Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/og3mCKP91T_GrtV4BF4MiFASAiE.roa
File: og3mCKP91T_GrtV4BF4MiFASAiE.roa (raw, json)
Hash identifier: 9WcmykODfXu2agk47uqoHbDUcsyLbbsfQ5+mgyEGMWE=
Subject key identifier: A2:0D:E6:08:A3:FD:D5:3F:C6:AE:D5:78:04:5E:0C:88:50:12:02:21
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5525
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/og3mCKP91T_GrtV4BF4MiFASAiE.roa
Signing time: Sun 12 May 2024 02:54:09 +0000
ROA not before: Sun 12 May 2024 02:54:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21797 (0x5525)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 02:54:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A20DE608A3FDD53FC6AED578045E0C8850120221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:59:27:8b:ff:06:6d:44:a8:17:f0:5e:aa:b2:
c6:aa:ec:95:35:7f:01:2f:86:82:fb:1e:8d:5f:75:
11:3c:a1:be:b8:75:fd:e7:e1:3c:4f:f0:1d:5f:1f:
8e:25:43:46:98:ee:a7:ed:fe:16:b4:14:b1:99:db:
8b:12:3a:7f:37:72:34:85:c2:22:04:47:44:25:79:
eb:62:ca:6d:ac:91:f0:4b:86:d8:5e:a3:05:74:b5:
d0:61:6a:78:5f:c0:53:70:dd:00:48:d0:4b:89:32:
a6:47:4e:2c:2b:aa:e7:bf:ef:aa:fe:66:15:ef:b9:
44:67:2d:b9:fb:c6:50:0a:a3:c5:b1:f1:17:7a:e3:
b5:7c:51:60:af:cc:63:62:79:11:82:2c:00:03:3d:
c9:3f:ab:97:97:f1:e9:b2:b9:08:19:d0:c7:1e:4a:
11:20:9c:21:2f:eb:84:81:5f:b9:df:16:bf:f6:17:
ec:d5:76:8b:07:36:f7:50:c2:12:ed:60:fa:ab:15:
70:40:c9:46:0b:b0:4f:fa:a0:70:37:6c:0a:06:54:
a0:ef:6f:b8:63:5e:28:e5:14:ad:51:63:61:7c:68:
80:cd:ae:b0:dc:12:13:11:73:38:49:66:70:6f:44:
1d:30:79:27:02:76:0a:a6:fc:36:6f:af:ee:34:a0:
7f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:0D:E6:08:A3:FD:D5:3F:C6:AE:D5:78:04:5E:0C:88:50:12:02:21
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/og3mCKP91T_GrtV4BF4MiFASAiE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
52:7b:8d:06:83:cd:3b:87:d6:f8:12:6d:09:c6:03:ae:d2:d1:
86:f2:cf:ae:bb:7d:88:e6:13:8a:14:f9:18:ae:f0:18:6c:43:
38:ee:4a:c8:b7:3e:81:f2:22:c7:86:1b:f3:b8:a6:38:d1:14:
8b:58:76:c9:04:e3:c9:91:09:59:f4:72:ff:8f:06:aa:a9:eb:
07:d0:fd:a6:6f:36:f5:9e:bc:68:54:ee:c6:24:8a:fd:6f:ae:
42:d4:8b:7f:92:f3:20:6c:46:1f:fe:4c:b1:5d:ab:bc:c2:95:
2a:9f:ea:5b:a2:6a:d2:1a:2c:6c:9f:66:cd:78:f5:ae:72:60:
42:f8:be:f6:14:1d:41:e5:f4:1e:37:d4:d9:64:ac:24:b0:73:
f3:17:a2:52:fe:46:ab:a8:0d:90:82:5c:e4:d3:c3:6a:b5:af:
5c:ca:6c:79:22:f8:93:f1:c9:5e:35:49:c4:fe:41:40:65:7d:
51:ce:56:06:3e:be:6b:85:bf:41:4e:55:3b:c7:9a:be:00:09:
e9:2b:c9:41:85:12:d4:76:e0:b7:a7:47:73:3a:76:f9:cf:75:
3a:04:73:73:08:83:9e:0a:bb:23:63:76:58:41:18:15:0c:fb:
33:2b:4f:39:d8:7a:1b:31:33:06:65:46:61:27:ab:a7:1c:ad:
55:e1:e3:42
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVSUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIw
MjU0MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEyMERFNjA4QTNGREQ1
M0ZDNkFFRDU3ODA0NUUwQzg4NTAxMjAyMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiWSeL/wZtRKgX8F6qssaq7JU1fwEvhoL7Ho1fdRE8ob64df3n
4TxP8B1fH44lQ0aY7qft/ha0FLGZ24sSOn83cjSFwiIER0Qleetiym2skfBLhthe
owV0tdBhanhfwFNw3QBI0EuJMqZHTiwrque/76r+ZhXvuURnLbn7xlAKo8Wx8Rd6
47V8UWCvzGNieRGCLAADPck/q5eX8emyuQgZ0MceShEgnCEv64SBX7nfFr/2F+zV
dosHNvdQwhLtYPqrFXBAyUYLsE/6oHA3bAoGVKDvb7hjXijlFK1RY2F8aIDNrrDc
EhMRczhJZnBvRB0weScCdgqm/DZvr+40oH+vAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUog3mCKP91T/GrtV4BF4MiFASAiEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29nM21DS1A5MVRfR3J0
VjRCRjRNaUZBU0FpRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFJ7jQaDzTuH1vgS
bQnGA67S0Ybyz667fYjmE4oU+Riu8BhsQzjuSsi3PoHyIseGG/O4pjjRFItYdskE
48mRCVn0cv+PBqqp6wfQ/aZvNvWevGhU7sYkiv1vrkLUi3+S8yBsRh/+TLFdq7zC
lSqf6luiatIaLGyfZs149a5yYEL4vvYUHUHl9B431NlkrCSwc/MXolL+RquoDZCC
XOTTw2q1r1zKbHki+JPxyV41ScT+QUBlfVHOVgY+vmuFv0FOVTvHmr4ACekryUGF
EtR24LenR3M6dvnPdToEc3MIg54KuyNjdlhBGBUM+zMrTznYehsxMwZlRmEnq6cc
rVXh40I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:10 2024 by rpki-client on console-ams.rpki-client.org