Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GxvdmMx79mYpCRVzw8S7YqhmFRw.roa
File: GxvdmMx79mYpCRVzw8S7YqhmFRw.roa (raw, json)
Hash identifier: /rweo59hpwBaX9J9WxX9z7ZkaQKZzYi7Vm+dp+It0bo=
Subject key identifier: 1B:1B:DD:98:CC:7B:F6:66:29:09:15:73:C3:C4:BB:62:A8:66:15:1C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E3D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GxvdmMx79mYpCRVzw8S7YqhmFRw.roa
Signing time: Thu 11 Apr 2024 13:52:45 +0000
ROA not before: Thu 11 Apr 2024 13:52:45 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15933 (0x3e3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 13:52:45 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1B1BDD98CC7BF66629091573C3C4BB62A866151C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d4:d5:5b:3d:0b:9f:6a:50:5b:12:ed:b1:d8:
56:cb:fd:1c:04:75:f9:04:1d:72:a0:11:80:56:54:
3b:c4:d7:63:ae:54:e0:ea:f5:22:9c:e5:de:05:d8:
dc:b4:37:8e:31:d9:62:70:81:4b:a7:7f:a5:0e:e4:
01:6a:e1:de:e3:8f:e8:cd:a5:ea:55:0a:00:d7:c9:
e4:1a:d7:1e:ca:c5:ff:7a:8d:ff:cd:3b:a6:2d:1c:
a9:a2:05:ae:2c:bf:c4:e5:9d:e8:16:ef:7a:ee:de:
a1:2e:45:bf:ba:87:cc:ac:58:57:a0:3e:cf:50:15:
c2:29:90:61:bd:c9:9a:c0:51:31:8d:8a:22:d7:2d:
06:9d:a4:1f:20:ba:12:a2:27:1f:33:4d:ca:65:7c:
37:e2:94:01:96:d9:6b:6a:db:4e:be:09:64:51:74:
9d:64:5a:71:6b:6d:35:27:60:94:e4:08:43:6b:9e:
26:8d:ba:5e:e5:f5:23:62:cc:58:51:f3:0c:d7:b1:
b6:9c:e2:f9:a6:64:22:30:e5:9a:6b:78:d5:36:6d:
fa:50:03:f0:65:9e:ab:ed:51:e7:f4:da:9c:6f:e7:
d0:01:a8:be:53:2b:bb:26:e1:2b:33:14:c6:74:29:
8e:74:a9:48:b2:23:17:a6:0b:36:cb:31:99:65:aa:
c6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:1B:DD:98:CC:7B:F6:66:29:09:15:73:C3:C4:BB:62:A8:66:15:1C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GxvdmMx79mYpCRVzw8S7YqhmFRw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
13:23:39:70:f8:23:fa:7e:51:4c:e5:5c:3e:ab:4a:23:d4:cd:
9a:df:40:43:d8:a2:63:80:f4:89:d0:f6:34:67:48:da:2f:58:
aa:9a:c7:e2:b5:20:10:fc:6e:3d:44:ed:b0:e5:0c:ae:ca:74:
af:7c:98:77:6f:97:a2:9e:8e:b0:43:70:16:6a:b7:a5:b7:60:
b5:46:eb:e3:34:0d:bc:df:3f:38:72:2d:d4:31:d7:2d:ba:c6:
bc:3c:2e:99:74:c5:52:c5:e4:fc:72:c2:14:fe:a5:ed:c5:c2:
66:b1:ed:31:30:1f:ba:67:ab:1c:15:18:6d:a0:ef:f8:9f:0c:
02:93:aa:88:0c:d5:79:3e:dc:6e:73:3d:1b:87:a0:75:e1:47:
9a:09:31:4f:f4:20:2c:bf:d6:b1:99:78:81:e4:79:0d:66:fa:
d5:55:cc:40:a0:01:29:41:a8:12:8e:3c:4a:38:c1:dc:04:4c:
25:fa:11:60:82:9a:41:ee:59:56:e7:93:d9:25:12:b6:a6:7d:
b1:f3:99:dd:62:cd:69:92:32:71:ea:21:f4:0f:20:65:c1:27:
3f:72:53:df:86:2f:67:e0:81:67:92:50:b5:af:e0:55:ea:aa:
77:a4:4e:00:0a:97:67:53:e5:c4:54:34:fa:36:07:c6:44:74:
80:18:fb:11
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPj0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEx
MzUyNDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFCMUJERDk4Q0M3QkY2
NjYyOTA5MTU3M0MzQzRCQjYyQTg2NjE1MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr1NVbPQufalBbEu2x2FbL/RwEdfkEHXKgEYBWVDvE12OuVODq
9SKc5d4F2Ny0N44x2WJwgUunf6UO5AFq4d7jj+jNpepVCgDXyeQa1x7Kxf96jf/N
O6YtHKmiBa4sv8TlnegW73ru3qEuRb+6h8ysWFegPs9QFcIpkGG9yZrAUTGNiiLX
LQadpB8guhKiJx8zTcplfDfilAGW2Wtq206+CWRRdJ1kWnFrbTUnYJTkCENrniaN
ul7l9SNizFhR8wzXsbac4vmmZCIw5ZpreNU2bfpQA/BlnqvtUef02pxv59ABqL5T
K7sm4SszFMZ0KY50qUiyIxemCzbLMZllqsb/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUGxvdmMx79mYpCRVzw8S7YqhmFRwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0d4dmRtTXg3OW1ZcENS
Vnp3OFM3WXFobUZSdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABMjOXD4I/p+UUzl
XD6rSiPUzZrfQEPYomOA9InQ9jRnSNovWKqax+K1IBD8bj1E7bDlDK7KdK98mHdv
l6KejrBDcBZqt6W3YLVG6+M0DbzfPzhyLdQx1y26xrw8Lpl0xVLF5PxywhT+pe3F
wmax7TEwH7pnqxwVGG2g7/ifDAKTqogM1Xk+3G5zPRuHoHXhR5oJMU/0ICy/1rGZ
eIHkeQ1m+tVVzECgASlBqBKOPEo4wdwETCX6EWCCmkHuWVbnk9klEramfbHzmd1i
zWmSMnHqIfQPIGXBJz9yU9+GL2fggWeSULWv4FXqqnekTgAKl2dT5cRUNPo2B8ZE
dIAY+xE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:28 2024 by rpki-client on console-ams.rpki-client.org