Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/idGlyGv1D8WNuvAOwrnmDgsMaRk.roa
File: idGlyGv1D8WNuvAOwrnmDgsMaRk.roa (raw, json)
Hash identifier: HfOtR8UG73ZgqxRZZ+ZC90TtWTTSWqzEZ+fvJE5q9i0=
Subject key identifier: 89:D1:A5:C8:6B:F5:0F:C5:8D:BA:F0:0E:C2:B9:E6:0E:0B:0C:69:19
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4511
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/idGlyGv1D8WNuvAOwrnmDgsMaRk.roa
Signing time: Sat 20 Apr 2024 16:23:05 +0000
ROA not before: Sat 20 Apr 2024 16:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17681 (0x4511)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 16:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=89D1A5C86BF50FC58DBAF00EC2B9E60E0B0C6919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:04:ee:c2:10:93:b6:eb:3f:9b:92:44:e5:8b:
67:b7:0b:c7:60:59:20:0b:40:fe:d5:8f:3e:5c:9b:
db:86:27:ec:8d:20:ad:6c:82:37:3f:c3:9d:75:a9:
21:09:e4:b8:1b:63:ac:f2:c9:7d:f8:ab:b4:29:40:
33:1c:cc:ee:a3:2f:ac:e3:aa:56:6e:5c:0e:ec:0a:
87:95:4c:12:fc:a7:85:f2:e5:b5:7b:72:f3:54:72:
83:48:48:d6:c6:f9:fe:30:a5:0d:d0:9e:41:30:d7:
ea:fb:61:2e:f5:20:59:c5:ff:a8:7a:9d:cf:b0:36:
30:3a:d3:98:e0:af:9c:73:f3:35:4e:e8:ba:b9:37:
15:b5:6c:c1:21:cd:29:7f:e2:b4:70:68:ec:fc:41:
dd:ae:e1:e7:01:7d:7a:8c:09:48:55:6c:18:50:0d:
93:8b:24:e0:2f:a8:03:cc:6c:61:ae:09:f1:1e:b2:
78:7a:0e:bf:53:e6:8b:87:f0:32:2f:13:03:64:84:
cb:15:e4:ab:c2:45:26:ec:64:fd:fb:e7:2a:11:e4:
83:58:39:25:90:fc:b5:59:9b:73:4a:1e:b8:84:ee:
fa:d8:e8:82:2c:ff:3b:39:00:86:fe:64:e7:cb:fb:
c3:9b:98:4b:07:6f:e6:d6:15:f4:4d:d9:f1:24:2f:
da:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D1:A5:C8:6B:F5:0F:C5:8D:BA:F0:0E:C2:B9:E6:0E:0B:0C:69:19
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/idGlyGv1D8WNuvAOwrnmDgsMaRk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
ac:6c:03:65:76:c7:cc:4f:c4:9e:d4:8f:9a:f7:0e:16:ed:f8:
b7:55:61:fa:7e:ee:2c:4b:ff:62:0b:35:35:ae:b3:d0:aa:75:
d9:27:ce:3d:55:8e:c9:ac:f8:54:64:64:39:d0:cd:ed:60:83:
16:26:91:d0:70:f2:6d:29:12:16:2c:c7:62:25:36:bb:0b:11:
a1:ea:4b:70:d8:0e:0a:ad:b5:08:6d:6e:be:0e:1c:87:e6:3f:
02:e4:35:40:cb:fc:81:72:3e:bd:71:8f:1d:b5:bf:35:0a:1e:
67:69:f0:92:c6:9d:51:4a:37:ec:dc:d4:99:23:e1:5a:48:ee:
68:b3:b5:de:86:b0:9f:72:d8:c1:d6:63:11:bb:b6:60:e9:7f:
ed:d4:23:da:3c:d6:cf:eb:34:3c:d5:3c:1f:95:80:11:1b:e5:
56:fc:07:d8:a8:d4:9b:14:bc:98:a9:8f:b3:49:a0:27:32:c6:
c4:23:cc:0c:4f:c1:f9:39:6f:4f:ce:ca:90:77:df:ec:cc:50:
45:13:44:95:cc:d4:93:03:7e:7c:2c:ad:fe:30:0f:ba:6e:85:
fc:92:21:76:d5:89:06:ce:aa:f6:82:14:13:95:9b:8e:59:8d:
b6:2f:c5:a7:63:1f:27:91:5b:47:ce:8a:85:cd:95:e8:1b:ad:
cb:b8:93:07
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRREwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
NjIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg5RDFBNUM4NkJGNTBG
QzU4REJBRjAwRUMyQjlFNjBFMEIwQzY5MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZBO7CEJO26z+bkkTli2e3C8dgWSALQP7Vjz5cm9uGJ+yNIK1s
gjc/w511qSEJ5LgbY6zyyX34q7QpQDMczO6jL6zjqlZuXA7sCoeVTBL8p4Xy5bV7
cvNUcoNISNbG+f4wpQ3QnkEw1+r7YS71IFnF/6h6nc+wNjA605jgr5xz8zVO6Lq5
NxW1bMEhzSl/4rRwaOz8Qd2u4ecBfXqMCUhVbBhQDZOLJOAvqAPMbGGuCfEesnh6
Dr9T5ouH8DIvEwNkhMsV5KvCRSbsZP375yoR5INYOSWQ/LVZm3NKHriE7vrY6IIs
/zs5AIb+ZOfL+8ObmEsHb+bWFfRN2fEkL9olAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUidGlyGv1D8WNuvAOwrnmDgsMaRkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lkR2x5R3YxRDhXTnV2
QU93cm5tRGdzTWFSay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKxsA2V2x8xPxJ7U
j5r3Dhbt+LdVYfp+7ixL/2ILNTWus9Cqddknzj1Vjsms+FRkZDnQze1ggxYmkdBw
8m0pEhYsx2IlNrsLEaHqS3DYDgqttQhtbr4OHIfmPwLkNUDL/IFyPr1xjx21vzUK
Hmdp8JLGnVFKN+zc1Jkj4VpI7miztd6GsJ9y2MHWYxG7tmDpf+3UI9o81s/rNDzV
PB+VgBEb5Vb8B9io1JsUvJipj7NJoCcyxsQjzAxPwfk5b0/OypB33+zMUEUTRJXM
1JMDfnwsrf4wD7puhfySIXbViQbOqvaCFBOVm45ZjbYvxadjHyeRW0fOioXNlegb
rcu4kwc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:41 2024 by rpki-client on console-fra.rpki-client.org