Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/AMetYCfRadz-LzAMgQli7PjlTcY.roa
File: AMetYCfRadz-LzAMgQli7PjlTcY.roa (raw, json)
Hash identifier: y9Pa2qevkzQAWwOn6jhzz5R6WaRKzWCBnSPveSil0u0=
Subject key identifier: 00:C7:AD:60:27:D1:69:DC:FE:2F:30:0C:81:09:62:EC:F8:E5:4D:C6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3651
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AMetYCfRadz-LzAMgQli7PjlTcY.roa
Signing time: Mon 01 Apr 2024 00:22:10 +0000
ROA not before: Mon 01 Apr 2024 00:22:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13905 (0x3651)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 00:22:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=00C7AD6027D169DCFE2F300C810962ECF8E54DC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5e:a5:dd:59:26:c7:a2:93:80:cf:7c:c7:af:
55:9f:ec:0d:0f:62:37:fb:d4:2f:ee:84:03:eb:f8:
a9:a9:ba:37:de:6e:3a:55:1e:eb:e4:df:a4:0c:9c:
b4:72:c9:9e:52:15:0e:a2:93:8a:00:84:36:b6:d1:
61:84:30:cc:cd:7f:cb:df:9c:75:d4:9f:ae:a8:0c:
04:4e:65:f0:34:39:6f:56:3d:df:8d:b8:1a:01:47:
96:3a:36:8e:ca:9f:5e:7d:46:fb:ef:13:1d:73:a5:
36:28:88:1b:d7:18:7d:e3:16:60:b9:5b:ea:38:7c:
ea:bd:ca:f7:65:b0:02:48:50:18:1b:f7:7f:8d:64:
04:3a:2d:68:7d:c7:5a:87:be:e4:63:7e:d3:a9:c4:
d2:5e:55:f2:89:5a:71:f7:eb:09:e7:62:9b:8b:36:
e8:08:63:8f:f4:9e:59:54:f5:34:11:5b:35:8a:65:
2a:3b:6d:1b:ae:ac:7b:c5:88:ec:84:12:78:89:aa:
b7:c4:47:fd:9d:fc:b4:5e:83:db:45:0e:b1:5d:0a:
fc:c7:bc:21:be:67:4c:bb:88:b8:9b:79:52:27:67:
87:f3:14:98:59:a8:cb:20:48:88:ae:55:1a:ab:af:
76:89:87:51:2f:49:4d:ae:c7:48:79:fe:a4:51:fc:
23:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C7:AD:60:27:D1:69:DC:FE:2F:30:0C:81:09:62:EC:F8:E5:4D:C6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AMetYCfRadz-LzAMgQli7PjlTcY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5e:78:0d:31:3a:33:d9:12:88:ce:a2:36:35:c4:7e:f3:80:8c:
6d:2e:5f:6d:e4:40:97:94:1d:c3:8e:4e:e4:05:46:7a:be:f9:
9c:c4:f3:f5:b0:fe:bf:d5:83:68:f4:0b:18:b7:bc:42:43:e2:
38:de:a4:1d:c7:59:df:22:ce:6c:57:9a:ec:ba:a5:10:8d:4f:
9a:52:d7:08:9f:42:d4:8c:2d:62:34:da:20:81:c2:e1:7e:68:
c1:18:dd:92:35:e0:6b:e2:3d:d5:01:51:94:2d:ff:d8:1a:cc:
48:af:e9:da:1d:6c:3b:e5:43:c7:15:d0:06:07:24:43:a5:5a:
bd:d4:51:41:7e:78:34:8d:39:c5:7a:4c:ff:2d:64:06:af:b2:
82:28:fd:e0:4f:6c:47:52:25:34:aa:2d:15:75:07:59:2c:a6:
f2:16:77:c0:53:ca:80:b8:cc:fb:5b:25:0f:f1:d1:80:44:5b:
45:07:bb:13:4f:e9:e4:7c:db:49:85:23:4f:41:39:27:cc:7d:
14:23:e1:f6:84:4b:7a:c6:bf:c6:25:cd:1f:de:68:11:46:bc:
a5:32:2f:01:aa:57:58:e5:38:4d:e0:f6:f6:e8:ce:88:65:51:
47:9b:4e:63:2a:a6:29:14:00:1b:3e:2c:de:75:24:fa:f5:54:
23:33:c2:98
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNlEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEw
MDIyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAwQzdBRDYwMjdEMTY5
RENGRTJGMzAwQzgxMDk2MkVDRjhFNTREQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKXqXdWSbHopOAz3zHr1Wf7A0PYjf71C/uhAPr+KmpujfebjpV
Huvk36QMnLRyyZ5SFQ6ik4oAhDa20WGEMMzNf8vfnHXUn66oDAROZfA0OW9WPd+N
uBoBR5Y6No7Kn159RvvvEx1zpTYoiBvXGH3jFmC5W+o4fOq9yvdlsAJIUBgb93+N
ZAQ6LWh9x1qHvuRjftOpxNJeVfKJWnH36wnnYpuLNugIY4/0nllU9TQRWzWKZSo7
bRuurHvFiOyEEniJqrfER/2d/LReg9tFDrFdCvzHvCG+Z0y7iLibeVInZ4fzFJhZ
qMsgSIiuVRqrr3aJh1EvSU2ux0h5/qRR/CNPAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUAMetYCfRadz+LzAMgQli7PjlTcYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0FNZXRZQ2ZSYWR6LUx6
QU1nUWxpN1BqbFRjWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAF54DTE6M9kSiM6i
NjXEfvOAjG0uX23kQJeUHcOOTuQFRnq++ZzE8/Ww/r/Vg2j0Cxi3vEJD4jjepB3H
Wd8izmxXmuy6pRCNT5pS1wifQtSMLWI02iCBwuF+aMEY3ZI14GviPdUBUZQt/9ga
zEiv6dodbDvlQ8cV0AYHJEOlWr3UUUF+eDSNOcV6TP8tZAavsoIo/eBPbEdSJTSq
LRV1B1kspvIWd8BTyoC4zPtbJQ/x0YBEW0UHuxNP6eR820mFI09BOSfMfRQj4faE
S3rGv8YlzR/eaBFGvKUyLwGqV1jlOE3g9vbozohlUUebTmMqpikUABs+LN51JPr1
VCMzwpg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:21 2024 by rpki-client on console-ams.rpki-client.org