Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GcO-hteK3QKXaZCBuwb4mzz2q3o.roa
File: GcO-hteK3QKXaZCBuwb4mzz2q3o.roa (raw, json)
Hash identifier: h2oCGO+9ErjCcL857qGjIG6Le5IV8ALk7EhWq0fy0mM=
Subject key identifier: 19:C3:BE:86:D7:8A:DD:02:97:69:90:81:BB:06:F8:9B:3C:F6:AB:7A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4855
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GcO-hteK3QKXaZCBuwb4mzz2q3o.roa
Signing time: Thu 25 Apr 2024 00:53:16 +0000
ROA not before: Thu 25 Apr 2024 00:53:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18517 (0x4855)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 00:53:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=19C3BE86D78ADD0297699081BB06F89B3CF6AB7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d9:65:a3:ef:ab:98:13:26:f8:77:a9:1c:b6:
fb:85:61:83:33:07:e0:5b:8b:28:f4:ab:c3:7b:c0:
8e:92:10:c0:85:2e:86:8f:de:cf:ea:9e:66:c3:10:
66:a3:39:3c:fc:66:39:5f:5c:57:c3:c6:fb:c5:c6:
ab:16:e5:db:26:61:32:80:6e:8e:60:28:5f:f4:6c:
9c:ee:2e:66:c5:31:46:11:a1:e6:d1:3c:3b:a8:c4:
2c:8a:c3:a3:c0:f4:76:46:da:63:40:d8:3c:69:dd:
36:3a:21:5f:19:36:f2:59:e4:f7:7f:9d:64:39:b5:
ca:a0:fa:84:f9:5e:33:f7:37:01:b0:99:a2:f1:31:
1d:32:e0:15:c3:3b:27:9a:d4:39:74:56:a1:18:e2:
73:12:bd:1c:0c:aa:80:f3:9f:4d:52:81:05:3c:7e:
5d:26:f4:08:1d:30:c3:4e:e8:2d:bd:be:d4:0b:76:
ad:cf:0a:d3:be:a6:33:9c:d9:4c:a5:a7:65:af:68:
0f:42:15:43:e3:5c:97:1c:ad:46:d1:f6:39:79:bb:
81:df:2b:d0:ef:a8:43:bd:33:06:83:89:f3:a5:bf:
b9:78:ad:f6:31:31:c3:e2:ad:64:f2:20:6d:30:7a:
04:47:70:d3:fe:df:9f:1a:7f:30:eb:10:a1:47:42:
e5:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:C3:BE:86:D7:8A:DD:02:97:69:90:81:BB:06:F8:9B:3C:F6:AB:7A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GcO-hteK3QKXaZCBuwb4mzz2q3o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
24:64:ab:b6:ff:79:70:7a:05:a1:d3:c9:ea:6a:2e:8b:6b:d6:
7e:90:6b:4f:73:8d:00:04:ce:df:66:69:9e:f1:cf:43:f4:86:
f9:50:c2:97:af:27:20:e8:ab:a1:0e:17:ef:aa:b2:07:f8:09:
10:af:f1:f0:57:41:39:ca:e2:2d:18:b1:d2:f5:bf:f1:9b:dd:
3c:6f:02:85:9b:d5:e3:5c:4f:e8:0e:a5:f1:51:c7:8d:b2:92:
4a:27:7b:6d:cc:ff:36:f1:a4:c9:a6:a8:ab:6f:e0:61:74:c3:
41:52:3b:a5:10:bf:3b:71:64:42:7f:a6:8d:b5:31:c3:de:96:
11:b2:24:38:e1:98:f8:5e:f9:3d:59:61:f6:b9:77:09:e8:87:
9d:48:59:49:6a:d6:45:9e:95:8d:0b:77:12:4a:e1:1c:69:14:
ed:8e:83:91:b6:9b:be:a6:2e:61:f4:7c:32:b7:34:14:eb:26:
a3:79:22:5c:fc:fe:ab:29:b8:6e:9b:c1:5e:0e:fa:d4:10:9c:
02:be:73:76:7d:61:c2:88:94:9c:a3:0e:fc:e8:65:99:5f:f1:
52:e8:c7:de:cb:14:0a:18:af:58:59:ec:ce:fa:31:20:e9:8a:
75:72:9d:ff:8b:d6:51:cf:be:72:08:64:65:92:be:89:07:5d:
ef:76:c6:0e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSFUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUw
MDUzMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE5QzNCRTg2RDc4QURE
MDI5NzY5OTA4MUJCMDZGODlCM0NGNkFCN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDO2WWj76uYEyb4d6kctvuFYYMzB+Bbiyj0q8N7wI6SEMCFLoaP
3s/qnmbDEGajOTz8ZjlfXFfDxvvFxqsW5dsmYTKAbo5gKF/0bJzuLmbFMUYRoebR
PDuoxCyKw6PA9HZG2mNA2Dxp3TY6IV8ZNvJZ5Pd/nWQ5tcqg+oT5XjP3NwGwmaLx
MR0y4BXDOyea1Dl0VqEY4nMSvRwMqoDzn01SgQU8fl0m9AgdMMNO6C29vtQLdq3P
CtO+pjOc2Uylp2WvaA9CFUPjXJccrUbR9jl5u4HfK9DvqEO9MwaDifOlv7l4rfYx
McPirWTyIG0wegRHcNP+358afzDrEKFHQuXNAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUGcO+hteK3QKXaZCBuwb4mzz2q3owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0djTy1odGVLM1FLWGFa
Q0J1d2I0bXp6MnEzby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACRkq7b/eXB6BaHT
yepqLotr1n6Qa09zjQAEzt9maZ7xz0P0hvlQwpevJyDoq6EOF++qsgf4CRCv8fBX
QTnK4i0YsdL1v/Gb3TxvAoWb1eNcT+gOpfFRx42ykkone23M/zbxpMmmqKtv4GF0
w0FSO6UQvztxZEJ/po21McPelhGyJDjhmPhe+T1ZYfa5dwnoh51IWUlq1kWelY0L
dxJK4RxpFO2Og5G2m76mLmH0fDK3NBTrJqN5Ilz8/qspuG6bwV4O+tQQnAK+c3Z9
YcKIlJyjDvzoZZlf8VLox97LFAoYr1hZ7M76MSDpinVynf+L1lHPvnIIZGWSvokH
Xe92xg4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:16 2024 by rpki-client on console-fra.rpki-client.org