Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mgOKZTJJ-zzqQJzFn8Cto0e_AKo.roa
File: mgOKZTJJ-zzqQJzFn8Cto0e_AKo.roa (raw, json)
Hash identifier: ScjWE1l9L2CEV449IgZdIwhfRu9VFFFNkvx84sVkJVg=
Subject key identifier: 9A:03:8A:65:32:49:FB:3C:EA:40:9C:C5:9F:C0:AD:A3:47:BF:00:AA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4321
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mgOKZTJJ-zzqQJzFn8Cto0e_AKo.roa
Signing time: Thu 18 Apr 2024 02:22:58 +0000
ROA not before: Thu 18 Apr 2024 02:22:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17185 (0x4321)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 02:22:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9A038A653249FB3CEA409CC59FC0ADA347BF00AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:a7:33:1e:f9:6f:93:22:a6:e6:c1:9e:8b:18:
21:68:85:68:20:0f:9e:d5:80:7d:58:37:cf:e0:e4:
e8:39:8c:cb:7a:ed:0e:d2:9f:45:54:84:96:99:4f:
31:9d:22:37:69:35:b2:15:be:41:d2:d7:67:3a:47:
72:3e:06:5f:0e:f4:2d:1c:dc:ca:77:e9:1c:72:23:
23:ec:77:78:61:3f:63:bd:65:b7:4b:0e:27:77:2c:
de:8b:d3:45:b7:1e:63:1a:5e:6a:52:4a:07:b0:bd:
f7:bf:3b:22:49:84:5c:de:80:41:6e:25:22:07:d8:
49:6b:f2:0d:c7:24:6c:86:19:1d:18:de:a2:c5:12:
ad:90:55:61:91:af:19:f2:95:dd:13:97:5c:3e:ca:
2e:ca:85:83:e7:33:a4:3f:d3:89:e4:49:61:f1:8a:
76:8f:bc:a0:35:0d:d3:70:83:6b:21:5c:f5:29:d1:
30:4c:64:db:03:de:cd:92:d5:4d:b9:14:11:47:a6:
6c:be:d5:ea:80:9d:ac:e6:2b:7e:b3:18:55:63:8e:
70:88:b8:03:6f:2b:81:7d:ab:44:1f:f3:09:0f:6a:
f1:82:0a:15:05:35:29:2e:7f:5a:ed:8a:a5:7c:44:
f6:fd:69:c4:87:10:7a:99:19:53:37:1b:a1:3b:42:
7d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:03:8A:65:32:49:FB:3C:EA:40:9C:C5:9F:C0:AD:A3:47:BF:00:AA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mgOKZTJJ-zzqQJzFn8Cto0e_AKo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4b:1f:7a:a0:db:0a:8f:fc:24:a4:70:b9:e2:3d:b5:68:0a:ea:
e0:80:1b:59:c2:11:b2:b3:4f:97:ea:a5:cb:41:37:2a:20:e0:
8d:05:3d:dc:ac:12:3d:cf:e1:49:d7:d0:1e:c5:69:7a:c5:b3:
60:4a:8f:1c:72:79:30:4a:62:e5:37:9c:cf:c7:94:28:b5:c7:
a8:f8:00:75:ea:78:02:c2:db:76:ab:53:32:11:ec:2c:75:cd:
5a:71:54:7f:ae:a2:d5:6c:c7:8d:0a:c4:fc:04:11:6a:c1:70:
19:91:85:db:33:8f:06:37:6e:24:b3:96:db:67:e8:81:3a:6d:
ae:22:8d:94:52:22:53:6f:bf:7a:1f:8c:08:f8:23:46:c7:39:
80:3d:3c:40:78:11:a8:85:57:50:28:e9:ea:18:1b:85:b2:b9:
4a:4a:48:4c:ca:44:ba:41:64:3e:d8:a5:db:67:49:84:f8:75:
bf:fc:9e:ca:6a:16:13:15:e1:8f:8e:1a:97:99:a7:3e:bc:aa:
9a:85:78:d4:1a:a3:87:8b:c4:77:5f:95:b5:dc:a8:d4:0a:33:
c9:21:c8:0e:aa:be:1c:5f:b4:42:bf:2b:65:eb:3d:30:35:2a:
7e:53:35:eb:2c:85:a4:27:11:6f:5c:40:bb:0f:6f:68:9a:f6:
b5:bb:82:58
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQyEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgw
MjIyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlBMDM4QTY1MzI0OUZC
M0NFQTQwOUNDNTlGQzBBREEzNDdCRjAwQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD2pzMe+W+TIqbmwZ6LGCFohWggD57VgH1YN8/g5Og5jMt67Q7S
n0VUhJaZTzGdIjdpNbIVvkHS12c6R3I+Bl8O9C0c3Mp36RxyIyPsd3hhP2O9ZbdL
Did3LN6L00W3HmMaXmpSSgewvfe/OyJJhFzegEFuJSIH2Elr8g3HJGyGGR0Y3qLF
Eq2QVWGRrxnyld0Tl1w+yi7KhYPnM6Q/04nkSWHxinaPvKA1DdNwg2shXPUp0TBM
ZNsD3s2S1U25FBFHpmy+1eqAnazmK36zGFVjjnCIuANvK4F9q0Qf8wkPavGCChUF
NSkuf1rtiqV8RPb9acSHEHqZGVM3G6E7Qn0fAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUmgOKZTJJ+zzqQJzFn8Cto0e/AKowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21nT0taVEpKLXp6cVFK
ekZuOEN0bzBlX0FLby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEsfeqDbCo/8JKRw
ueI9tWgK6uCAG1nCEbKzT5fqpctBNyog4I0FPdysEj3P4UnX0B7FaXrFs2BKjxxy
eTBKYuU3nM/HlCi1x6j4AHXqeALC23arUzIR7Cx1zVpxVH+uotVsx40KxPwEEWrB
cBmRhdszjwY3biSzlttn6IE6ba4ijZRSIlNvv3ofjAj4I0bHOYA9PEB4EaiFV1Ao
6eoYG4WyuUpKSEzKRLpBZD7YpdtnSYT4db/8nspqFhMV4Y+OGpeZpz68qpqFeNQa
o4eLxHdflbXcqNQKM8khyA6qvhxftEK/K2XrPTA1Kn5TNesshaQnEW9cQLsPb2ia
9rW7glg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:45 2024 by rpki-client on console-fra.rpki-client.org