Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/G7g7PgM6dfUisCjmqlNjRT5NirQ.roa
File: G7g7PgM6dfUisCjmqlNjRT5NirQ.roa (raw, json)
Hash identifier: pc4U3GL9GGvV1dZFrwcfi2lk12QTq26qshefH2uuJLE=
Subject key identifier: 1B:B8:3B:3E:03:3A:75:F5:22:B0:28:E6:AA:53:63:45:3E:4D:8A:B4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40C5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/G7g7PgM6dfUisCjmqlNjRT5NirQ.roa
Signing time: Sun 14 Apr 2024 22:52:53 +0000
ROA not before: Sun 14 Apr 2024 22:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16581 (0x40c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 22:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1BB83B3E033A75F522B028E6AA5363453E4D8AB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e1:3b:64:0b:a3:35:10:0f:64:76:bb:0b:fe:
84:fd:f0:35:28:81:0a:69:f0:e5:91:02:15:7b:d9:
4d:09:27:5b:3d:5e:b5:1a:5e:be:b7:d5:af:2a:7c:
de:e1:ce:4b:c1:e3:68:21:a2:bf:f5:6e:c7:25:7c:
de:a4:4e:5a:95:c7:c4:c8:83:04:82:a1:5f:73:97:
67:cd:52:46:eb:a6:bd:35:13:ad:d3:55:e8:b4:20:
51:c9:f8:17:48:96:0d:4c:34:0d:46:fe:79:ce:64:
39:a6:64:70:33:c4:3a:1b:c4:63:00:02:b0:67:f9:
00:30:aa:d9:aa:1a:ac:70:71:4c:53:aa:d1:f9:7d:
2d:a9:b0:0e:7c:41:a7:f0:63:b6:99:4e:13:8c:a1:
42:40:12:a6:8b:cc:04:c0:fb:a3:7c:2a:53:6c:4a:
7e:4c:41:69:dd:24:74:40:00:f6:36:e6:45:e2:a9:
62:88:7c:87:22:4f:99:fa:54:a0:5a:03:69:17:69:
0c:4b:5f:e8:f9:f3:ab:81:de:14:ea:21:fe:a9:77:
22:82:cb:0b:4a:44:b7:ad:d8:69:1d:bb:26:36:66:
42:4d:b2:0b:1e:f7:98:28:0a:ca:ab:02:bd:e1:1f:
cb:63:b4:a7:bb:3d:29:65:bb:13:c8:b3:59:f2:b6:
9c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:B8:3B:3E:03:3A:75:F5:22:B0:28:E6:AA:53:63:45:3E:4D:8A:B4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/G7g7PgM6dfUisCjmqlNjRT5NirQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
17:bc:31:3b:c2:2e:e2:61:91:b5:90:72:6f:14:67:96:1b:97:
f0:45:0a:3b:0e:44:88:35:05:7a:e2:99:d8:89:16:4b:2e:ee:
19:a3:93:a4:e7:8f:82:b3:df:fa:3a:3c:87:8d:e7:02:11:79:
ce:7b:21:d6:fb:75:88:49:49:25:1b:d9:df:4b:bd:7a:f3:53:
ef:21:29:72:7c:55:30:d3:c8:cc:18:95:dd:21:cd:94:36:d9:
a6:18:31:09:95:fe:42:d9:77:23:38:39:b1:49:23:ff:44:fd:
a0:dd:be:ce:14:39:89:53:02:9d:c4:81:77:a2:44:e4:59:22:
ed:96:d7:dc:4f:88:ae:2a:36:dd:f5:ae:f4:f3:ca:e2:ba:bb:
99:a2:aa:a8:9f:7e:00:35:42:f5:73:98:fb:c5:9c:cc:21:91:
4e:ed:9d:c5:f1:c6:a7:00:f4:d8:2b:ed:c7:9a:c1:1b:d4:2b:
46:a8:52:a7:98:cb:67:33:56:03:df:6c:a2:5e:4c:2b:ae:0c:
ce:80:72:c2:29:22:75:a9:1d:6a:44:f1:c6:f6:fc:fa:a0:36:
ac:5d:4b:a6:30:59:ed:34:8d:66:48:92:46:2a:44:33:b1:94:
53:3c:5f:54:7b:43:5a:e2:e2:c3:c9:e7:03:78:aa:c0:00:82:
a6:a4:98:6e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQy
MjUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFCQjgzQjNFMDMzQTc1
RjUyMkIwMjhFNkFBNTM2MzQ1M0U0RDhBQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy4TtkC6M1EA9kdrsL/oT98DUogQpp8OWRAhV72U0JJ1s9XrUa
Xr631a8qfN7hzkvB42ghor/1bsclfN6kTlqVx8TIgwSCoV9zl2fNUkbrpr01E63T
Vei0IFHJ+BdIlg1MNA1G/nnOZDmmZHAzxDobxGMAArBn+QAwqtmqGqxwcUxTqtH5
fS2psA58QafwY7aZThOMoUJAEqaLzATA+6N8KlNsSn5MQWndJHRAAPY25kXiqWKI
fIciT5n6VKBaA2kXaQxLX+j586uB3hTqIf6pdyKCywtKRLet2GkduyY2ZkJNsgse
95goCsqrAr3hH8tjtKe7PSlluxPIs1nytpzrAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUG7g7PgM6dfUisCjmqlNjRT5NirQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0c3ZzdQZ002ZGZVaXND
am1xbE5qUlQ1TmlyUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABe8MTvCLuJhkbWQ
cm8UZ5Ybl/BFCjsORIg1BXrimdiJFksu7hmjk6Tnj4Kz3/o6PIeN5wIRec57Idb7
dYhJSSUb2d9LvXrzU+8hKXJ8VTDTyMwYld0hzZQ22aYYMQmV/kLZdyM4ObFJI/9E
/aDdvs4UOYlTAp3EgXeiRORZIu2W19xPiK4qNt31rvTzyuK6u5miqqiffgA1QvVz
mPvFnMwhkU7tncXxxqcA9Ngr7ceawRvUK0aoUqeYy2czVgPfbKJeTCuuDM6AcsIp
InWpHWpE8cb2/PqgNqxdS6YwWe00jWZIkkYqRDOxlFM8X1R7Q1ri4sPJ5wN4qsAA
gqakmG4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:15 2024 by rpki-client on console-fra.rpki-client.org