Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/gvKnCGJ0tz_YPRMyEfaXGQ-bQ4M.roa
File: gvKnCGJ0tz_YPRMyEfaXGQ-bQ4M.roa (raw, json)
Hash identifier: a8L2kTIzp8DvOEfifA5i8TvWzfPQ7gnlcSXvL74vgG8=
Subject key identifier: 82:F2:A7:08:62:74:B7:3F:D8:3D:13:32:11:F6:97:19:0F:9B:43:83
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4129
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gvKnCGJ0tz_YPRMyEfaXGQ-bQ4M.roa
Signing time: Mon 15 Apr 2024 11:22:53 +0000
ROA not before: Mon 15 Apr 2024 11:22:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16681 (0x4129)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 11:22:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=82F2A7086274B73FD83D133211F697190F9B4383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5f:bd:bb:0b:62:09:cd:ef:3d:de:90:27:8d:
05:8f:11:c9:a3:15:ab:4a:3b:41:de:c5:1c:ad:83:
66:75:cb:75:2e:67:a8:82:3a:9a:75:a1:24:c1:b8:
6f:79:a2:3d:8c:78:45:7f:c0:1d:ba:6b:92:9e:e8:
f5:0b:d4:e1:be:1b:a5:d4:8e:99:24:09:99:11:a2:
7f:38:1d:65:6d:3e:75:72:46:19:74:d6:5e:d8:f6:
70:67:73:33:69:7e:19:1d:ee:47:65:c9:79:6e:e5:
8f:15:dc:52:9c:5d:06:98:d0:d5:bd:d1:3f:8c:a8:
04:2e:19:22:bd:33:76:9e:47:58:7b:44:06:24:b6:
63:3d:33:ca:c4:eb:4b:b8:df:40:49:54:2f:53:47:
01:49:05:b2:1a:82:93:3a:3f:aa:b3:18:98:8a:52:
5a:6a:f7:25:10:51:75:85:92:66:1f:8f:a9:f5:1f:
96:e5:0d:a4:43:32:76:84:56:0b:5e:f4:0d:05:73:
39:d4:2e:1b:41:fa:ad:7f:3c:79:fc:3c:09:c4:eb:
6a:a8:39:71:c0:c9:6c:7e:dc:f4:aa:50:56:be:a2:
8e:c6:ea:23:66:87:4f:38:e1:e7:0a:c0:36:6e:89:
ac:ae:75:7d:a1:ad:03:24:4e:0d:9b:89:bf:1c:6c:
49:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:F2:A7:08:62:74:B7:3F:D8:3D:13:32:11:F6:97:19:0F:9B:43:83
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gvKnCGJ0tz_YPRMyEfaXGQ-bQ4M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
13:7a:91:45:87:b3:33:3f:41:b5:e4:80:c6:5d:72:fa:0e:63:
8c:1d:7d:68:02:2b:3e:2f:37:8a:81:4b:1e:a4:21:a5:4d:95:
55:2b:f2:15:42:c2:10:b8:c9:f2:31:01:42:c5:63:7f:ae:2b:
82:de:fc:f0:42:e1:02:61:09:db:78:9b:54:6c:e5:a0:a0:b0:
fa:9f:7b:14:ca:c6:e8:de:d4:0e:4e:bc:d1:06:01:d0:98:90:
37:2c:5a:b1:f9:f3:4a:37:b9:18:63:1e:26:38:c6:9f:9a:43:
93:3b:fa:c5:36:c7:01:fe:a8:87:29:28:d3:62:33:10:57:25:
b6:e1:80:18:18:95:a7:b7:52:be:8c:2f:ef:46:94:31:d0:fb:
a6:c2:05:3d:59:6c:a4:c5:a2:d8:fb:e6:25:cd:f9:3b:87:00:
31:a5:9a:86:d0:60:06:6a:b2:d9:b4:77:b7:0e:05:0b:37:c3:
ff:43:e4:16:c6:d3:96:4f:a8:f7:80:ce:da:7d:75:2d:cb:e7:
67:b6:fd:d8:ff:4c:6e:fd:53:ba:26:cf:3b:d8:fa:d8:12:21:
12:60:e5:be:01:32:91:7a:85:b5:84:9b:5c:04:43:db:8f:0b:
42:9a:a3:61:6e:43:bf:ca:8d:de:17:f2:b6:01:b1:3f:b9:f0:
81:26:da:46
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQSkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUx
MTIyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgyRjJBNzA4NjI3NEI3
M0ZEODNEMTMzMjExRjY5NzE5MEY5QjQzODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGX727C2IJze893pAnjQWPEcmjFatKO0HexRytg2Z1y3UuZ6iC
Opp1oSTBuG95oj2MeEV/wB26a5Ke6PUL1OG+G6XUjpkkCZkRon84HWVtPnVyRhl0
1l7Y9nBnczNpfhkd7kdlyXlu5Y8V3FKcXQaY0NW90T+MqAQuGSK9M3aeR1h7RAYk
tmM9M8rE60u430BJVC9TRwFJBbIagpM6P6qzGJiKUlpq9yUQUXWFkmYfj6n1H5bl
DaRDMnaEVgte9A0FcznULhtB+q1/PHn8PAnE62qoOXHAyWx+3PSqUFa+oo7G6iNm
h0844ecKwDZuiayudX2hrQMkTg2bib8cbEnBAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUgvKnCGJ0tz/YPRMyEfaXGQ+bQ4MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2d2S25DR0owdHpfWVBS
TXlFZmFYR1EtYlE0TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABN6kUWHszM/QbXk
gMZdcvoOY4wdfWgCKz4vN4qBSx6kIaVNlVUr8hVCwhC4yfIxAULFY3+uK4Le/PBC
4QJhCdt4m1Rs5aCgsPqfexTKxuje1A5OvNEGAdCYkDcsWrH580o3uRhjHiY4xp+a
Q5M7+sU2xwH+qIcpKNNiMxBXJbbhgBgYlae3Ur6ML+9GlDHQ+6bCBT1ZbKTFotj7
5iXN+TuHADGlmobQYAZqstm0d7cOBQs3w/9D5BbG05ZPqPeAztp9dS3L52e2/dj/
TG79U7omzzvY+tgSIRJg5b4BMpF6hbWEm1wEQ9uPC0Kao2FuQ7/Kjd4X8rYBsT+5
8IEm2kY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:40 2024 by rpki-client on console-fra.rpki-client.org