c8:38:09:d3:ce:54:ce:7f:16:dd:98:27:8e:
c2:a3:1c:e6
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOt0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcw
MTUyMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcwMUZCRjczMDI4MDlD
NDM1RUJBOEY2OTRGMjk4Q0U2QkJFNDI0MTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWNWXnPOdlgvh6GmxlkuVusOxVat/JePFnBGWSdxOm1Z5ijlVh
oO6yIs9LVCi48uK5CfaDWo+5zDXCA5EfVJ8HChlaYxfPx+OYlk214XNJ7cVr9iQs
5YVEdnQzYanAPDRik/NDGfFgZVxF1vfhEwOFGkl3xGOK/sfW/vD7GBdoKzIwjZcG
o/39XMBnMWTfMKFuH5lSEWGukI2KAmYqMvLNg8AkEKBECjoQT1qOPbblCUFrTz7c
WzV0sewWHkvEayV3clheJcIJ9ORonclWSlSpQxXlV7pqGfy3X2T2NWg5PHvu/vNP
+docvZyuOYLwWLY8GCy/abEovypvoKOe6rmnAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUcB+/cwKAnENeuo9pTymM5rvkJBAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NCLV9jd0tBbkVOZXVv
OXBUeW1NNXJ2a0pCQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHk/yLB+fV0JkJJF
yDtaV3UyRX3DFhyyFhbSdOhmwC7tmT+5S5dsLZVdgP7BaDIhIFeCtgq6hj0zUQLE
6JLHyqZar6hdRKw/nkmeJK9IwG4gn5JbAEvFkz59Fy+DnfGTAAfJIjbwV8jdsoqh
ZCUsI9eFS6Cag4iHBvXL8Jq6Bv+abcWHM9P5jKvV6HW/mgwksKnsBLmn+PipDwdM
36wtULBmo02ycNDHhVcyvqX6fNb03U7Kt1SzYFrcKLkQq0ubnirldtt5JXP9BZxL
sABzo6EUCHTpoPyAZd5nld4ujRnU2XBOdM/4Dw6ch2ypNYzkyDgJ085Uzn8W3Zgn
jsKjHOY=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:42:45 2025 by rpki-client