Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/gU9poM97gimR7Ku9uN3ejnok2sI.roa
File: gU9poM97gimR7Ku9uN3ejnok2sI.roa (raw, json)
Hash identifier: xgeayY6oiO7YX/bVsGi6/K772O52ebTeLdQyeieIAUk=
Subject key identifier: 81:4F:69:A0:CF:7B:82:29:91:EC:AB:BD:B8:DD:DE:8E:7A:24:DA:C2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47B5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gU9poM97gimR7Ku9uN3ejnok2sI.roa
Signing time: Wed 24 Apr 2024 04:53:14 +0000
ROA not before: Wed 24 Apr 2024 04:53:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18357 (0x47b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 04:53:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=814F69A0CF7B822991ECABBDB8DDDE8E7A24DAC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:30:23:70:28:54:65:60:ca:c6:7f:e3:d9:aa:
59:fe:56:03:b2:d9:d1:35:31:23:ef:9e:7e:e8:a5:
f6:ac:91:90:29:2c:ac:9f:a4:99:78:98:c5:de:7f:
9d:5f:7d:d4:7f:1c:7b:94:97:8e:5c:91:16:47:00:
d3:86:2a:39:3d:1f:a6:f2:3f:84:91:07:d3:c8:eb:
b0:11:85:4f:e8:31:e4:cf:27:a6:02:27:85:d3:d3:
4e:94:95:2c:32:ed:e9:5b:b4:78:8c:a7:81:b4:7a:
26:c7:2e:c6:58:ed:e8:23:56:cf:a8:92:d0:a0:db:
96:47:19:fe:17:17:8b:0f:e5:82:16:41:8f:ae:c7:
bf:6b:2e:ad:f7:b1:32:60:51:34:ed:24:01:c9:0a:
86:a9:86:89:27:47:bf:51:3f:73:98:9b:0b:72:09:
39:3e:fc:58:d5:c9:4a:7d:f3:ee:75:24:13:97:00:
c5:71:03:8d:e7:f3:ea:11:a9:12:4e:88:09:77:5c:
46:79:c2:ba:39:8e:18:7b:6a:bf:24:79:c1:28:2b:
e5:0f:68:1b:e1:61:bb:0b:9a:72:ca:a5:da:22:25:
65:6a:2b:ba:87:71:4c:71:5c:a1:2e:ff:23:e6:34:
9b:2e:0c:dd:d2:d0:0f:1b:b1:d3:9c:b8:f1:67:8f:
42:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:4F:69:A0:CF:7B:82:29:91:EC:AB:BD:B8:DD:DE:8E:7A:24:DA:C2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gU9poM97gimR7Ku9uN3ejnok2sI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
57:36:8c:a6:f4:0f:17:07:11:0e:18:8b:e5:71:0b:ba:60:b3:
1a:76:67:6b:76:4c:7e:fd:d0:99:5b:7f:1d:12:45:45:55:f2:
58:a4:e2:47:54:d9:00:e8:95:71:4e:71:f6:9a:27:86:ac:f9:
35:28:2f:fe:7a:5b:4d:1a:58:b5:6e:8f:06:52:f1:16:7e:27:
2a:f0:0f:ce:61:4b:4f:41:69:1e:90:e5:58:83:49:f1:04:29:
2c:b0:a1:46:35:7f:2c:5b:4e:d0:e0:c3:90:0b:05:47:0d:7b:
9f:c4:f6:d6:e4:5d:19:1c:60:cc:c0:ce:9a:cf:46:49:47:50:
ed:30:83:27:6c:fe:ba:78:aa:e9:1e:8d:28:fc:3d:96:5e:47:
22:f3:d9:d1:a7:f9:9b:0e:16:06:4a:21:cc:00:b2:d5:0a:6d:
82:5c:9d:be:2d:88:6c:08:c1:ee:7a:9d:15:94:bd:aa:18:eb:
b7:04:8e:49:27:ef:ca:db:de:6a:d3:df:55:1e:30:dc:93:1e:
b0:cc:e2:6b:87:d6:98:96:2f:3b:8e:c6:b2:82:90:35:f9:4b:
ac:1c:e9:e6:71:44:e5:7d:6c:38:4f:6a:31:9e:b9:48:c6:fe:
38:5a:fb:94:af:0d:c2:a2:7a:9d:00:eb:08:be:07:d0:d2:51:
4c:65:8e:9a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICR7UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
NDUzMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgxNEY2OUEwQ0Y3Qjgy
Mjk5MUVDQUJCREI4RERERThFN0EyNERBQzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOMCNwKFRlYMrGf+PZqln+VgOy2dE1MSPvnn7opfaskZApLKyf
pJl4mMXef51ffdR/HHuUl45ckRZHANOGKjk9H6byP4SRB9PI67ARhU/oMeTPJ6YC
J4XT006UlSwy7elbtHiMp4G0eibHLsZY7egjVs+oktCg25ZHGf4XF4sP5YIWQY+u
x79rLq33sTJgUTTtJAHJCoaphoknR79RP3OYmwtyCTk+/FjVyUp98+51JBOXAMVx
A43n8+oRqRJOiAl3XEZ5wro5jhh7ar8kecEoK+UPaBvhYbsLmnLKpdoiJWVqK7qH
cUxxXKEu/yPmNJsuDN3S0A8bsdOcuPFnj0KvAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUgU9poM97gimR7Ku9uN3ejnok2sIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2dVOXBvTTk3Z2ltUjdL
dTl1TjNlam5vazJzSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFc2jKb0DxcHEQ4Y
i+VxC7pgsxp2Z2t2TH790Jlbfx0SRUVV8lik4kdU2QDolXFOcfaaJ4as+TUoL/56
W00aWLVujwZS8RZ+JyrwD85hS09BaR6Q5ViDSfEEKSywoUY1fyxbTtDgw5ALBUcN
e5/E9tbkXRkcYMzAzprPRklHUO0wgyds/rp4qukejSj8PZZeRyLz2dGn+ZsOFgZK
IcwAstUKbYJcnb4tiGwIwe56nRWUvaoY67cEjkkn78rb3mrT31UeMNyTHrDM4muH
1piWLzuOxrKCkDX5S6wc6eZxROV9bDhPajGeuUjG/jha+5SvDcKiep0A6wi+B9DS
UUxljpo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:00 2024 by rpki-client on console-ams.rpki-client.org