Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/1GWJbOeSyuwLcUG75vD-ETNPY1Q.roa
File: 1GWJbOeSyuwLcUG75vD-ETNPY1Q.roa (raw, json)
Hash identifier: YYWq6o0SWuRE8vtU3dx97ErKIPdbfWAHjBa4BF1hJoI=
Subject key identifier: D4:65:89:6C:E7:92:CA:EC:0B:71:41:BB:E6:F0:FE:11:33:4F:63:54
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4191
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1GWJbOeSyuwLcUG75vD-ETNPY1Q.roa
Signing time: Tue 16 Apr 2024 00:22:54 +0000
ROA not before: Tue 16 Apr 2024 00:22:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16785 (0x4191)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 00:22:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D465896CE792CAEC0B7141BBE6F0FE11334F6354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:45:0d:67:a8:5e:61:b6:7c:59:30:1b:d4:24:
15:b3:e4:97:64:82:48:e5:89:8e:f7:af:d2:61:46:
dd:2a:a4:19:a9:a3:fd:47:d2:13:7d:14:dc:6c:99:
f6:db:9a:ac:21:c2:9c:06:3f:1a:44:63:b7:60:b8:
12:36:9b:b9:b6:62:5a:83:f2:e6:82:d0:b3:17:24:
f6:11:65:3e:84:7a:35:0c:74:66:bd:27:87:df:35:
81:9d:61:52:63:9a:af:e7:3a:bd:75:c9:d8:df:c6:
5c:b1:78:c6:f4:c2:ee:44:0d:61:a5:4c:3c:69:7c:
ed:e5:d4:63:56:4f:99:73:3b:fb:d0:0a:67:af:3b:
e8:6c:2b:a3:3d:87:59:4b:f7:7a:66:0d:28:7a:97:
20:14:20:65:bb:67:fc:c9:3e:2c:35:dd:6a:ac:13:
6c:6e:ff:18:2c:cd:d6:e4:e2:57:bb:b8:ec:d3:a0:
ab:3b:9a:14:00:02:00:6c:fe:69:25:37:c2:24:8d:
e6:9d:b0:e7:d7:20:98:44:de:5a:ae:2c:68:0c:a5:
ea:67:53:20:54:86:0b:1c:ed:41:c2:99:5d:66:d1:
f1:55:c6:08:d5:e5:61:52:0e:c4:90:95:1d:f2:7f:
49:80:8b:dc:7f:dd:fb:11:92:ca:c5:27:00:7b:9b:
8a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:65:89:6C:E7:92:CA:EC:0B:71:41:BB:E6:F0:FE:11:33:4F:63:54
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1GWJbOeSyuwLcUG75vD-ETNPY1Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a4:19:91:4e:48:26:37:6f:17:b3:bf:27:f2:2b:ec:9d:0d:27:
00:c9:be:a3:78:1a:67:5d:8b:f4:de:2a:8f:4e:4a:9c:32:e3:
75:61:a1:b0:aa:ca:c3:94:77:64:71:ba:f7:52:37:e9:b0:7c:
0e:02:94:c0:41:85:c2:8a:20:a0:38:4e:1c:02:f7:36:b3:3d:
f1:21:ea:9d:a9:e5:fd:24:ad:c5:3a:86:11:c5:84:53:40:57:
6a:57:6e:ac:1c:ac:78:0e:7a:ce:01:bf:12:da:f5:b6:31:7b:
bf:22:bb:99:08:a7:45:5e:7b:95:84:09:85:08:77:63:a5:36:
76:6d:8f:ca:74:87:40:99:12:db:b9:ce:8f:9c:c8:3d:e1:1e:
68:7e:76:1a:d7:f8:32:c0:73:9d:96:b6:2f:3c:d7:02:e5:c4:
cd:4b:69:ce:3d:26:49:34:39:96:5c:2e:47:61:66:23:91:3f:
59:00:7d:c9:19:de:0c:36:c0:18:75:97:b8:4e:db:43:08:25:
97:65:5a:50:27:64:49:d8:a9:b4:e4:86:35:ed:e2:10:66:89:
70:43:56:60:00:45:1d:b4:15:f1:35:77:7c:e3:5b:4b:64:dd:
1c:db:3a:e8:87:b4:39:a0:2c:2c:da:5c:47:d6:d9:66:dc:45:
d3:5a:2c:ab
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQZEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
MDIyNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ0NjU4OTZDRTc5MkNB
RUMwQjcxNDFCQkU2RjBGRTExMzM0RjYzNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjRQ1nqF5htnxZMBvUJBWz5JdkgkjliY73r9JhRt0qpBmpo/1H
0hN9FNxsmfbbmqwhwpwGPxpEY7dguBI2m7m2YlqD8uaC0LMXJPYRZT6EejUMdGa9
J4ffNYGdYVJjmq/nOr11ydjfxlyxeMb0wu5EDWGlTDxpfO3l1GNWT5lzO/vQCmev
O+hsK6M9h1lL93pmDSh6lyAUIGW7Z/zJPiw13WqsE2xu/xgszdbk4le7uOzToKs7
mhQAAgBs/mklN8IkjeadsOfXIJhE3lquLGgMpepnUyBUhgsc7UHCmV1m0fFVxgjV
5WFSDsSQlR3yf0mAi9x/3fsRksrFJwB7m4pVAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU1GWJbOeSyuwLcUG75vD+ETNPY1QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzFHV0piT2VTeXV3TGNV
Rzc1dkQtRVROUFkxUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKQZkU5IJjdvF7O/
J/Ir7J0NJwDJvqN4Gmddi/TeKo9OSpwy43VhobCqysOUd2RxuvdSN+mwfA4ClMBB
hcKKIKA4ThwC9zazPfEh6p2p5f0krcU6hhHFhFNAV2pXbqwcrHgOes4BvxLa9bYx
e78iu5kIp0Vee5WECYUId2OlNnZtj8p0h0CZEtu5zo+cyD3hHmh+dhrX+DLAc52W
ti881wLlxM1Lac49Jkk0OZZcLkdhZiORP1kAfckZ3gw2wBh1l7hO20MIJZdlWlAn
ZEnYqbTkhjXt4hBmiXBDVmAARR20FfE1d3zjW0tk3RzbOuiHtDmgLCzaXEfW2Wbc
RdNaLKs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:03 2024 by rpki-client on console-fra.rpki-client.org