Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/glH1QjGdaQCkitosktYZeVywbA4.roa
File: glH1QjGdaQCkitosktYZeVywbA4.roa (raw, json)
Hash identifier: YAjj86P/sBqIsYv6sRg0NdlfrlXRgmFo2dnWc73cW3A=
Subject key identifier: 82:51:F5:42:31:9D:69:00:A4:8A:DA:2C:92:D6:19:79:5C:B0:6C:0E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 362D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/glH1QjGdaQCkitosktYZeVywbA4.roa
Signing time: Sun 31 Mar 2024 19:52:09 +0000
ROA not before: Sun 31 Mar 2024 19:52:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13869 (0x362d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 19:52:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8251F542319D6900A48ADA2C92D619795CB06C0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:39:7d:cc:29:83:13:5d:ba:ba:cb:46:50:f7:
d3:3f:32:b8:09:89:19:20:c5:66:9c:e1:22:45:39:
33:26:49:48:e5:c2:11:45:e0:c2:39:11:0c:c9:c3:
1e:6b:a8:e6:06:9d:ed:d5:08:1d:6c:33:1e:76:16:
c7:5f:b3:d9:ca:b5:1e:b4:a0:f0:e3:86:f0:0c:81:
e3:c4:81:ae:1f:80:30:3b:b7:5d:64:55:1c:82:15:
07:ba:8e:7e:ac:16:eb:94:df:b9:27:59:e3:30:11:
ea:fb:ad:b1:f3:11:ac:5e:7b:a5:79:8e:0a:03:03:
99:b4:64:c0:e4:63:c2:8a:d4:80:6b:93:9b:73:14:
a5:10:aa:bb:f2:9b:5a:ae:95:66:78:08:0d:4a:a3:
88:67:0a:7d:b8:60:b7:0b:6f:41:fb:98:87:6d:da:
56:25:15:c5:4a:ce:78:22:71:79:c2:a0:11:22:e7:
1f:d1:64:91:99:04:74:ba:5d:c3:7e:02:91:77:e1:
77:c2:0c:13:23:00:d7:87:e9:87:20:98:23:43:cd:
2c:f7:2e:46:f7:26:49:3e:0d:45:15:75:3e:ee:5b:
5f:e9:c9:45:2f:20:72:33:24:e8:c6:a8:7b:d0:08:
ff:fc:39:ea:28:ed:19:dc:0d:c0:1b:72:8b:5f:24:
a4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:51:F5:42:31:9D:69:00:A4:8A:DA:2C:92:D6:19:79:5C:B0:6C:0E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/glH1QjGdaQCkitosktYZeVywbA4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6b:b5:e1:bd:6a:06:42:5c:0d:32:39:c1:28:79:eb:f0:e0:cb:
0c:6d:7d:f5:ce:16:73:70:b5:9c:e2:81:ac:54:19:dd:a7:95:
3a:29:f2:ff:70:60:0d:46:a9:50:6f:2e:73:bd:5f:e6:08:59:
80:2f:07:70:8a:cd:31:63:6f:e3:14:46:66:30:19:37:13:6e:
05:45:cc:9d:1e:c6:39:02:36:6b:93:d1:41:88:d8:4c:db:75:
f7:b2:01:f4:5c:e7:c5:09:0d:5d:b5:7b:7f:bf:c6:3b:50:ee:
0e:cd:19:e3:85:1e:33:6a:9d:ab:85:62:27:34:5c:f0:7f:b9:
78:93:1d:f9:06:21:68:fe:0b:47:ca:69:f5:02:52:90:5f:65:
5a:fe:63:3b:dd:69:8b:f8:88:e7:27:b9:ce:f4:73:cc:d1:aa:
4d:80:80:42:b6:66:1f:63:ae:ec:f3:cf:f4:3a:5b:42:74:f1:
97:67:f4:d3:6e:97:92:a3:8e:6a:08:1a:c8:7e:0f:6e:77:ec:
02:63:da:e6:da:0d:6b:f7:4d:ec:c3:28:c8:a0:59:63:44:a5:
98:92:b0:e6:8d:60:e4:90:85:b7:5f:ae:30:44:92:92:f3:47:
c3:b4:c1:5a:41:b6:1e:ca:09:a1:db:4c:08:b5:cb:0a:44:da:
f5:e1:53:82
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNi0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
OTUyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgyNTFGNTQyMzE5RDY5
MDBBNDhBREEyQzkyRDYxOTc5NUNCMDZDMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLOX3MKYMTXbq6y0ZQ99M/MrgJiRkgxWac4SJFOTMmSUjlwhFF
4MI5EQzJwx5rqOYGne3VCB1sMx52Fsdfs9nKtR60oPDjhvAMgePEga4fgDA7t11k
VRyCFQe6jn6sFuuU37knWeMwEer7rbHzEaxee6V5jgoDA5m0ZMDkY8KK1IBrk5tz
FKUQqrvym1qulWZ4CA1Ko4hnCn24YLcLb0H7mIdt2lYlFcVKzngicXnCoBEi5x/R
ZJGZBHS6XcN+ApF34XfCDBMjANeH6YcgmCNDzSz3Lkb3Jkk+DUUVdT7uW1/pyUUv
IHIzJOjGqHvQCP/8Oeoo7RncDcAbcotfJKSTAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUglH1QjGdaQCkitosktYZeVywbA4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2dsSDFRakdkYVFDa2l0
b3NrdFlaZVZ5d2JBNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGu14b1qBkJcDTI5
wSh56/DgywxtffXOFnNwtZzigaxUGd2nlTop8v9wYA1GqVBvLnO9X+YIWYAvB3CK
zTFjb+MURmYwGTcTbgVFzJ0exjkCNmuT0UGI2EzbdfeyAfRc58UJDV21e3+/xjtQ
7g7NGeOFHjNqnauFYic0XPB/uXiTHfkGIWj+C0fKafUCUpBfZVr+YzvdaYv4iOcn
uc70c8zRqk2AgEK2Zh9jruzzz/Q6W0J08Zdn9NNul5KjjmoIGsh+D2537AJj2uba
DWv3TezDKMigWWNEpZiSsOaNYOSQhbdfrjBEkpLzR8O0wVpBth7KCaHbTAi1ywpE
2vXhU4I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:40 2024 by rpki-client on console-fra.rpki-client.org