Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/t2zjBwOdCQLaaUqVkQQxQb4DXp4.roa
File: t2zjBwOdCQLaaUqVkQQxQb4DXp4.roa (raw, json)
Hash identifier: qht81LdvGSiL1LAsoc/lsyo8GPhqGZzEYbWBNzNuzwo=
Subject key identifier: B7:6C:E3:07:03:9D:09:02:DA:69:4A:95:91:04:31:41:BE:03:5E:9E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 562D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/t2zjBwOdCQLaaUqVkQQxQb4DXp4.roa
Signing time: Mon 13 May 2024 11:54:09 +0000
ROA not before: Mon 13 May 2024 11:54:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22061 (0x562d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 11:54:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B76CE307039D0902DA694A9591043141BE035E9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e1:f3:ea:e7:6f:35:08:f4:4c:22:07:73:1b:
8c:03:65:94:aa:9c:63:eb:c4:e8:4d:2f:7b:32:6b:
db:3d:ac:52:b3:61:d6:59:50:c7:00:6a:01:8c:16:
7d:3d:1d:13:22:58:3d:57:23:82:f9:ae:b2:6c:a3:
ff:a9:5d:43:7d:30:00:b8:2a:0b:3c:d3:ea:a7:27:
c8:e1:2e:d2:22:fd:2a:72:ef:cd:79:e0:a1:9f:ac:
26:2f:6b:4a:43:1e:81:b3:dd:aa:a0:6b:6c:15:f4:
a8:8f:73:27:6f:af:11:af:49:3f:44:8b:7b:32:f6:
87:c2:35:a0:2d:cd:ac:fa:18:87:91:23:cb:d4:65:
90:43:eb:4b:9d:e0:07:39:15:c3:7e:9f:52:b3:7d:
80:c4:6a:aa:80:a4:bd:47:8c:d0:b3:87:ec:7d:aa:
95:59:52:e2:2f:20:9a:34:49:ae:5b:f1:c8:68:32:
ff:ac:5e:ca:5c:10:1f:f5:f8:69:d3:c0:ea:9b:60:
00:85:60:75:da:c7:6c:e4:5e:0c:cf:14:48:e7:c8:
44:ef:27:44:2c:f3:3c:94:2b:e4:6e:22:09:8e:cc:
77:a3:7f:60:ed:96:74:40:09:88:21:c2:8c:df:66:
d8:e0:42:19:9a:4b:d1:24:16:44:41:80:ce:10:34:
87:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:6C:E3:07:03:9D:09:02:DA:69:4A:95:91:04:31:41:BE:03:5E:9E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/t2zjBwOdCQLaaUqVkQQxQb4DXp4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7a:a7:a1:07:bd:f7:15:e2:45:74:96:10:03:7c:9f:5f:a6:57:
f6:7d:56:4c:81:95:41:8a:93:5e:7f:8d:82:24:1c:6e:1f:b6:
5d:2c:f0:df:a1:27:b9:9e:61:3b:a8:00:d3:ae:68:cd:27:ff:
aa:64:08:7b:90:6f:f3:6b:1f:e8:b8:95:6e:da:35:66:c1:93:
14:19:0e:69:d8:4d:b0:69:e5:95:93:c5:72:f1:94:e4:e6:00:
b2:3e:0a:8e:84:b0:13:fd:04:0b:cd:3e:c6:27:b0:d5:1a:bf:
92:75:24:49:6e:2c:6f:93:ca:5e:8a:22:fb:42:40:9b:f0:c9:
76:f2:99:d7:90:51:70:d6:e2:18:67:09:3f:14:57:29:94:36:
ba:d3:ae:97:e3:18:93:c4:04:01:45:fa:7d:c6:26:e0:3e:a3:
0c:80:d8:d8:38:79:b7:e8:6c:62:a3:94:46:d1:d6:01:8d:bc:
3e:b5:7e:bf:ba:8d:6f:d3:02:41:63:92:c5:03:dc:b2:06:9c:
04:ee:db:8c:9e:9c:cc:a7:7f:ec:ed:90:ca:51:ca:be:82:64:
04:7c:96:ee:2f:ff:9f:6a:95:56:dc:aa:89:de:08:b3:5e:21:
60:06:bc:8a:0e:6c:90:b0:d3:ef:12:1d:6f:cf:f2:11:1f:ed:
57:54:72:c7
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVi0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMx
MTU0MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI3NkNFMzA3MDM5RDA5
MDJEQTY5NEE5NTkxMDQzMTQxQkUwMzVFOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr4fPq5281CPRMIgdzG4wDZZSqnGPrxOhNL3sya9s9rFKzYdZZ
UMcAagGMFn09HRMiWD1XI4L5rrJso/+pXUN9MAC4Kgs80+qnJ8jhLtIi/Spy7815
4KGfrCYva0pDHoGz3aqga2wV9KiPcydvrxGvST9Ei3sy9ofCNaAtzaz6GIeRI8vU
ZZBD60ud4Ac5FcN+n1KzfYDEaqqApL1HjNCzh+x9qpVZUuIvIJo0Sa5b8choMv+s
XspcEB/1+GnTwOqbYACFYHXax2zkXgzPFEjnyETvJ0Qs8zyUK+RuIgmOzHejf2Dt
lnRACYghwozfZtjgQhmaS9EkFkRBgM4QNIeTAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUt2zjBwOdCQLaaUqVkQQxQb4DXp4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3QyempCd09kQ1FMYWFV
cVZrUVF4UWI0RFhwNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHqnoQe99xXiRXSW
EAN8n1+mV/Z9VkyBlUGKk15/jYIkHG4ftl0s8N+hJ7meYTuoANOuaM0n/6pkCHuQ
b/NrH+i4lW7aNWbBkxQZDmnYTbBp5ZWTxXLxlOTmALI+Co6EsBP9BAvNPsYnsNUa
v5J1JEluLG+Tyl6KIvtCQJvwyXbymdeQUXDW4hhnCT8UVymUNrrTrpfjGJPEBAFF
+n3GJuA+owyA2Ng4ebfobGKjlEbR1gGNvD61fr+6jW/TAkFjksUD3LIGnATu24ye
nMynf+ztkMpRyr6CZAR8lu4v/59qlVbcqoneCLNeIWAGvIoObJCw0+8SHW/P8hEf
7VdUcsc=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:16:39 2025 by rpki-client