Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/h-l1VsC8Gr3Z4SSZ2D5fZyvfA3o.roa
File: h-l1VsC8Gr3Z4SSZ2D5fZyvfA3o.roa (raw, json)
Hash identifier: XdryJ3IBR0VPTRqr7joVYHAeMEQL4lpknCZSkaHnSXc=
Subject key identifier: 87:E9:75:56:C0:BC:1A:BD:D9:E1:24:99:D8:3E:5F:67:2B:DF:03:7A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DB5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/h-l1VsC8Gr3Z4SSZ2D5fZyvfA3o.roa
Signing time: Thu 02 May 2024 04:53:57 +0000
ROA not before: Thu 02 May 2024 04:53:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19893 (0x4db5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 04:53:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=87E97556C0BC1ABDD9E12499D83E5F672BDF037A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:de:ae:17:24:70:43:4a:6e:0a:ad:7d:19:3f:
b4:e1:01:bc:83:d4:8f:c7:df:4b:87:3c:34:6f:b5:
1e:ca:9a:5d:5e:bd:7b:41:1b:65:d9:c0:0d:95:5a:
da:0f:c0:f1:9b:85:13:b3:2d:6d:96:a8:51:67:c3:
b6:d8:21:16:dd:88:3a:b1:dd:4f:a2:a8:ac:16:a4:
30:27:3e:15:71:c8:8e:32:94:91:a0:96:f4:7a:d1:
5e:8f:10:e9:b3:a3:30:26:e1:99:1a:bb:c2:24:91:
44:06:bd:3b:50:04:5e:6f:ee:b3:cd:4d:20:75:df:
04:14:fc:7f:1f:80:96:ac:71:39:ac:40:b0:d1:6d:
57:e1:8c:f0:b8:92:6f:d4:e6:0f:c2:0e:a3:b2:3c:
fa:11:57:0f:0b:f2:37:81:b5:ee:e8:f2:0e:58:b0:
6c:87:61:f0:3f:dd:10:79:43:1e:f2:c4:23:4e:fd:
01:d7:f0:68:2b:00:f1:0c:43:9f:37:e4:66:9f:7b:
58:b2:5b:7b:35:fb:da:62:65:30:01:9e:47:8a:c2:
59:5f:45:27:da:be:7b:e5:53:98:0d:10:98:ae:14:
17:15:b7:3c:f3:3d:e8:f3:30:98:bc:9f:c5:57:4d:
37:12:ab:2f:e2:c9:3e:d2:0f:3c:4e:98:29:7c:f8:
2d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E9:75:56:C0:BC:1A:BD:D9:E1:24:99:D8:3E:5F:67:2B:DF:03:7A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/h-l1VsC8Gr3Z4SSZ2D5fZyvfA3o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a0:d7:2d:a8:fd:6d:ac:f2:62:c9:d9:b9:f2:0a:61:2b:fa:3d:
6e:e3:3e:7b:f3:e7:7b:e4:09:58:97:5b:00:b5:0d:be:3a:b9:
42:5e:ef:e3:9d:91:01:31:0b:47:de:f7:50:37:4a:a2:a9:ef:
1b:bc:e2:0c:9f:1b:74:27:a8:44:7b:40:d8:c9:91:ed:75:17:
3d:56:d9:81:c7:2a:6b:02:35:6c:67:20:3c:e9:c7:d4:d3:0d:
67:66:36:a3:1e:f3:66:f1:ba:54:4c:6a:5b:32:88:49:12:75:
56:a2:b8:42:70:9c:fc:9e:f7:5c:b3:d1:52:bb:ec:21:f7:6d:
c3:aa:38:89:c6:6f:dd:b2:0f:4d:19:85:ea:68:f4:ed:a1:3f:
72:1f:f1:05:14:cc:43:40:e2:fa:6c:ba:f6:21:30:cf:d6:8c:
7a:99:71:55:30:8e:9b:ca:7b:f4:ad:5b:7d:36:bd:09:83:ec:
67:b3:56:02:57:4d:7e:57:f2:63:97:85:93:f6:5d:0d:ae:ed:
4e:15:c3:59:80:c1:e0:ff:ee:33:b0:9e:5e:f2:cc:a6:12:e6:
8d:fa:5e:6e:a1:46:46:0c:b9:8b:cc:39:fe:4f:43:48:94:ff:
d9:eb:fc:eb:f1:86:16:94:80:be:df:da:10:de:fc:21:c6:6c:
5b:c9:21:b0
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICTbUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIw
NDUzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg3RTk3NTU2QzBCQzFB
QkREOUUxMjQ5OUQ4M0U1RjY3MkJERjAzN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB3q4XJHBDSm4KrX0ZP7ThAbyD1I/H30uHPDRvtR7Kml1evXtB
G2XZwA2VWtoPwPGbhROzLW2WqFFnw7bYIRbdiDqx3U+iqKwWpDAnPhVxyI4ylJGg
lvR60V6PEOmzozAm4Zkau8IkkUQGvTtQBF5v7rPNTSB13wQU/H8fgJascTmsQLDR
bVfhjPC4km/U5g/CDqOyPPoRVw8L8jeBte7o8g5YsGyHYfA/3RB5Qx7yxCNO/QHX
8GgrAPEMQ5835Gafe1iyW3s1+9piZTABnkeKwllfRSfavnvlU5gNEJiuFBcVtzzz
PejzMJi8n8VXTTcSqy/iyT7SDzxOmCl8+C1DAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUh+l1VsC8Gr3Z4SSZ2D5fZyvfA3owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2gtbDFWc0M4R3IzWjRT
U1oyRDVmWnl2ZkEzby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKDXLaj9bazyYsnZ
ufIKYSv6PW7jPnvz53vkCViXWwC1Db46uUJe7+OdkQExC0fe91A3SqKp7xu84gyf
G3QnqER7QNjJke11Fz1W2YHHKmsCNWxnIDzpx9TTDWdmNqMe82bxulRMalsyiEkS
dVaiuEJwnPye91yz0VK77CH3bcOqOInGb92yD00Zhepo9O2hP3If8QUUzENA4vps
uvYhMM/WjHqZcVUwjpvKe/StW302vQmD7GezVgJXTX5X8mOXhZP2XQ2u7U4Vw1mA
weD/7jOwnl7yzKYS5o36Xm6hRkYMuYvMOf5PQ0iU/9nr/OvxhhaUgL7f2hDe/CHG
bFvJIbA=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:39:08 2025 by rpki-client