Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/FKjXnxmsXn9GF-8S1YUGI09eWLE.roa
File: FKjXnxmsXn9GF-8S1YUGI09eWLE.roa (raw, json)
Hash identifier: hELzNZLVFkLp4EXHtpucUhTqU5ZZ7K465TVV8IZiM+k=
Subject key identifier: 14:A8:D7:9F:19:AC:5E:7F:46:17:EF:12:D5:85:06:23:4F:5E:58:B1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40A5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FKjXnxmsXn9GF-8S1YUGI09eWLE.roa
Signing time: Sun 14 Apr 2024 18:52:52 +0000
ROA not before: Sun 14 Apr 2024 18:52:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16549 (0x40a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 18:52:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=14A8D79F19AC5E7F4617EF12D58506234F5E58B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d6:95:66:84:8f:ac:15:36:59:e4:20:f9:6c:
84:59:3b:60:42:80:7b:f1:77:43:d8:ce:70:e1:78:
f0:58:51:12:87:b2:d9:3c:49:9d:b0:fd:86:d2:62:
f8:4c:a5:ba:ea:9a:0d:c6:44:37:7c:fb:d4:06:66:
6a:d1:45:b6:13:d9:c9:95:5f:df:24:e1:63:4c:21:
64:ad:b0:b1:fd:fe:31:e0:3d:3e:3d:69:bd:56:56:
2b:74:ec:ce:20:ae:05:d0:aa:17:b4:11:bd:0a:f1:
9c:a9:32:00:74:84:a7:da:f5:a4:6e:91:a7:dd:54:
72:0a:1d:37:97:79:8f:cb:c5:1c:f2:f1:d6:28:28:
3b:98:b1:ab:aa:1f:e3:08:be:e1:cb:9e:19:95:f9:
c5:90:02:e7:97:c1:fd:42:43:17:68:0a:de:a8:96:
13:ff:8e:52:ec:38:8a:36:c4:c6:6e:43:a4:a4:0c:
11:56:f1:fe:6a:66:01:84:f0:02:e8:26:16:ba:f0:
02:25:01:d4:a7:68:13:56:24:17:db:00:21:a3:b0:
a7:00:41:d7:7f:68:49:c4:a7:cb:15:cd:46:2b:98:
28:42:1d:86:cf:6b:97:64:ca:a7:16:ba:ec:83:a9:
b5:28:35:f1:81:e1:f9:8a:87:ae:59:df:ef:a7:b1:
1f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A8:D7:9F:19:AC:5E:7F:46:17:EF:12:D5:85:06:23:4F:5E:58:B1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FKjXnxmsXn9GF-8S1YUGI09eWLE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4f:f2:54:ad:57:79:93:5c:1e:68:ce:2a:12:99:30:26:d4:66:
54:f6:0d:a4:4b:89:80:95:6f:c5:64:bf:c8:8a:dc:bb:21:9d:
84:f1:de:6a:fc:08:6b:0a:28:55:5d:5a:90:54:ed:cc:e1:70:
fc:90:c9:32:64:53:e3:9b:62:42:b2:be:0b:48:aa:96:12:79:
47:73:48:6f:30:5d:be:83:e0:43:8b:e7:62:78:5d:09:31:10:
4d:09:40:c5:d9:48:a5:de:25:e2:a6:53:43:4f:52:b2:03:c2:
0d:b0:2c:36:81:f6:5d:87:99:38:7a:bf:98:28:0b:f2:bd:5a:
4d:8f:93:ab:eb:18:d7:f0:8e:d2:10:69:01:0b:17:1e:14:3e:
c1:ad:b8:ef:d2:2f:12:90:81:e9:e8:cf:84:02:04:0d:b9:eb:
02:78:b4:fb:5f:23:fb:8d:f2:1f:7c:e4:8b:da:51:ea:a1:4f:
f0:b1:b6:ba:cd:ca:04:8a:6c:76:78:92:56:0e:ab:80:50:ef:
de:77:0b:0f:66:22:0e:01:e9:c0:36:d1:92:5f:5e:e8:ec:17:
63:99:5a:b7:85:f5:cf:0e:75:36:f3:8a:e8:5a:d8:7e:f0:4d:
74:55:0f:36:bc:4a:2d:52:3a:f6:d4:0c:e4:d5:11:be:96:f7:
61:ec:81:ec
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
ODUyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE0QThENzlGMTlBQzVF
N0Y0NjE3RUYxMkQ1ODUwNjIzNEY1RTU4QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDh1pVmhI+sFTZZ5CD5bIRZO2BCgHvxd0PYznDhePBYURKHstk8
SZ2w/YbSYvhMpbrqmg3GRDd8+9QGZmrRRbYT2cmVX98k4WNMIWStsLH9/jHgPT49
ab1WVit07M4grgXQqhe0Eb0K8ZypMgB0hKfa9aRukafdVHIKHTeXeY/LxRzy8dYo
KDuYsauqH+MIvuHLnhmV+cWQAueXwf1CQxdoCt6olhP/jlLsOIo2xMZuQ6SkDBFW
8f5qZgGE8ALoJha68AIlAdSnaBNWJBfbACGjsKcAQdd/aEnEp8sVzUYrmChCHYbP
a5dkyqcWuuyDqbUoNfGB4fmKh65Z3++nsR9DAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUFKjXnxmsXn9GF+8S1YUGI09eWLEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ZLalhueG1zWG45R0Yt
OFMxWVVHSTA5ZVdMRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAE/yVK1XeZNcHmjO
KhKZMCbUZlT2DaRLiYCVb8Vkv8iK3LshnYTx3mr8CGsKKFVdWpBU7czhcPyQyTJk
U+ObYkKyvgtIqpYSeUdzSG8wXb6D4EOL52J4XQkxEE0JQMXZSKXeJeKmU0NPUrID
wg2wLDaB9l2HmTh6v5goC/K9Wk2Pk6vrGNfwjtIQaQELFx4UPsGtuO/SLxKQgeno
z4QCBA256wJ4tPtfI/uN8h985IvaUeqhT/CxtrrNygSKbHZ4klYOq4BQ7953Cw9m
Ig4B6cA20ZJfXujsF2OZWreF9c8OdTbziuha2H7wTXRVDza8Si1SOvbUDOTVEb6W
92Hsgew=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:15 2024 by rpki-client on console-fra.rpki-client.org