Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GtnNof1BZf5lSbbUzUT6h9S0loM.roa
File: GtnNof1BZf5lSbbUzUT6h9S0loM.roa (raw, json)
Hash identifier: T6ta7kq78jW3sTOeGErZ1T9cNG82Rg/UqAdWirmGkGw=
Subject key identifier: 1A:D9:CD:A1:FD:41:65:FE:65:49:B6:D4:CD:44:FA:87:D4:B4:96:83
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3745
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GtnNof1BZf5lSbbUzUT6h9S0loM.roa
Signing time: Tue 02 Apr 2024 06:52:17 +0000
ROA not before: Tue 02 Apr 2024 06:52:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14149 (0x3745)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 06:52:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1AD9CDA1FD4165FE6549B6D4CD44FA87D4B49683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b2:db:73:a4:4f:f6:3e:08:ec:fe:9c:75:31:
d7:4c:59:49:ca:b4:24:37:3f:05:96:bc:03:cb:3d:
37:62:1d:f7:55:34:9d:de:f3:60:28:e3:af:59:ea:
90:c6:25:e5:50:23:97:f0:3b:1d:5f:a8:2b:33:cf:
09:39:cd:30:dd:f3:d6:30:07:42:f8:66:ff:6f:5f:
36:4d:1e:5b:70:b0:e7:b5:03:c8:97:8d:24:66:d1:
1f:e9:2b:79:2c:16:b1:a9:7a:1e:8d:a8:a6:4e:b8:
ec:f6:36:74:f1:cf:86:6a:8a:d9:69:21:cc:92:b5:
20:02:21:5c:59:76:2b:05:4e:15:86:e3:14:d8:64:
9e:02:3b:dd:4f:ab:a0:7e:af:86:29:c9:65:44:17:
94:e0:57:d8:ef:3b:15:03:b7:9f:42:f2:a9:94:c3:
b6:0b:b5:0e:73:8e:37:03:5f:b1:0a:a3:31:04:ab:
b0:ad:f5:bc:1a:2e:15:ed:11:05:a3:40:6d:9a:bd:
19:58:4d:61:9f:69:65:c9:c9:af:f3:c4:a8:db:b2:
9c:89:5f:36:4f:5e:10:02:e1:de:13:c8:a0:d0:ff:
aa:0e:56:8c:97:66:7a:12:f7:00:40:0f:29:d2:e8:
48:ac:72:5b:38:e6:23:02:6d:ef:f9:45:71:cf:7e:
d4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D9:CD:A1:FD:41:65:FE:65:49:B6:D4:CD:44:FA:87:D4:B4:96:83
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GtnNof1BZf5lSbbUzUT6h9S0loM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8a:5c:f5:28:51:b6:86:6c:a6:14:a7:af:88:36:40:f8:24:63:
a2:35:ed:36:6e:c0:58:f9:bf:e1:80:01:97:43:66:8d:cf:23:
ed:0b:fd:35:c5:43:24:6b:57:9d:a0:7d:f7:de:aa:a7:c6:d8:
42:8d:06:58:e4:32:e5:88:a9:26:e4:f0:80:2d:2a:f1:b9:4c:
f5:69:84:ac:55:d6:af:c7:9a:fe:37:fc:14:a5:61:93:6b:aa:
13:db:e1:26:cc:ec:77:7c:2d:71:58:02:30:fc:fe:91:e5:9b:
a0:be:74:dc:c7:10:36:d8:1f:ee:fd:6f:a9:f5:a6:37:dd:61:
5a:f7:89:9d:41:b5:8f:07:bb:15:60:b3:0f:c3:27:71:a4:fd:
53:9b:ad:b6:24:d7:d3:b9:86:27:58:a6:21:88:dd:c0:21:12:
01:b3:61:ac:17:5e:e4:f2:76:17:0e:f8:8d:54:c3:a6:9f:5e:
c2:b1:e8:ca:68:3c:1f:b8:78:02:eb:8e:55:e3:c9:5d:e4:09:
06:45:d3:6a:bc:77:3a:d1:b9:60:c7:53:5f:7d:3c:e4:01:dd:
c5:02:e0:a3:2f:aa:78:cf:b7:08:69:66:ca:64:bd:02:12:31:
e7:27:0f:9d:a5:8c:2a:ea:cc:4a:cb:e9:d9:bb:20:1b:c0:94:
e3:a6:48:a0
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICN0UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIw
NjUyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFBRDlDREExRkQ0MTY1
RkU2NTQ5QjZENENENDRGQTg3RDRCNDk2ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCUsttzpE/2Pgjs/px1MddMWUnKtCQ3PwWWvAPLPTdiHfdVNJ3e
82Ao469Z6pDGJeVQI5fwOx1fqCszzwk5zTDd89YwB0L4Zv9vXzZNHltwsOe1A8iX
jSRm0R/pK3ksFrGpeh6NqKZOuOz2NnTxz4ZqitlpIcyStSACIVxZdisFThWG4xTY
ZJ4CO91Pq6B+r4YpyWVEF5TgV9jvOxUDt59C8qmUw7YLtQ5zjjcDX7EKozEEq7Ct
9bwaLhXtEQWjQG2avRlYTWGfaWXJya/zxKjbspyJXzZPXhAC4d4TyKDQ/6oOVoyX
ZnoS9wBADynS6Eiscls45iMCbe/5RXHPftS5AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUGtnNof1BZf5lSbbUzUT6h9S0loMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0d0bk5vZjFCWmY1bFNi
YlV6VVQ2aDlTMGxvTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIpc9ShRtoZsphSn
r4g2QPgkY6I17TZuwFj5v+GAAZdDZo3PI+0L/TXFQyRrV52gfffeqqfG2EKNBljk
MuWIqSbk8IAtKvG5TPVphKxV1q/Hmv43/BSlYZNrqhPb4SbM7Hd8LXFYAjD8/pHl
m6C+dNzHEDbYH+79b6n1pjfdYVr3iZ1BtY8HuxVgsw/DJ3Gk/VObrbYk19O5hidY
piGI3cAhEgGzYawXXuTydhcO+I1Uw6afXsKx6MpoPB+4eALrjlXjyV3kCQZF02q8
dzrRuWDHU199POQB3cUC4KMvqnjPtwhpZspkvQISMecnD52ljCrqzErL6dm7IBvA
lOOmSKA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:28 2024 by rpki-client on console-ams.rpki-client.org