Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fqHl5SdVxE9-eIa-a3fjZ_zTOw4.roa
File: fqHl5SdVxE9-eIa-a3fjZ_zTOw4.roa (raw, json)
Hash identifier: DKeY1G0oJf9/p/8fEf9F0Gg9CM8Km5I7r10Q58WqU8o=
Subject key identifier: 7E:A1:E5:E5:27:55:C4:4F:7E:78:86:BE:6B:77:E3:67:FC:D3:3B:0E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C81
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fqHl5SdVxE9-eIa-a3fjZ_zTOw4.roa
Signing time: Tue 09 Apr 2024 06:22:39 +0000
ROA not before: Tue 09 Apr 2024 06:22:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15489 (0x3c81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 06:22:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7EA1E5E52755C44F7E7886BE6B77E367FCD33B0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ae:4e:80:41:1c:44:89:e7:79:57:04:8e:40:
2a:9f:f9:d2:a5:85:42:f8:cb:f9:45:d6:25:2c:45:
5f:3e:fb:92:10:e5:98:a7:e9:1a:20:5c:69:37:d9:
d4:ac:0a:20:1e:7e:2c:df:4f:53:6b:b3:af:14:1a:
9e:27:a9:f7:ff:1d:b0:10:e6:47:20:ba:37:f4:8f:
7f:5b:6c:e2:ed:29:86:1f:dd:5d:42:88:ae:a3:85:
1c:3a:d2:ed:d1:37:ae:10:10:f7:7a:10:e9:86:8d:
0a:b1:99:56:12:1e:a8:78:e0:95:6f:d6:60:7e:0c:
61:ae:d5:ec:41:9d:80:91:5f:7b:ae:07:65:6e:15:
e6:5c:43:4c:6d:84:39:ab:e7:33:f0:2f:62:21:6a:
b3:2c:d8:eb:7e:29:3d:92:3f:fb:84:3a:1b:0b:0c:
cd:cf:88:7c:a9:bd:f1:f9:c2:98:54:7f:d7:68:fd:
48:a4:46:27:ee:b3:0b:46:51:05:bb:61:72:95:2b:
df:c5:db:0f:89:83:11:b8:1a:d3:34:8d:b1:b3:cd:
e9:d6:bc:d1:02:f3:01:0f:26:9e:2a:9b:62:55:78:
d7:ab:5b:2a:a6:6a:b8:cc:20:f1:43:e1:04:af:7d:
7b:98:57:30:f5:56:1e:ac:ba:89:83:c9:64:2e:78:
23:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:A1:E5:E5:27:55:C4:4F:7E:78:86:BE:6B:77:E3:67:FC:D3:3B:0E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fqHl5SdVxE9-eIa-a3fjZ_zTOw4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2c:9f:13:f6:24:d9:9b:30:a3:04:d6:e1:37:b6:3e:5e:a6:d6:
d8:09:89:6b:e1:79:69:50:2d:06:87:db:d3:fd:62:36:1d:96:
35:b3:cc:bf:f4:8e:4b:50:36:83:49:a4:0f:19:37:1b:9b:fd:
71:e8:66:d6:c8:51:11:16:f6:c6:75:b7:15:42:e7:14:8d:23:
f8:49:c2:8c:7b:6a:25:e2:7a:2a:7f:ab:0e:9c:3b:99:81:f9:
a3:d0:e9:4d:66:41:53:51:34:25:86:e9:f5:02:56:59:e0:1f:
0a:5b:dc:55:04:eb:ae:24:80:78:60:7c:a0:5b:83:46:9b:83:
56:5a:55:87:61:c1:68:7f:50:53:3f:d3:3b:17:d4:29:ec:92:
6b:91:a0:41:42:2a:3c:c0:2f:cc:75:e3:35:2b:3d:d0:c0:fb:
b7:84:1e:c6:0f:32:11:0b:cf:11:11:eb:3a:62:e0:e3:4f:5a:
33:da:48:8b:93:1d:18:dc:69:81:53:2a:10:4b:5d:da:8e:fd:
0b:3b:b7:a0:f8:26:0a:9f:b5:58:7f:29:bf:c7:d3:74:57:c5:
d8:78:8f:9c:8c:39:59:5c:63:8e:56:d2:3e:e1:8e:d9:c8:bc:
ed:82:6c:43:82:9c:a9:9c:c6:44:87:22:77:da:b5:67:8f:67:
20:ea:41:c0
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPIEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkw
NjIyMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdFQTFFNUU1Mjc1NUM0
NEY3RTc4ODZCRTZCNzdFMzY3RkNEMzNCMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzrk6AQRxEied5VwSOQCqf+dKlhUL4y/lF1iUsRV8++5IQ5Zin
6RogXGk32dSsCiAefizfT1Nrs68UGp4nqff/HbAQ5kcgujf0j39bbOLtKYYf3V1C
iK6jhRw60u3RN64QEPd6EOmGjQqxmVYSHqh44JVv1mB+DGGu1exBnYCRX3uuB2Vu
FeZcQ0xthDmr5zPwL2IharMs2Ot+KT2SP/uEOhsLDM3PiHypvfH5wphUf9do/Uik
RifuswtGUQW7YXKVK9/F2w+JgxG4GtM0jbGzzenWvNEC8wEPJp4qm2JVeNerWyqm
arjMIPFD4QSvfXuYVzD1Vh6suomDyWQueCN9AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUfqHl5SdVxE9+eIa+a3fjZ/zTOw4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ZxSGw1U2RWeEU5LWVJ
YS1hM2ZqWl96VE93NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACyfE/Yk2ZswowTW
4Te2Pl6m1tgJiWvheWlQLQaH29P9YjYdljWzzL/0jktQNoNJpA8ZNxub/XHoZtbI
UREW9sZ1txVC5xSNI/hJwox7aiXieip/qw6cO5mB+aPQ6U1mQVNRNCWG6fUCVlng
Hwpb3FUE664kgHhgfKBbg0abg1ZaVYdhwWh/UFM/0zsX1CnskmuRoEFCKjzAL8x1
4zUrPdDA+7eEHsYPMhELzxER6zpi4ONPWjPaSIuTHRjcaYFTKhBLXdqO/Qs7t6D4
JgqftVh/Kb/H03RXxdh4j5yMOVlcY45W0j7hjtnIvO2CbEOCnKmcxkSHInfatWeP
ZyDqQcA=
-----END CERTIFICATE-----
Generated at Sat Jun 21 05:35:20 2025 by rpki-client