Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/g-GQla7RerErpvNqR9_NaweSeAo.roa
File: g-GQla7RerErpvNqR9_NaweSeAo.roa (raw, json)
Hash identifier: MO5dcegtAoOyYS6TGaArl+jyl0Oqqu8CS1nzTMAiUtc=
Subject key identifier: 83:E1:90:95:AE:D1:7A:B1:2B:A6:F3:6A:47:DF:CD:6B:07:92:78:0A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 42A5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/g-GQla7RerErpvNqR9_NaweSeAo.roa
Signing time: Wed 17 Apr 2024 10:53:08 +0000
ROA not before: Wed 17 Apr 2024 10:53:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17061 (0x42a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 10:53:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=83E19095AED17AB12BA6F36A47DFCD6B0792780A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f8:19:03:a5:fa:a8:42:e2:ec:d2:2b:61:72:
83:78:b2:bf:36:bf:a3:b1:5d:d1:e2:ca:08:14:73:
f6:c7:a0:51:ef:18:ae:1f:e0:b8:d0:5f:9e:75:1b:
0a:91:7d:26:1e:5c:4a:93:c8:48:73:09:47:67:22:
3b:05:7f:31:0a:e6:86:65:8e:cd:49:02:7d:04:00:
aa:89:1f:4c:79:7a:c9:be:17:53:8e:cc:c5:14:d7:
bc:c3:b8:6a:a7:5b:ad:07:06:89:75:79:8b:03:5a:
d8:39:78:97:8e:62:f7:0d:ea:35:58:d3:61:b6:46:
8e:28:50:af:38:ff:23:8b:18:19:0f:b2:f1:9a:36:
42:c0:28:94:48:8e:29:ab:20:88:5c:8e:8d:64:e7:
3e:ac:b1:30:34:87:66:90:6c:56:2a:95:0a:31:66:
fa:a8:63:0a:51:a1:d6:1d:5a:ae:73:fa:da:c2:ff:
6a:2e:b5:67:ac:30:ca:58:eb:44:6d:84:9b:82:5f:
89:2a:e1:7f:5b:d9:cb:c2:66:19:34:36:a8:13:d1:
8b:e3:9f:8b:c7:4f:f4:a3:21:33:34:c4:68:2d:fe:
f9:e1:60:d7:1d:73:3b:74:b1:3a:08:07:02:6d:61:
ca:89:9c:f3:fc:64:7e:be:9c:34:6a:ec:f9:2e:15:
12:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E1:90:95:AE:D1:7A:B1:2B:A6:F3:6A:47:DF:CD:6B:07:92:78:0A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/g-GQla7RerErpvNqR9_NaweSeAo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
98:a3:5b:32:bd:cf:f7:1f:21:1e:15:c9:77:2a:9f:ec:0c:76:
8f:08:cb:77:9d:d4:65:a0:98:f1:1c:16:d3:57:12:e6:d4:f5:
0c:91:a6:2a:3d:77:59:73:48:da:fb:cc:27:c1:60:92:92:b4:
2a:bb:66:47:f2:cc:c8:a8:d9:86:a2:73:61:44:ff:a4:9e:26:
f3:7f:6f:5b:57:f1:73:12:80:9f:e0:f6:42:ff:bd:6a:f9:83:
e1:f1:46:32:79:3b:2b:b2:a7:90:79:6f:58:82:52:19:cc:75:
48:61:8c:89:a0:de:ca:e8:2d:90:af:e4:79:24:a4:29:60:17:
25:ab:02:24:c6:10:fe:1a:a9:cc:cb:3e:80:16:90:44:01:0f:
9d:a5:5a:9c:2c:c2:91:90:53:8a:9d:b5:34:15:12:8b:8b:7b:
62:9c:ae:b5:02:4c:d2:7e:43:80:f5:6e:67:6e:f1:c7:d0:70:
46:0a:25:3a:50:d2:15:42:0b:39:96:3d:d0:b2:49:54:52:44:
77:b7:1c:e5:82:ef:eb:3d:2a:66:ec:17:f1:38:58:14:d6:d3:
67:32:66:e0:a9:ef:8c:c8:4f:23:54:46:75:ed:2d:77:9e:74:
ca:94:05:d3:bd:05:4f:4e:ce:1a:8f:b4:27:65:0d:a5:c3:0b:
c3:c0:5e:ba
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQqUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcx
MDUzMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgzRTE5MDk1QUVEMTdB
QjEyQkE2RjM2QTQ3REZDRDZCMDc5Mjc4MEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI+BkDpfqoQuLs0ithcoN4sr82v6OxXdHiyggUc/bHoFHvGK4f
4LjQX551GwqRfSYeXEqTyEhzCUdnIjsFfzEK5oZljs1JAn0EAKqJH0x5esm+F1OO
zMUU17zDuGqnW60HBol1eYsDWtg5eJeOYvcN6jVY02G2Ro4oUK84/yOLGBkPsvGa
NkLAKJRIjimrIIhcjo1k5z6ssTA0h2aQbFYqlQoxZvqoYwpRodYdWq5z+trC/2ou
tWesMMpY60RthJuCX4kq4X9b2cvCZhk0NqgT0Yvjn4vHT/SjITM0xGgt/vnhYNcd
czt0sToIBwJtYcqJnPP8ZH6+nDRq7PkuFRIXAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUg+GQla7RerErpvNqR9/NaweSeAowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ctR1FsYTdSZXJFcnB2
TnFSOV9OYXdlU2VBby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJijWzK9z/cfIR4V
yXcqn+wMdo8Iy3ed1GWgmPEcFtNXEubU9QyRpio9d1lzSNr7zCfBYJKStCq7Zkfy
zMio2Yaic2FE/6SeJvN/b1tX8XMSgJ/g9kL/vWr5g+HxRjJ5Oyuyp5B5b1iCUhnM
dUhhjImg3sroLZCv5HkkpClgFyWrAiTGEP4aqczLPoAWkEQBD52lWpwswpGQU4qd
tTQVEouLe2KcrrUCTNJ+Q4D1bmdu8cfQcEYKJTpQ0hVCCzmWPdCySVRSRHe3HOWC
7+s9KmbsF/E4WBTW02cyZuCp74zITyNURnXtLXeedMqUBdO9BU9OzhqPtCdlDaXD
C8PAXro=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:39 2024 by rpki-client on console-fra.rpki-client.org