Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/gFm_kpmVZ2zqIPRZ_idlbg1un3s.roa
File: gFm_kpmVZ2zqIPRZ_idlbg1un3s.roa (raw, json)
Hash identifier: IayJ8TcKV+beGW+kMvgJ7rC5WmwaE3EaUuLyu3scSmc=
Subject key identifier: 80:59:BF:92:99:95:67:6C:EA:20:F4:59:FE:27:65:6E:0D:6E:9F:7B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36DD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gFm_kpmVZ2zqIPRZ_idlbg1un3s.roa
Signing time: Mon 01 Apr 2024 17:52:11 +0000
ROA not before: Mon 01 Apr 2024 17:52:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14045 (0x36dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 17:52:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8059BF929995676CEA20F459FE27656E0D6E9F7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:f7:f1:35:31:d2:b3:8a:e8:39:61:ef:62:5f:
29:c1:ab:0a:81:53:16:13:ed:d8:0b:ec:de:a2:7c:
68:a8:79:a0:dc:57:af:b5:cd:78:83:4b:0f:cf:91:
d7:b6:e0:d5:0c:22:e7:28:f0:26:1a:a7:dd:63:ab:
99:92:8e:ac:7b:62:f9:fd:92:53:50:7c:5c:73:d2:
b9:95:6e:5d:f5:cc:6d:5b:b2:95:ac:af:ba:36:cf:
04:60:67:ca:a3:fc:9c:d6:6e:9a:03:82:72:72:3d:
53:d2:e1:e2:a9:0f:64:78:37:2d:e8:25:6e:eb:0c:
04:66:eb:67:df:66:70:35:5b:d9:f7:f3:be:4f:b9:
d8:77:3a:3c:11:24:8a:4c:9a:5a:e7:92:3d:b0:ac:
6b:cd:0d:7a:86:76:4a:2d:56:95:8b:9c:07:a6:6e:
0f:cb:a9:d3:b0:84:8a:e8:68:f8:52:24:f1:7d:a9:
93:a7:2c:04:d9:7b:f5:2f:64:aa:d5:bd:dc:cb:0c:
30:f0:61:f6:30:57:7e:0a:fe:00:e6:76:75:0a:2f:
7d:c1:ec:21:3c:da:9f:16:fe:0f:e4:9b:a4:cc:69:
67:2b:eb:69:8b:7e:88:fd:65:c6:c4:80:a6:fd:ec:
27:00:5f:4d:0a:ad:e9:58:c8:45:4c:8a:a7:99:da:
d3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:59:BF:92:99:95:67:6C:EA:20:F4:59:FE:27:65:6E:0D:6E:9F:7B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gFm_kpmVZ2zqIPRZ_idlbg1un3s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
52:08:2c:02:64:ad:ba:f2:cf:ef:a3:74:12:6c:ef:42:b6:ea:
2e:3b:4b:10:97:9d:9b:75:9a:8c:3c:f3:db:df:00:9e:19:36:
49:3a:48:1e:0d:2a:3b:69:f8:a7:7e:3d:ab:8b:bc:1b:93:bf:
f7:e8:c5:3c:e0:ca:16:52:2a:58:de:db:61:c6:75:0e:be:0b:
97:15:2b:5c:c5:1d:92:68:4e:f8:ae:06:66:56:51:6e:f9:fd:
13:9a:90:76:fc:4c:5f:89:59:8c:c0:13:9b:a2:76:42:9c:20:
81:d3:41:10:9b:a6:c3:8e:86:c2:23:c0:65:27:35:d7:e1:4f:
b6:e1:ba:c3:e7:f1:1e:74:3d:d2:dd:dc:83:c1:cd:2d:8e:5c:
16:46:03:74:7a:65:1a:3e:4e:03:7c:a6:d2:ac:2b:ba:63:51:
44:6c:e3:28:98:de:5c:47:5b:4b:6d:01:9f:79:91:64:5d:1b:
76:91:1e:f7:bd:51:b2:1f:cf:74:c0:75:6f:68:cf:e1:bd:b5:
53:5c:39:94:12:c8:c3:4e:3a:5b:c7:90:63:94:7e:be:de:42:
00:08:0b:ca:2e:2a:06:e9:63:d4:7c:43:bc:d5:bf:4a:2c:b9:
e5:4d:a9:62:21:1f:54:c9:36:29:7a:dd:35:ab:37:c6:9f:7d:
1e:52:09:f2
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNt0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEx
NzUyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgwNTlCRjkyOTk5NTY3
NkNFQTIwRjQ1OUZFMjc2NTZFMEQ2RTlGN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDc9/E1MdKziug5Ye9iXynBqwqBUxYT7dgL7N6ifGioeaDcV6+1
zXiDSw/Pkde24NUMIuco8CYap91jq5mSjqx7Yvn9klNQfFxz0rmVbl31zG1bspWs
r7o2zwRgZ8qj/JzWbpoDgnJyPVPS4eKpD2R4Ny3oJW7rDARm62ffZnA1W9n3875P
udh3OjwRJIpMmlrnkj2wrGvNDXqGdkotVpWLnAembg/LqdOwhIroaPhSJPF9qZOn
LATZe/UvZKrVvdzLDDDwYfYwV34K/gDmdnUKL33B7CE82p8W/g/km6TMaWcr62mL
foj9ZcbEgKb97CcAX00KrelYyEVMiqeZ2tMRAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUgFm/kpmVZ2zqIPRZ/idlbg1un3swHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2dGbV9rcG1WWjJ6cUlQ
UlpfaWRsYmcxdW4zcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFIILAJkrbryz++j
dBJs70K26i47SxCXnZt1mow889vfAJ4ZNkk6SB4NKjtp+Kd+PauLvBuTv/foxTzg
yhZSKlje22HGdQ6+C5cVK1zFHZJoTviuBmZWUW75/ROakHb8TF+JWYzAE5uidkKc
IIHTQRCbpsOOhsIjwGUnNdfhT7bhusPn8R50PdLd3IPBzS2OXBZGA3R6ZRo+TgN8
ptKsK7pjUURs4yiY3lxHW0ttAZ95kWRdG3aRHve9UbIfz3TAdW9oz+G9tVNcOZQS
yMNOOlvHkGOUfr7eQgAIC8ouKgbpY9R8Q7zVv0osueVNqWIhH1TJNil63TWrN8af
fR5SCfI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:00 2024 by rpki-client on console-ams.rpki-client.org