Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/VGi-s9G0-ImP8itkaeb7ZX466QY.roa
File: VGi-s9G0-ImP8itkaeb7ZX466QY.roa (raw, json)
Hash identifier: EJM5dh5X7yk8oP3hGjts8qOyb4R3ccyUkNBECR0dKaw=
Subject key identifier: 54:68:BE:B3:D1:B4:F8:89:8F:F2:2B:64:69:E6:FB:65:7E:3A:E9:06
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4099
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VGi-s9G0-ImP8itkaeb7ZX466QY.roa
Signing time: Sun 14 Apr 2024 17:22:52 +0000
ROA not before: Sun 14 Apr 2024 17:22:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16537 (0x4099)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 17:22:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5468BEB3D1B4F8898FF22B6469E6FB657E3AE906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8c:0b:42:a1:16:d6:ec:44:d2:ce:dc:65:9a:
6f:be:02:e4:e5:48:8e:4d:d0:83:a1:3f:37:e9:f2:
47:5a:25:e8:0f:7b:e4:fd:f5:6b:30:4c:d3:79:20:
39:72:24:84:6e:ca:d7:1b:ec:00:d3:d3:0e:97:b3:
45:1d:79:35:ad:80:39:8f:81:ad:b9:25:86:5e:b7:
4b:d1:16:2e:c9:57:41:0c:b4:3d:21:aa:69:ab:96:
d9:fe:e6:d9:fa:75:be:fe:2b:27:1d:5d:92:b4:0f:
f3:1d:60:7f:fe:dd:cb:77:1a:27:92:80:24:34:30:
14:9b:62:ed:a6:1e:87:b2:1d:22:47:65:1c:48:3e:
1d:f7:73:f0:fc:9e:99:dc:a6:84:d9:00:12:77:8d:
a6:7b:e8:ad:2b:52:93:7e:62:4d:3a:a1:87:6f:74:
90:92:0c:89:c4:5f:31:97:e8:3a:d2:ac:79:c1:93:
b3:ef:24:0d:7a:4d:fc:c0:be:8a:48:4a:ca:f0:0b:
1a:83:c8:d1:83:86:b1:3d:11:46:e5:8c:f8:ea:94:
a8:43:fa:a5:3e:91:b3:7f:50:40:66:fe:52:35:7a:
75:82:f9:04:0e:77:49:84:c1:3c:55:b9:3d:16:58:
92:db:46:51:4c:c0:51:0a:33:3b:d5:b4:77:c7:45:
a0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:68:BE:B3:D1:B4:F8:89:8F:F2:2B:64:69:E6:FB:65:7E:3A:E9:06
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/VGi-s9G0-ImP8itkaeb7ZX466QY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6a:39:1c:42:ab:37:ae:34:be:0d:9a:57:c1:e6:7e:71:a1:4f:
24:55:da:fd:82:35:11:ec:fa:28:30:95:54:17:e2:3f:a0:ee:
a0:04:b2:70:34:4d:67:01:dc:f6:5c:92:87:34:38:04:7f:3e:
15:51:f4:88:eb:30:f3:13:f4:4f:32:51:a1:bc:38:c3:24:64:
84:02:b8:d5:67:97:0b:5a:b3:54:92:b7:fd:04:d9:0d:28:18:
0f:6a:2b:82:6b:f6:64:f2:38:73:0b:67:10:4b:0c:46:6b:97:
2f:86:29:3e:d3:c9:89:93:2e:a2:54:72:ff:6e:3e:ee:af:01:
b2:71:6e:39:e7:f6:f0:a4:31:1a:51:75:8e:99:0d:75:1a:78:
ee:67:d9:18:64:8d:11:17:f6:1d:77:2c:3d:a8:86:ee:86:bd:
3b:f6:cc:29:cb:14:7a:9c:51:ca:b8:ed:da:77:0a:a6:5f:3d:
05:9e:a1:66:8e:92:bd:79:d8:f2:19:1d:c2:31:b5:54:a0:ae:
1b:c8:63:dd:21:0e:a6:b6:5c:ba:ab:46:b6:ab:3e:59:4d:6a:
e3:d5:74:2c:77:7d:a4:29:8d:7a:ca:7b:10:d1:11:36:b1:d9:
e6:2b:15:8a:55:55:22:9d:0e:ba:b9:ae:2d:9c:5d:b8:c9:c2:
e4:b5:37:5e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
NzIyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU0NjhCRUIzRDFCNEY4
ODk4RkYyMkI2NDY5RTZGQjY1N0UzQUU5MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/jAtCoRbW7ETSztxlmm++AuTlSI5N0IOhPzfp8kdaJegPe+T9
9WswTNN5IDlyJIRuytcb7ADT0w6Xs0UdeTWtgDmPga25JYZet0vRFi7JV0EMtD0h
qmmrltn+5tn6db7+KycdXZK0D/MdYH/+3ct3GieSgCQ0MBSbYu2mHoeyHSJHZRxI
Ph33c/D8npncpoTZABJ3jaZ76K0rUpN+Yk06oYdvdJCSDInEXzGX6DrSrHnBk7Pv
JA16TfzAvopISsrwCxqDyNGDhrE9EUbljPjqlKhD+qU+kbN/UEBm/lI1enWC+QQO
d0mEwTxVuT0WWJLbRlFMwFEKMzvVtHfHRaBVAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUVGi+s9G0+ImP8itkaeb7ZX466QYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1ZHaS1zOUcwLUltUDhp
dGthZWI3Wlg0NjZRWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGo5HEKrN640vg2a
V8HmfnGhTyRV2v2CNRHs+igwlVQX4j+g7qAEsnA0TWcB3PZckoc0OAR/PhVR9Ijr
MPMT9E8yUaG8OMMkZIQCuNVnlwtas1SSt/0E2Q0oGA9qK4Jr9mTyOHMLZxBLDEZr
ly+GKT7TyYmTLqJUcv9uPu6vAbJxbjnn9vCkMRpRdY6ZDXUaeO5n2RhkjREX9h13
LD2ohu6GvTv2zCnLFHqcUcq47dp3CqZfPQWeoWaOkr152PIZHcIxtVSgrhvIY90h
Dqa2XLqrRrarPllNauPVdCx3faQpjXrKexDRETax2eYrFYpVVSKdDrq5ri2cXbjJ
wuS1N14=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:46 2024 by rpki-client on console-ams.rpki-client.org