Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KFfKITjHIuw_iOJNy7qkPfxfWUQ.roa
File: KFfKITjHIuw_iOJNy7qkPfxfWUQ.roa (raw, json)
Hash identifier: pppFVNUWYKlE0GNYGawR8nexNqiRx88uxaF/lO47AgE=
Subject key identifier: 28:57:CA:21:38:C7:22:EC:3F:88:E2:4D:CB:BA:A4:3D:FC:5F:59:44
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 38B1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KFfKITjHIuw_iOJNy7qkPfxfWUQ.roa
Signing time: Thu 04 Apr 2024 04:22:20 +0000
ROA not before: Thu 04 Apr 2024 04:22:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14513 (0x38b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 04:22:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2857CA2138C722EC3F88E24DCBBAA43DFC5F5944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f1:59:43:3a:d6:d6:91:bf:81:2f:53:14:f7:
a5:6a:e9:fe:18:1f:ec:fa:d5:ab:3b:94:e0:9d:8a:
dd:c6:af:82:52:1f:48:1d:66:58:e1:2d:33:81:1c:
dc:74:36:00:3c:29:46:56:f8:b1:27:8e:79:ba:68:
0d:14:ba:95:e2:66:10:d8:e3:f2:ba:c6:ae:32:e3:
c6:11:d4:77:ca:ac:9e:ac:84:18:28:38:e2:fe:5c:
8f:63:7e:1a:c2:e5:7d:20:bc:cc:77:b8:22:b5:a5:
5c:43:8b:f3:b8:fe:12:99:61:6e:98:62:12:bf:49:
08:f4:71:60:f4:7a:be:56:be:ea:83:23:da:29:9f:
fe:03:10:0b:a1:3f:27:50:cd:c6:7d:41:2d:27:44:
26:31:6b:3d:d3:38:02:c1:66:4d:99:92:da:e5:6e:
d9:d0:ac:a5:72:d7:9f:4f:89:a2:05:ff:c1:98:44:
44:06:6a:88:1a:aa:0d:1c:d2:21:cb:32:51:ac:23:
ee:a4:c8:fd:f0:72:4a:3b:a6:bd:73:6e:7f:27:04:
bc:91:92:d4:bc:90:b5:bd:2b:aa:a0:90:2d:a0:14:
f3:e5:de:e5:96:e7:47:71:08:4a:e2:7c:01:e8:bb:
ed:13:ef:a2:c8:47:0e:73:d6:fd:b5:8f:e1:bd:68:
26:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:57:CA:21:38:C7:22:EC:3F:88:E2:4D:CB:BA:A4:3D:FC:5F:59:44
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KFfKITjHIuw_iOJNy7qkPfxfWUQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
29:2c:02:56:5c:d6:ca:b5:3a:91:62:4e:74:5e:4b:0b:af:d7:
1c:8d:f9:88:70:5a:4e:16:83:5a:49:0a:70:42:f8:e9:2f:b8:
de:89:3e:c0:63:03:90:01:bb:d0:02:1a:29:50:b2:ff:22:4d:
8e:c9:44:87:94:f7:0a:c5:55:b6:d1:2e:68:d4:39:1e:bb:d7:
58:24:52:99:ba:ce:65:35:1d:33:3a:9f:a9:8f:2f:0a:95:f6:
75:3d:82:95:81:a0:31:93:c4:b3:91:6b:bb:8e:6f:cc:1e:c2:
9b:f0:f6:af:a6:d5:78:ea:ee:14:e6:ff:c3:73:34:f2:32:5d:
d1:d6:de:fa:83:8d:cd:2a:6a:aa:07:91:65:0c:00:39:d3:bf:
53:9e:f5:a5:83:a1:8a:09:c1:44:36:89:8d:9b:78:aa:f9:26:
aa:f0:ce:e3:37:ba:a1:57:2e:50:a5:21:db:31:70:ad:7c:ce:
22:07:e2:2f:69:a8:7b:dc:ff:a1:23:68:59:dd:d5:e2:57:99:
2c:d8:d5:f4:2d:e4:14:17:a5:5a:a8:e1:80:59:9f:ad:e3:07:
55:ac:a8:ad:94:a6:7c:5e:e4:d3:cd:7a:8b:13:17:4c:a9:1d:
ad:0f:16:80:35:3a:36:7d:72:93:00:5e:f7:8f:f3:7d:0b:43:
b0:b0:7e:3b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOLEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQw
NDIyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI4NTdDQTIxMzhDNzIy
RUMzRjg4RTI0RENCQkFBNDNERkM1RjU5NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI8VlDOtbWkb+BL1MU96Vq6f4YH+z61as7lOCdit3Gr4JSH0gd
ZljhLTOBHNx0NgA8KUZW+LEnjnm6aA0UupXiZhDY4/K6xq4y48YR1HfKrJ6shBgo
OOL+XI9jfhrC5X0gvMx3uCK1pVxDi/O4/hKZYW6YYhK/SQj0cWD0er5WvuqDI9op
n/4DEAuhPydQzcZ9QS0nRCYxaz3TOALBZk2ZktrlbtnQrKVy159PiaIF/8GYREQG
aogaqg0c0iHLMlGsI+6kyP3wcko7pr1zbn8nBLyRktS8kLW9K6qgkC2gFPPl3uWW
50dxCErifAHou+0T76LIRw5z1v21j+G9aCb5AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUKFfKITjHIuw/iOJNy7qkPfxfWUQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tGZktJVGpISXV3X2lP
Sk55N3FrUGZ4ZldVUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACksAlZc1sq1OpFi
TnReSwuv1xyN+YhwWk4Wg1pJCnBC+OkvuN6JPsBjA5ABu9ACGilQsv8iTY7JRIeU
9wrFVbbRLmjUOR6711gkUpm6zmU1HTM6n6mPLwqV9nU9gpWBoDGTxLORa7uOb8we
wpvw9q+m1Xjq7hTm/8NzNPIyXdHW3vqDjc0qaqoHkWUMADnTv1Oe9aWDoYoJwUQ2
iY2beKr5JqrwzuM3uqFXLlClIdsxcK18ziIH4i9pqHvc/6EjaFnd1eJXmSzY1fQt
5BQXpVqo4YBZn63jB1WsqK2Upnxe5NPNeosTF0ypHa0PFoA1OjZ9cpMAXveP830L
Q7Cwfjs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:19 2024 by rpki-client on console-fra.rpki-client.org