Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GA17RNNDuE4s8oUwUCqim3cltHI.roa
File: GA17RNNDuE4s8oUwUCqim3cltHI.roa (raw, json)
Hash identifier: AU6JBhyiRbH9oYfFF+vT7upDpNyE3CTxEApBdGBqoZE=
Subject key identifier: 18:0D:7B:44:D3:43:B8:4E:2C:F2:85:30:50:2A:A2:9B:77:25:B4:72
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 358D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GA17RNNDuE4s8oUwUCqim3cltHI.roa
Signing time: Sat 30 Mar 2024 23:52:08 +0000
ROA not before: Sat 30 Mar 2024 23:52:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13709 (0x358d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 23:52:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=180D7B44D343B84E2CF28530502AA29B7725B472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:62:66:01:78:c7:de:1d:24:4b:3f:0d:24:b1:
ac:e7:82:fa:66:c5:d1:03:58:0a:fc:a6:33:fa:37:
7e:c2:57:00:ff:7f:62:4d:25:a2:51:13:60:df:d9:
fb:51:8a:65:9d:a3:de:fb:da:32:a0:a0:f2:02:06:
ed:53:d8:f1:81:3d:7d:87:8c:a2:f5:2c:4f:c3:24:
3c:f3:1e:77:23:d5:77:25:c5:b9:41:c0:85:a1:f8:
f4:ab:53:c0:be:5d:bb:a4:a5:06:1c:71:14:af:02:
53:4d:c6:c7:52:40:93:99:e0:79:0f:32:ea:b0:4b:
98:30:ea:4e:21:26:fe:0e:98:fb:1b:e0:8d:8d:6e:
7a:9c:06:21:75:0b:02:b9:bf:5a:59:1f:c9:d1:da:
e6:04:fc:f5:b1:13:96:8a:a9:82:91:d4:0a:4e:7e:
47:60:43:65:9f:1a:c2:21:80:d5:61:79:ba:52:b2:
35:ff:f5:1f:db:75:31:c0:4f:b4:ab:1e:15:fc:dd:
fa:71:05:f4:c1:21:a6:5e:71:16:23:d5:93:36:23:
ae:3f:22:2b:98:1d:a2:e5:15:33:52:4b:53:e4:f0:
2d:ca:b2:91:93:4e:b4:ed:19:4f:84:f3:97:57:e0:
d3:49:bf:13:0d:71:60:56:9f:d1:1c:a0:c5:08:b6:
bb:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:0D:7B:44:D3:43:B8:4E:2C:F2:85:30:50:2A:A2:9B:77:25:B4:72
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GA17RNNDuE4s8oUwUCqim3cltHI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
19:3d:4a:ed:72:76:df:f6:fa:69:c4:04:6e:a2:00:40:d4:48:
ba:39:3e:29:cd:dd:f4:7f:06:fe:de:7e:b6:69:a3:c7:56:5e:
7b:7c:ff:75:f0:d3:ab:a3:9d:0d:1b:90:d8:fc:f0:e6:dd:20:
0c:2c:b9:47:f8:ba:9e:d0:bc:08:31:ae:ae:63:c3:7a:c0:2e:
d8:79:81:17:b5:a0:18:a8:a6:24:24:c2:90:b5:6a:e4:f2:71:
1b:62:10:c2:96:b7:ac:13:53:d8:0d:74:9c:27:29:29:e9:7f:
b4:71:87:27:d3:37:a0:c1:e2:4e:d7:26:e3:7a:3e:5a:a3:e5:
19:4d:1a:44:a9:88:8a:3f:d0:69:64:de:cb:57:d2:a2:07:8e:
5b:62:f0:bd:cd:8e:b2:cd:ba:c0:14:07:3e:f1:72:83:97:59:
27:8e:66:ae:eb:98:98:ab:a1:f6:60:d2:ad:94:02:86:cd:a8:
b8:50:4a:42:e9:2a:29:6e:ef:cd:b4:53:e4:09:95:2b:7e:c7:
28:a4:97:c0:b5:43:ba:5a:a5:fe:df:c8:2f:63:4e:53:83:9c:
9e:e4:d3:c2:c3:67:87:2b:98:35:c5:72:ee:42:8c:08:39:29:
ca:cc:44:b3:5e:51:ba:25:36:14:49:4e:db:19:26:22:9f:f5:
e0:30:4a:4e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNY0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAy
MzUyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4MEQ3QjQ0RDM0M0I4
NEUyQ0YyODUzMDUwMkFBMjlCNzcyNUI0NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbYmYBeMfeHSRLPw0ksazngvpmxdEDWAr8pjP6N37CVwD/f2JN
JaJRE2Df2ftRimWdo9772jKgoPICBu1T2PGBPX2HjKL1LE/DJDzzHncj1XclxblB
wIWh+PSrU8C+XbukpQYccRSvAlNNxsdSQJOZ4HkPMuqwS5gw6k4hJv4OmPsb4I2N
bnqcBiF1CwK5v1pZH8nR2uYE/PWxE5aKqYKR1ApOfkdgQ2WfGsIhgNVhebpSsjX/
9R/bdTHAT7SrHhX83fpxBfTBIaZecRYj1ZM2I64/IiuYHaLlFTNSS1Pk8C3KspGT
TrTtGU+E85dX4NNJvxMNcWBWn9EcoMUItruRAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUGA17RNNDuE4s8oUwUCqim3cltHIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dBMTdSTk5EdUU0czhv
VXdVQ3FpbTNjbHRISS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABk9Su1ydt/2+mnE
BG6iAEDUSLo5PinN3fR/Bv7efrZpo8dWXnt8/3Xw06ujnQ0bkNj88ObdIAwsuUf4
up7QvAgxrq5jw3rALth5gRe1oBiopiQkwpC1auTycRtiEMKWt6wTU9gNdJwnKSnp
f7RxhyfTN6DB4k7XJuN6Plqj5RlNGkSpiIo/0Glk3stX0qIHjlti8L3NjrLNusAU
Bz7xcoOXWSeOZq7rmJirofZg0q2UAobNqLhQSkLpKilu7820U+QJlSt+xyikl8C1
Q7papf7fyC9jTlODnJ7k08LDZ4crmDXFcu5CjAg5KcrMRLNeUbolNhRJTtsZJiKf
9eAwSk4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:27 2024 by rpki-client on console-ams.rpki-client.org