Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kAlqCwBj7v0_CjlImMlSdR0_WCU.roa
File: kAlqCwBj7v0_CjlImMlSdR0_WCU.roa (raw, json)
Hash identifier: cAJRE4NkswO5fcDciDDxWp5qLPLE/SwiYbV6J/4J5Os=
Subject key identifier: 90:09:6A:0B:00:63:EE:FD:3F:0A:39:48:98:C9:52:75:1D:3F:58:25
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5299
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kAlqCwBj7v0_CjlImMlSdR0_WCU.roa
Signing time: Wed 08 May 2024 17:23:57 +0000
ROA not before: Wed 08 May 2024 17:23:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21145 (0x5299)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 17:23:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=90096A0B0063EEFD3F0A394898C952751D3F5825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:76:7e:ba:f5:2d:ed:ac:2b:5a:b4:90:0e:6b:
0a:04:8c:1c:4a:8b:86:7c:e8:4e:79:02:f5:d9:39:
e4:24:b5:fd:61:b4:05:e9:84:4d:66:1f:77:38:21:
01:23:dd:36:82:36:49:ea:48:45:7a:29:db:16:50:
a4:cb:43:05:4c:b0:e5:19:8b:a0:41:a5:8b:23:37:
90:ed:19:49:e4:48:7d:f5:0a:cc:09:92:66:46:b7:
d0:e5:5a:76:f5:ef:93:93:0e:7e:83:48:fd:74:36:
ed:26:4c:ab:9a:fa:a0:16:cf:15:4a:4e:41:aa:b9:
2b:91:d4:38:81:8e:96:ab:8a:f9:61:e4:ad:1c:9b:
cb:9b:a6:d1:3b:64:f1:92:08:1a:1f:38:fc:9e:99:
33:72:01:65:53:ec:3d:e7:c8:5b:7d:fb:11:7f:f1:
00:e8:e3:d1:18:cd:86:78:38:47:26:05:87:0e:7b:
c7:ec:f4:5b:2a:56:76:58:01:bb:c7:a6:65:0f:c0:
7c:48:95:e0:91:40:19:2c:15:3e:5e:3f:a3:36:da:
63:83:16:51:6a:be:1c:20:c3:9c:53:12:52:18:67:
45:42:81:71:0c:b1:a4:54:1f:fd:d9:56:9a:9e:37:
71:39:29:86:84:36:7b:3b:52:5e:97:d8:5f:8a:8b:
aa:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:09:6A:0B:00:63:EE:FD:3F:0A:39:48:98:C9:52:75:1D:3F:58:25
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kAlqCwBj7v0_CjlImMlSdR0_WCU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2b:77:1a:92:64:f7:21:d1:1a:a7:92:eb:88:65:a2:a5:b2:ce:
e5:fa:06:a0:0b:8a:7f:90:81:a2:a3:66:dc:95:e7:ac:f7:c2:
71:c6:ec:e8:36:cf:13:09:da:c3:a0:d3:03:f7:2e:aa:44:a2:
57:2e:c7:46:ad:6f:14:ab:a6:fd:10:31:20:95:8f:66:25:58:
5e:8e:74:20:89:64:e3:a7:53:3f:b3:e2:f0:7d:91:7e:26:51:
18:71:40:4f:06:75:b1:0a:44:81:41:a0:91:21:0e:82:1d:ca:
dd:3e:e8:f3:6f:f9:ec:12:9a:5d:de:9a:3f:b9:46:f6:33:85:
84:85:d4:24:74:01:07:11:1b:f7:14:8b:78:53:40:da:3c:32:
73:52:15:c1:7a:2b:95:5f:f1:cd:58:14:1f:80:3a:0c:5c:93:
e9:8c:d7:78:8e:4c:62:35:c1:70:8d:c3:c1:3a:6e:94:bd:1b:
56:2b:05:7f:70:bf:f0:4d:cf:1a:25:6e:f0:73:2a:70:63:98:
2b:b5:c1:35:98:18:fc:c1:d4:12:21:37:58:27:c1:ab:de:7e:
b9:0f:09:4e:a7:c0:40:78:87:cd:ba:97:72:d0:13:0d:ca:80:
7c:64:ac:6c:16:9b:e6:d2:bd:28:fe:07:0c:c4:7f:0c:63:a8:
db:29:9b:2b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUpkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgx
NzIzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwMDk2QTBCMDA2M0VF
RkQzRjBBMzk0ODk4Qzk1Mjc1MUQzRjU4MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxdn669S3trCtatJAOawoEjBxKi4Z86E55AvXZOeQktf1htAXp
hE1mH3c4IQEj3TaCNknqSEV6KdsWUKTLQwVMsOUZi6BBpYsjN5DtGUnkSH31CswJ
kmZGt9DlWnb175OTDn6DSP10Nu0mTKua+qAWzxVKTkGquSuR1DiBjparivlh5K0c
m8ubptE7ZPGSCBofOPyemTNyAWVT7D3nyFt9+xF/8QDo49EYzYZ4OEcmBYcOe8fs
9FsqVnZYAbvHpmUPwHxIleCRQBksFT5eP6M22mODFlFqvhwgw5xTElIYZ0VCgXEM
saRUH/3ZVpqeN3E5KYaENns7Ul6X2F+Ki6qTAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUkAlqCwBj7v0/CjlImMlSdR0/WCUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tBbHFDd0JqN3YwX0Nq
bEltTWxTZFIwX1dDVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACt3GpJk9yHRGqeS
64hloqWyzuX6BqALin+QgaKjZtyV56z3wnHG7Og2zxMJ2sOg0wP3LqpEolcux0at
bxSrpv0QMSCVj2YlWF6OdCCJZOOnUz+z4vB9kX4mURhxQE8GdbEKRIFBoJEhDoId
yt0+6PNv+ewSml3emj+5RvYzhYSF1CR0AQcRG/cUi3hTQNo8MnNSFcF6K5Vf8c1Y
FB+AOgxck+mM13iOTGI1wXCNw8E6bpS9G1YrBX9wv/BNzxolbvBzKnBjmCu1wTWY
GPzB1BIhN1gnwavefrkPCU6nwEB4h826l3LQEw3KgHxkrGwWm+bSvSj+BwzEfwxj
qNspmys=
-----END CERTIFICATE-----
Generated at Sat Jun 21 05:35:28 2025 by rpki-client