Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Gg5J46g03bTXn1vCKWw6aeNntik.roa
File: Gg5J46g03bTXn1vCKWw6aeNntik.roa (raw, json)
Hash identifier: qCcAYX2avep7xauExYnSzBiw6Qr7nMDulbOr/FjtHEo=
Subject key identifier: 1A:0E:49:E3:A8:34:DD:B4:D7:9F:5B:C2:29:6C:3A:69:E3:67:B6:29
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4E11
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Gg5J46g03bTXn1vCKWw6aeNntik.roa
Signing time: Thu 02 May 2024 16:23:42 +0000
ROA not before: Thu 02 May 2024 16:23:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19985 (0x4e11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 16:23:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1A0E49E3A834DDB4D79F5BC2296C3A69E367B629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ed:d3:20:a5:5f:92:7b:ef:9f:4a:67:c9:76:
ea:ac:05:00:5d:e0:cc:41:a8:86:dc:0e:c7:3c:f7:
21:14:51:08:e5:aa:f3:2b:20:49:43:f0:b1:9a:6f:
04:d6:19:1d:77:a7:16:a0:af:54:11:2c:0e:11:27:
f3:30:03:8c:bd:dd:16:df:9a:2e:a9:7c:2d:3c:55:
97:bf:6c:81:c0:30:db:17:a7:ea:a0:bf:f2:ae:20:
76:e0:39:80:4d:c9:83:f7:68:7e:3e:3a:14:37:f6:
7c:58:e1:5e:78:9b:49:07:1b:78:cb:09:a2:a6:49:
7f:73:7d:95:a5:27:ff:56:49:1c:22:58:ed:bb:d3:
ad:81:83:05:a8:94:9d:86:f5:c9:4d:b4:87:4e:97:
e5:cf:4c:2a:c1:69:d1:17:62:3b:47:cf:f0:dd:45:
5d:9c:f0:a6:fb:2f:ac:e0:39:30:a5:18:b3:38:33:
3f:61:e7:ca:9c:a3:9b:f9:c8:e9:55:b8:f3:c3:ab:
b1:d9:07:4d:eb:0d:c3:32:76:a2:fa:a1:09:2f:91:
f5:57:1d:8a:0d:dd:d0:d6:f5:95:57:a2:79:f4:d9:
0a:af:9e:ab:01:10:07:d3:4c:6c:1b:71:ad:40:61:
99:24:27:64:6e:e3:6e:6e:fd:75:ce:38:19:56:64:
85:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:0E:49:E3:A8:34:DD:B4:D7:9F:5B:C2:29:6C:3A:69:E3:67:B6:29
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Gg5J46g03bTXn1vCKWw6aeNntik.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5b:7e:c7:79:15:6a:99:a2:82:a6:71:80:1f:75:05:0f:13:7d:
fa:40:a0:86:aa:3b:75:5f:95:ff:ca:04:a7:26:ce:af:dd:85:
46:9d:7b:3b:91:41:ed:e7:1e:76:ae:3a:26:a7:15:15:20:fd:
e7:9b:f4:7e:34:23:b8:ae:dc:6b:29:2b:b3:27:41:48:e9:11:
ee:4f:44:51:8f:b9:29:b6:b7:8a:3a:2d:3f:8c:a2:d3:12:04:
79:ed:da:9a:06:f1:ed:03:5e:12:27:cc:cd:b9:55:2d:82:58:
4c:3b:7d:9d:98:8f:8d:9b:02:db:17:b3:55:b4:95:c5:8a:a5:
4b:35:b4:4c:f9:d4:d0:5f:37:50:09:57:cc:7d:d9:5b:9f:b5:
f9:e6:13:9f:1e:04:6c:f8:71:e0:c7:7e:d4:b2:8e:f4:4e:1c:
d6:17:29:17:80:19:1f:f2:32:7e:e2:75:de:ec:60:b9:e5:63:
44:49:7e:8a:72:35:9f:07:ba:57:c8:e5:0a:e6:8c:0b:87:9e:
ec:ea:0b:a7:eb:0c:30:4f:eb:20:9b:e0:d2:63:96:6f:57:31:
d5:f4:6b:2e:67:f3:6e:70:82:df:64:4b:c5:68:5c:c4:f3:d2:
58:52:2b:e6:c8:55:8f:2c:10:ad:6f:c8:92:58:46:89:69:1f:
0b:ea:75:23
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICThEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIx
NjIzNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFBMEU0OUUzQTgzNERE
QjRENzlGNUJDMjI5NkMzQTY5RTM2N0I2MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH7dMgpV+Se++fSmfJduqsBQBd4MxBqIbcDsc89yEUUQjlqvMr
IElD8LGabwTWGR13pxagr1QRLA4RJ/MwA4y93Rbfmi6pfC08VZe/bIHAMNsXp+qg
v/KuIHbgOYBNyYP3aH4+OhQ39nxY4V54m0kHG3jLCaKmSX9zfZWlJ/9WSRwiWO27
062BgwWolJ2G9clNtIdOl+XPTCrBadEXYjtHz/DdRV2c8Kb7L6zgOTClGLM4Mz9h
58qco5v5yOlVuPPDq7HZB03rDcMydqL6oQkvkfVXHYoN3dDW9ZVXonn02QqvnqsB
EAfTTGwbca1AYZkkJ2Ru425u/XXOOBlWZIXhAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUGg5J46g03bTXn1vCKWw6aeNntikwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dnNUo0NmcwM2JUWG4x
dkNLV3c2YWVObnRpay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFt+x3kVapmigqZx
gB91BQ8TffpAoIaqO3Vflf/KBKcmzq/dhUadezuRQe3nHnauOianFRUg/eeb9H40
I7iu3GspK7MnQUjpEe5PRFGPuSm2t4o6LT+MotMSBHnt2poG8e0DXhInzM25VS2C
WEw7fZ2Yj42bAtsXs1W0lcWKpUs1tEz51NBfN1AJV8x92VuftfnmE58eBGz4ceDH
ftSyjvROHNYXKReAGR/yMn7idd7sYLnlY0RJfopyNZ8HulfI5QrmjAuHnuzqC6fr
DDBP6yCb4NJjlm9XMdX0ay5n825wgt9kS8VoXMTz0lhSK+bIVY8sEK1vyJJYRolp
HwvqdSM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:35 2025 by rpki-client