Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ggELOtm-YJx7Ijlx5Ll0VPJw0Ig.roa
File: ggELOtm-YJx7Ijlx5Ll0VPJw0Ig.roa (raw, json)
Hash identifier: qXCZmPSEbD6Ido2rGH0fbr96y1tFRscFz2cF8rmGRVA=
Subject key identifier: 82:01:0B:3A:D9:BE:60:9C:7B:22:39:71:E4:B9:74:54:F2:70:D0:88
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3565
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ggELOtm-YJx7Ijlx5Ll0VPJw0Ig.roa
Signing time: Sat 30 Mar 2024 18:52:07 +0000
ROA not before: Sat 30 Mar 2024 18:52:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13669 (0x3565)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 18:52:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=82010B3AD9BE609C7B223971E4B97454F270D088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d1:8e:fc:c8:ca:96:b7:94:c0:24:52:2b:35:
ef:d4:09:ce:5e:75:49:51:fc:84:4a:91:50:c1:ff:
2d:f1:cb:eb:42:55:7d:54:f3:67:0e:c4:78:af:c5:
6a:b0:42:56:b5:1e:00:32:c7:d1:7e:c0:c2:66:2a:
8f:6e:9a:4f:00:2c:e5:27:06:dd:71:bf:58:65:8b:
77:63:87:31:53:0f:63:a5:b5:cc:7f:00:72:48:b7:
73:4a:83:1b:8c:bf:07:bb:b8:ca:94:0b:07:63:39:
4d:1a:ed:91:7c:b3:69:9b:1e:bb:a6:9e:f6:1e:36:
70:24:1d:89:33:33:f5:42:16:83:05:0e:ba:db:b7:
94:d5:0c:28:b3:4c:06:6a:1c:8b:26:ce:85:d6:26:
ad:e7:7d:4a:e4:bc:6e:9a:5e:00:ea:f7:a6:46:e1:
6a:3c:c8:e1:da:2d:82:06:b3:35:32:7a:1f:47:ea:
a9:8b:95:af:a1:f1:da:36:41:40:b9:ac:61:cc:26:
b6:e1:55:46:f2:d7:b1:cf:8b:ab:e0:96:da:66:b9:
c8:4d:91:5f:d1:a3:87:dd:88:00:f0:8e:fb:96:20:
f9:9e:54:d7:82:b9:57:94:f9:79:15:29:ed:27:ab:
aa:cd:f6:31:5b:50:d9:51:85:9b:af:2a:35:ec:65:
3a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:01:0B:3A:D9:BE:60:9C:7B:22:39:71:E4:B9:74:54:F2:70:D0:88
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ggELOtm-YJx7Ijlx5Ll0VPJw0Ig.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3e:f3:c9:43:83:d8:f9:67:25:ef:e1:89:a7:d0:e8:28:87:07:
76:81:e4:15:13:78:0b:95:da:c3:ae:87:40:52:4f:90:d8:3a:
f1:ee:e2:52:14:4d:24:bc:08:a8:d9:6f:8a:48:0a:79:53:da:
30:b9:b9:bc:bc:f3:33:dd:ec:4d:1e:c5:d7:ff:d3:59:5a:18:
04:75:c3:cb:54:18:07:cb:75:6c:8d:31:e1:f6:91:4d:72:5f:
f2:8f:1e:08:65:46:cc:60:97:c5:2e:5b:e8:4f:1d:07:c3:94:
0f:f1:ac:a8:66:39:22:6e:30:c0:6c:11:55:45:ea:d7:09:69:
23:c9:1a:ba:72:4f:68:a4:93:9f:83:f7:85:f5:ff:60:c1:46:
d8:e7:b9:e8:b6:16:d8:85:e3:14:96:7c:e6:6c:02:e9:4d:ef:
d4:9f:95:c5:42:7d:e1:3f:91:db:49:45:78:1e:b7:d9:75:1e:
28:4a:12:53:d2:69:35:ef:aa:cd:61:fd:28:a3:28:2c:b6:cf:
ea:8f:7a:b2:9c:ee:35:c4:5d:f7:3a:7d:b4:95:f4:15:65:64:
5f:44:d1:76:6f:6c:2c:c8:e8:2b:3b:c2:69:d5:4f:95:f1:12:
f1:5f:a3:5a:ce:6d:2c:27:45:2d:44:96:15:d0:ce:25:da:e5:
5e:2e:75:52
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNWUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
ODUyMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgyMDEwQjNBRDlCRTYw
OUM3QjIyMzk3MUU0Qjk3NDU0RjI3MEQwODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC70Y78yMqWt5TAJFIrNe/UCc5edUlR/IRKkVDB/y3xy+tCVX1U
82cOxHivxWqwQla1HgAyx9F+wMJmKo9umk8ALOUnBt1xv1hli3djhzFTD2Oltcx/
AHJIt3NKgxuMvwe7uMqUCwdjOU0a7ZF8s2mbHrumnvYeNnAkHYkzM/VCFoMFDrrb
t5TVDCizTAZqHIsmzoXWJq3nfUrkvG6aXgDq96ZG4Wo8yOHaLYIGszUyeh9H6qmL
la+h8do2QUC5rGHMJrbhVUby17HPi6vgltpmuchNkV/Ro4fdiADwjvuWIPmeVNeC
uVeU+XkVKe0nq6rN9jFbUNlRhZuvKjXsZTprAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUggELOtm+YJx7Ijlx5Ll0VPJw0IgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2dnRUxPdG0tWUp4N0lq
bHg1TGwwVlBKdzBJZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAD7zyUOD2PlnJe/h
iafQ6CiHB3aB5BUTeAuV2sOuh0BST5DYOvHu4lIUTSS8CKjZb4pICnlT2jC5uby8
8zPd7E0exdf/01laGAR1w8tUGAfLdWyNMeH2kU1yX/KPHghlRsxgl8UuW+hPHQfD
lA/xrKhmOSJuMMBsEVVF6tcJaSPJGrpyT2ikk5+D94X1/2DBRtjnuei2FtiF4xSW
fOZsAulN79SflcVCfeE/kdtJRXget9l1HihKElPSaTXvqs1h/SijKCy2z+qPerKc
7jXEXfc6fbSV9BVlZF9E0XZvbCzI6Cs7wmnVT5XxEvFfo1rObSwnRS1ElhXQziXa
5V4udVI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:39 2024 by rpki-client on console-fra.rpki-client.org