Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qa3Hhg9RmO_5OJ7javSeTP0jG5I.roa
File: qa3Hhg9RmO_5OJ7javSeTP0jG5I.roa (raw, json)
Hash identifier: RqeH1Am+c3T0wPktTlLnOVWF/2+nZEshS554jh7rX8A=
Subject key identifier: A9:AD:C7:86:0F:51:98:EF:F9:38:9E:E3:6A:F4:9E:4C:FD:23:1B:92
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5801
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qa3Hhg9RmO_5OJ7javSeTP0jG5I.roa
Signing time: Wed 15 May 2024 22:24:14 +0000
ROA not before: Wed 15 May 2024 22:24:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22529 (0x5801)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 22:24:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A9ADC7860F5198EFF9389EE36AF49E4CFD231B92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:71:d1:72:25:3d:28:1d:49:0a:72:dc:c6:57:
55:a1:15:08:88:33:d7:05:7f:e3:d0:97:d8:98:37:
e7:ec:7b:af:5b:f3:96:9f:83:27:66:3d:41:ef:a2:
83:a2:66:0c:07:01:f5:0c:56:4e:cb:7d:ea:6e:eb:
cd:c2:f9:68:49:4b:04:53:1c:b9:01:73:9a:3e:64:
ed:ef:1f:07:1f:de:dc:e4:26:e8:9f:7f:50:0c:5a:
8a:79:0a:37:5f:ac:1e:30:8e:86:28:22:04:05:fc:
3c:ff:d4:86:fa:58:c6:03:0b:fa:c8:c9:a7:78:12:
50:7f:05:a6:74:57:4e:91:c2:8f:29:64:e7:db:aa:
d1:4f:ba:b7:c6:e0:5f:de:bb:fa:c3:f8:80:4a:00:
41:b9:b4:d0:33:7f:8c:d4:a3:4b:17:90:3d:fb:6c:
0d:13:90:ca:06:a0:62:b1:0a:f1:e1:0c:28:27:15:
ba:1d:19:5f:a2:82:ac:66:86:f0:ed:0f:9d:e6:df:
63:40:e3:cf:00:88:d4:0d:2e:3d:85:38:2c:d5:f2:
e6:3b:37:c2:6f:c6:e3:d2:88:e0:78:34:73:42:33:
68:74:53:fb:a5:62:39:c8:04:a3:51:01:32:00:70:
32:d3:5c:07:d9:00:26:cf:62:cb:51:79:48:0b:41:
44:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:AD:C7:86:0F:51:98:EF:F9:38:9E:E3:6A:F4:9E:4C:FD:23:1B:92
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qa3Hhg9RmO_5OJ7javSeTP0jG5I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
ba:91:27:b0:75:2f:a3:31:4b:d6:9d:b5:cd:60:6b:17:d6:ff:
b7:e6:69:d9:a2:dd:80:9a:ac:61:24:2c:16:61:fa:b9:40:03:
fe:bd:0a:b2:6b:8b:aa:6d:8c:e2:1f:5c:d2:ba:c7:46:e6:35:
4c:27:72:5b:c2:e8:95:9b:03:a4:44:4e:ac:0f:d8:4b:51:cc:
93:e9:2c:ae:92:c3:a6:f6:ed:e4:80:75:3a:09:c0:af:dc:53:
ee:0e:af:ef:41:c4:dd:0f:40:0c:1b:06:89:c2:2b:be:8d:70:
00:31:9d:2e:2d:63:a8:2b:42:66:d9:9f:b4:b9:e2:2f:fe:c6:
31:92:d1:dc:08:c9:45:74:c2:33:6d:0c:f2:7b:73:48:96:f1:
24:d2:f4:e5:cc:b8:2b:59:92:11:24:b2:59:bd:b4:cd:fd:45:
14:d0:22:9a:89:3d:1d:44:bc:ab:96:22:7c:33:8b:3f:f0:51:
33:83:39:01:bd:46:ba:fb:92:39:c5:31:fb:0b:81:3c:1e:3e:
e6:6e:fb:c9:2b:76:61:5b:45:f6:be:cf:eb:92:c1:85:3a:24:
b3:f1:d3:18:80:66:3d:8a:34:ab:fd:8a:61:0a:f5:77:05:2c:
51:a6:c7:ba:75:ab:56:5c:11:87:58:93:76:24:40:b7:80:1d:
0c:74:49:27
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICWAEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUy
MjI0MTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE5QURDNzg2MEY1MTk4
RUZGOTM4OUVFMzZBRjQ5RTRDRkQyMzFCOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEcdFyJT0oHUkKctzGV1WhFQiIM9cFf+PQl9iYN+fse69b85af
gydmPUHvooOiZgwHAfUMVk7Lfepu683C+WhJSwRTHLkBc5o+ZO3vHwcf3tzkJuif
f1AMWop5CjdfrB4wjoYoIgQF/Dz/1Ib6WMYDC/rIyad4ElB/BaZ0V06Rwo8pZOfb
qtFPurfG4F/eu/rD+IBKAEG5tNAzf4zUo0sXkD37bA0TkMoGoGKxCvHhDCgnFbod
GV+igqxmhvDtD53m32NA488AiNQNLj2FOCzV8uY7N8JvxuPSiOB4NHNCM2h0U/ul
YjnIBKNRATIAcDLTXAfZACbPYstReUgLQURFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUqa3Hhg9RmO/5OJ7javSeTP0jG5IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3FhM0hoZzlSbU9fNU9K
N2phdlNlVFAwakc1SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALqRJ7B1L6MxS9ad
tc1gaxfW/7fmadmi3YCarGEkLBZh+rlAA/69CrJri6ptjOIfXNK6x0bmNUwnclvC
6JWbA6RETqwP2EtRzJPpLK6Sw6b27eSAdToJwK/cU+4Or+9BxN0PQAwbBonCK76N
cAAxnS4tY6grQmbZn7S54i/+xjGS0dwIyUV0wjNtDPJ7c0iW8STS9OXMuCtZkhEk
slm9tM39RRTQIpqJPR1EvKuWInwziz/wUTODOQG9Rrr7kjnFMfsLgTwePuZu+8kr
dmFbRfa+z+uSwYU6JLPx0xiAZj2KNKv9imEK9XcFLFGmx7p1q1ZcEYdYk3YkQLeA
HQx0SSc=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:27:27 2025 by rpki-client