Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/a-gRSlr6u37AxCYEJZJPtRaPRNk.roa
File: a-gRSlr6u37AxCYEJZJPtRaPRNk.roa (raw, json)
Hash identifier: emVBZW/7BBgMvKBeCNVzM1jpooB7lXdgr28IbNfSJOY=
Subject key identifier: 6B:E8:11:4A:5A:FA:BB:7E:C0:C4:26:04:25:92:4F:B5:16:8F:44:D9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D39
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/a-gRSlr6u37AxCYEJZJPtRaPRNk.roa
Signing time: Wed 10 Apr 2024 05:22:40 +0000
ROA not before: Wed 10 Apr 2024 05:22:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15673 (0x3d39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 05:22:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6BE8114A5AFABB7EC0C4260425924FB5168F44D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0e:56:d2:34:07:16:5c:13:1e:3d:6e:62:9e:
54:c4:5b:93:25:1f:c5:29:e3:04:18:5f:3d:0c:64:
99:9f:e2:26:85:1c:9a:c1:94:f0:6e:a7:58:34:0d:
b6:00:a9:d2:33:c0:ca:be:ec:23:11:b1:45:79:62:
27:e3:f3:86:dd:52:12:41:34:94:61:14:b3:54:94:
1b:9b:4c:60:d4:fa:71:81:a6:b5:1d:8f:66:cc:85:
cc:2a:78:c6:80:99:f0:ab:45:a4:e1:6c:44:2c:ee:
2e:46:13:19:2f:b6:00:e8:4f:a0:fd:f7:1e:5d:55:
ac:fe:46:b4:d4:6a:af:70:d6:ce:74:0d:9c:c0:bc:
f0:40:29:07:bf:4f:d7:0c:83:7d:d8:90:1f:18:26:
b2:55:11:25:ad:f3:fd:3a:fd:24:a6:c2:bc:15:be:
d8:30:ec:f5:86:14:83:2f:75:62:74:78:94:6e:d3:
1f:1f:bb:cc:a5:bc:08:e1:d8:56:c5:74:9f:a0:df:
18:1c:c8:e2:97:66:39:21:3e:a4:9f:d5:72:83:da:
da:ee:9b:7a:d4:46:5f:e8:da:4e:bb:24:e8:a4:0f:
cb:3a:2c:bd:e8:e0:df:dd:05:58:56:3a:20:84:10:
32:1b:52:f6:61:0b:0b:7c:44:69:78:76:75:1d:b6:
79:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E8:11:4A:5A:FA:BB:7E:C0:C4:26:04:25:92:4F:B5:16:8F:44:D9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/a-gRSlr6u37AxCYEJZJPtRaPRNk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
57:3b:9e:9d:1b:77:8a:42:02:56:61:9c:b0:5d:7d:c9:cc:62:
a3:bd:8a:78:ac:cf:f7:d2:e9:f9:ac:d0:d3:c1:d9:4c:f2:2e:
b2:42:e6:15:46:10:ea:64:9f:fe:9e:72:3f:5d:86:e8:fe:b9:
0e:39:e5:e5:d7:b2:09:85:e0:57:87:12:3c:51:00:b9:02:a8:
e9:0f:dd:4d:57:14:42:1f:53:88:b9:d5:85:56:c7:60:14:cd:
35:86:dc:f1:e2:5b:8b:63:dd:fb:44:0a:dc:26:e2:cd:1f:ae:
44:f7:88:4d:0c:85:fb:65:86:bc:5c:9e:64:a9:a1:6e:b4:44:
bd:eb:1d:e2:b1:49:ec:90:4e:60:58:fc:93:7d:64:b2:6d:47:
b7:04:6f:06:45:76:ae:20:fc:3b:50:25:70:d6:b2:33:55:da:
4a:bc:61:96:dc:f3:23:98:ff:f0:06:15:fd:d5:66:a4:7c:d7:
f1:0d:f5:58:f1:1e:a0:fa:c0:f1:8d:27:51:b5:a8:53:59:28:
b6:08:67:c7:10:d4:0a:45:77:da:2e:f4:d7:bd:57:a0:6b:13:
6c:cf:eb:ed:6c:d3:55:9f:e9:95:8b:6a:71:cf:4d:af:de:e3:
48:66:30:a9:83:f5:d6:66:97:95:4b:4b:a3:a5:81:ff:02:6f:
d5:9c:ac:01
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPTkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAw
NTIyNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZCRTgxMTRBNUFGQUJC
N0VDMEM0MjYwNDI1OTI0RkI1MTY4RjQ0RDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5DlbSNAcWXBMePW5inlTEW5MlH8Up4wQYXz0MZJmf4iaFHJrB
lPBup1g0DbYAqdIzwMq+7CMRsUV5Yifj84bdUhJBNJRhFLNUlBubTGDU+nGBprUd
j2bMhcwqeMaAmfCrRaThbEQs7i5GExkvtgDoT6D99x5dVaz+RrTUaq9w1s50DZzA
vPBAKQe/T9cMg33YkB8YJrJVESWt8/06/SSmwrwVvtgw7PWGFIMvdWJ0eJRu0x8f
u8ylvAjh2FbFdJ+g3xgcyOKXZjkhPqSf1XKD2trum3rURl/o2k67JOikD8s6LL3o
4N/dBVhWOiCEEDIbUvZhCwt8RGl4dnUdtnnnAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUa+gRSlr6u37AxCYEJZJPtRaPRNkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2EtZ1JTbHI2dTM3QXhD
WUVKWkpQdFJhUFJOay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFc7np0bd4pCAlZh
nLBdfcnMYqO9inisz/fS6fms0NPB2UzyLrJC5hVGEOpkn/6ecj9dhuj+uQ455eXX
sgmF4FeHEjxRALkCqOkP3U1XFEIfU4i51YVWx2AUzTWG3PHiW4tj3ftECtwm4s0f
rkT3iE0MhftlhrxcnmSpoW60RL3rHeKxSeyQTmBY/JN9ZLJtR7cEbwZFdq4g/DtQ
JXDWsjNV2kq8YZbc8yOY//AGFf3VZqR81/EN9VjxHqD6wPGNJ1G1qFNZKLYIZ8cQ
1ApFd9ou9Ne9V6BrE2zP6+1s01Wf6ZWLanHPTa/e40hmMKmD9dZml5VLS6Olgf8C
b9WcrAE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:34 2024 by rpki-client on console-fra.rpki-client.org