Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GFAlXbxFnUmmDMUVyFv3Jc0kKBk.roa
File: GFAlXbxFnUmmDMUVyFv3Jc0kKBk.roa (raw, json)
Hash identifier: 3Y7MrkTYi7ZUPpUFtr1ENcQc/Odm/aJ6ez7cpM22rSs=
Subject key identifier: 18:50:25:5D:BC:45:9D:49:A6:0C:C5:15:C8:5B:F7:25:CD:24:28:19
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4509
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GFAlXbxFnUmmDMUVyFv3Jc0kKBk.roa
Signing time: Sat 20 Apr 2024 15:23:05 +0000
ROA not before: Sat 20 Apr 2024 15:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17673 (0x4509)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 15:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1850255DBC459D49A60CC515C85BF725CD242819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f8:8d:cc:0b:87:a5:00:b9:cc:ea:d9:2c:b6:
51:6f:a5:2c:dc:07:d1:68:99:e7:6c:db:fc:37:ec:
ed:2a:a8:a1:29:45:a2:09:93:9e:dc:c8:bb:71:43:
fe:69:93:0f:38:b3:3e:b0:da:85:66:ed:bf:91:08:
92:c8:91:e1:00:cc:32:a8:4f:bd:04:ec:aa:9f:d4:
cb:51:2d:cd:ef:49:f8:71:23:92:77:e5:ff:07:65:
0f:44:23:ce:a7:b0:2c:e9:d3:fb:0c:4f:8d:21:c9:
e0:27:45:b7:76:29:a4:18:89:aa:85:77:2d:6d:cf:
65:55:aa:fc:5f:1c:3b:8f:59:be:97:c7:fc:db:a7:
0b:0f:00:af:57:46:9e:4c:04:81:6d:3a:4d:a5:50:
fc:72:15:37:68:4e:98:4f:e1:33:8a:dd:50:39:70:
47:cd:ae:b5:5c:7e:01:8f:13:43:6f:8f:e9:ff:48:
1c:c9:e1:26:8a:d6:b6:03:39:40:1f:85:5f:01:af:
95:a5:db:6c:a4:83:11:6e:ac:c1:70:19:7e:1c:f5:
a2:ef:e5:34:b2:65:4b:48:7c:60:9a:10:77:f0:44:
70:f2:76:b3:db:0d:36:73:4e:69:ce:08:d0:5e:39:
1e:48:47:6d:d2:81:67:22:3a:4b:23:66:3a:a5:42:
69:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:50:25:5D:BC:45:9D:49:A6:0C:C5:15:C8:5B:F7:25:CD:24:28:19
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GFAlXbxFnUmmDMUVyFv3Jc0kKBk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
19:cd:69:92:0e:44:90:b6:67:87:37:6e:57:dd:6b:e1:aa:36:
e7:b1:be:8d:bb:95:a8:37:21:f1:f2:cc:a3:96:05:6d:34:5e:
06:bb:64:cc:26:02:55:52:d7:40:57:67:5a:16:6d:d9:5a:f5:
bd:58:af:3e:e5:be:2c:51:b8:ee:2e:11:91:0c:88:b9:65:12:
5f:c7:9e:9d:ba:49:78:66:7a:aa:62:37:f8:05:ca:e0:0d:fd:
bd:08:d1:9a:d2:24:12:42:b8:87:96:9a:9a:6b:21:8c:6d:ea:
5e:b0:3c:53:7a:c8:30:53:a9:dc:11:89:cb:2e:e5:5a:ac:a0:
87:b7:04:60:0f:8f:fc:de:cb:47:86:fd:9c:29:ec:a4:58:dd:
bf:5e:39:af:39:9a:bb:d4:8c:27:9d:35:91:98:52:09:8a:f3:
a6:2f:fa:11:5f:47:6d:de:be:15:15:f2:25:78:39:ca:90:18:
30:53:f1:ca:8b:4b:68:2c:3e:47:e9:e1:a8:59:c5:30:7d:bc:
cd:0c:87:4a:b5:83:23:11:af:81:66:79:ce:e1:70:16:a2:9d:
d9:72:eb:22:15:8b:21:13:9c:d1:09:16:6d:ab:95:b4:cc:45:
69:a5:dc:3b:a2:86:58:d8:ab:c4:97:71:ba:96:7b:f3:e4:a7:
1e:0c:43:d6
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRQkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
NTIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4NTAyNTVEQkM0NTlE
NDlBNjBDQzUxNUM4NUJGNzI1Q0QyNDI4MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCf+I3MC4elALnM6tkstlFvpSzcB9Fomeds2/w37O0qqKEpRaIJ
k57cyLtxQ/5pkw84sz6w2oVm7b+RCJLIkeEAzDKoT70E7Kqf1MtRLc3vSfhxI5J3
5f8HZQ9EI86nsCzp0/sMT40hyeAnRbd2KaQYiaqFdy1tz2VVqvxfHDuPWb6Xx/zb
pwsPAK9XRp5MBIFtOk2lUPxyFTdoTphP4TOK3VA5cEfNrrVcfgGPE0Nvj+n/SBzJ
4SaK1rYDOUAfhV8Br5Wl22ykgxFurMFwGX4c9aLv5TSyZUtIfGCaEHfwRHDydrPb
DTZzTmnOCNBeOR5IR23SgWciOksjZjqlQmkDAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUGFAlXbxFnUmmDMUVyFv3Jc0kKBkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dGQWxYYnhGblVtbURN
VVZ5RnYzSmMwa0tCay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABnNaZIORJC2Z4c3
blfda+GqNuexvo27lag3IfHyzKOWBW00Xga7ZMwmAlVS10BXZ1oWbdla9b1Yrz7l
vixRuO4uEZEMiLllEl/Hnp26SXhmeqpiN/gFyuAN/b0I0ZrSJBJCuIeWmpprIYxt
6l6wPFN6yDBTqdwRicsu5VqsoIe3BGAPj/zey0eG/Zwp7KRY3b9eOa85mrvUjCed
NZGYUgmK86Yv+hFfR23evhUV8iV4OcqQGDBT8cqLS2gsPkfp4ahZxTB9vM0Mh0q1
gyMRr4Fmec7hcBaindly6yIViyETnNEJFm2rlbTMRWml3DuihljYq8SXcbqWe/Pk
px4MQ9Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:27 2024 by rpki-client on console-ams.rpki-client.org