Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tQQoCJSG_by9xjf5zUOXNs0NYrw.roa
File: tQQoCJSG_by9xjf5zUOXNs0NYrw.roa (raw, json)
Hash identifier: 0PnBI29kzMmwgwGJVMFR2f3oMAe26b4+uMlGRhZHG+M=
Subject key identifier: B5:04:28:08:94:86:FD:BC:BD:C6:37:F9:CD:43:97:36:CD:0D:62:BC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5099
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tQQoCJSG_by9xjf5zUOXNs0NYrw.roa
Signing time: Mon 06 May 2024 01:23:50 +0000
ROA not before: Mon 06 May 2024 01:23:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20633 (0x5099)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 6 01:23:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B50428089486FDBCBDC637F9CD439736CD0D62BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:de:86:3c:7e:23:21:bb:9b:02:14:bf:fe:90:
52:5a:9a:6a:c2:a5:3f:c2:83:b4:e4:b0:39:84:cd:
ca:94:97:05:2f:60:87:a6:f8:78:21:82:06:8c:31:
30:5a:7e:47:b3:50:b7:68:f8:04:9e:07:ed:e3:40:
db:4b:e2:89:a2:fd:ea:9d:39:60:15:bf:df:51:bd:
2a:37:9a:35:25:23:c3:e0:c3:f2:b3:75:8a:7f:de:
3c:90:cc:38:30:5a:7d:de:d9:9c:85:9c:24:27:3f:
81:82:69:4d:43:d3:64:62:cf:8d:e6:01:f2:10:da:
3b:f7:87:eb:10:e9:92:54:31:6c:8e:2b:42:8e:b2:
f9:58:b7:eb:5c:a9:10:e0:2e:8f:84:84:ae:3f:c0:
3a:89:00:e2:ba:81:7b:88:a6:d7:26:c4:9c:04:b4:
0f:32:b6:02:43:c0:4f:2e:16:f9:18:fc:9a:6a:00:
99:8f:a9:63:1c:06:96:91:e3:57:a4:af:72:5f:89:
64:12:b3:0f:89:52:39:13:1f:ce:99:54:81:7b:d6:
66:f8:9b:27:cc:45:8d:f8:2f:53:ec:94:a6:4f:34:
c7:03:71:69:49:2c:e2:7a:7d:b2:ac:01:57:cc:83:
43:3c:9e:f8:05:c8:a4:7b:75:4c:87:4d:19:f1:20:
75:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:04:28:08:94:86:FD:BC:BD:C6:37:F9:CD:43:97:36:CD:0D:62:BC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tQQoCJSG_by9xjf5zUOXNs0NYrw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
07:12:97:5e:fe:fc:df:dd:23:55:2b:e5:eb:bc:80:26:48:a3:
83:cc:31:5a:4d:0a:2d:80:04:59:8b:61:16:87:4a:f9:b4:b1:
50:4d:88:16:20:f0:a2:e4:97:4e:24:60:08:4e:fa:53:f6:87:
0b:a7:ae:38:2f:26:da:6b:c7:1e:b6:c8:14:e2:fb:3d:f6:fe:
0b:45:ad:e5:71:b3:0c:3b:3d:c0:df:12:02:fd:23:cc:6f:4f:
e2:b5:6c:4d:8b:8f:53:c7:fc:ef:64:3c:c3:1f:51:8e:20:40:
88:8a:1b:0b:ec:7b:0b:e4:b8:d0:ca:36:d2:f3:ec:ac:a7:f1:
89:f9:6c:d3:8c:e9:f7:5a:80:8b:a9:7c:93:b9:0a:91:55:52:
86:c6:94:b2:27:cb:40:1f:bd:de:77:01:35:83:f7:dd:05:e5:
c3:41:73:21:9c:7e:e7:85:fb:e5:88:2a:db:38:34:6f:6b:68:
ec:47:54:8f:55:d5:93:cd:e0:bd:f6:c2:3f:5c:de:b7:a3:15:
82:21:f2:e7:f1:22:5c:bf:a1:9b:11:09:dc:18:a3:a9:91:f6:
f5:67:43:a3:40:d1:b3:2a:54:41:35:e1:aa:3d:05:55:ff:05:
6b:99:67:60:ad:34:e5:c2:7d:da:cc:86:16:17:0f:e2:a0:6b:
48:25:ae:19
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYw
MTIzNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI1MDQyODA4OTQ4NkZE
QkNCREM2MzdGOUNENDM5NzM2Q0QwRDYyQkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDa3oY8fiMhu5sCFL/+kFJammrCpT/Cg7TksDmEzcqUlwUvYIem
+HghggaMMTBafkezULdo+ASeB+3jQNtL4omi/eqdOWAVv99RvSo3mjUlI8Pgw/Kz
dYp/3jyQzDgwWn3e2ZyFnCQnP4GCaU1D02Riz43mAfIQ2jv3h+sQ6ZJUMWyOK0KO
svlYt+tcqRDgLo+EhK4/wDqJAOK6gXuIptcmxJwEtA8ytgJDwE8uFvkY/JpqAJmP
qWMcBpaR41ekr3JfiWQSsw+JUjkTH86ZVIF71mb4myfMRY34L1PslKZPNMcDcWlJ
LOJ6fbKsAVfMg0M8nvgFyKR7dUyHTRnxIHVVAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUtQQoCJSG/by9xjf5zUOXNs0NYrwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RRUW9DSlNHX2J5OXhq
ZjV6VU9YTnMwTllydy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAAcSl17+/N/dI1Ur
5eu8gCZIo4PMMVpNCi2ABFmLYRaHSvm0sVBNiBYg8KLkl04kYAhO+lP2hwunrjgv
Jtprxx62yBTi+z32/gtFreVxsww7PcDfEgL9I8xvT+K1bE2Lj1PH/O9kPMMfUY4g
QIiKGwvsewvkuNDKNtLz7Kyn8Yn5bNOM6fdagIupfJO5CpFVUobGlLIny0Afvd53
ATWD990F5cNBcyGcfueF++WIKts4NG9raOxHVI9V1ZPN4L32wj9c3rejFYIh8ufx
Ily/oZsRCdwYo6mR9vVnQ6NA0bMqVEE14ao9BVX/BWuZZ2CtNOXCfdrMhhYXD+Kg
a0glrhk=
-----END CERTIFICATE-----
Generated at Sat Jun 21 19:25:32 2025 by rpki-client