Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KITN2KJUeaVy3W-vkxxZm4-xfSI.roa
File: KITN2KJUeaVy3W-vkxxZm4-xfSI.roa (raw, json)
Hash identifier: EsZOtyqYI5lVRw7MYgl/asHIqaApqpJiwutG0WwHRyE=
Subject key identifier: 28:84:CD:D8:A2:54:79:A5:72:DD:6F:AF:93:1C:59:9B:8F:B1:7D:22
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 430D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KITN2KJUeaVy3W-vkxxZm4-xfSI.roa
Signing time: Wed 17 Apr 2024 23:52:57 +0000
ROA not before: Wed 17 Apr 2024 23:52:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17165 (0x430d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 23:52:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2884CDD8A25479A572DD6FAF931C599B8FB17D22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:35:c8:ed:76:e1:9f:db:0d:5e:46:e5:bd:2e:
86:28:9f:60:43:1a:08:54:80:97:fd:97:00:07:7a:
d3:b5:68:bd:7a:f5:91:4b:64:5c:82:91:0c:df:91:
b3:e9:cf:7e:4b:a2:98:cf:6c:f4:36:6d:c8:8f:9b:
09:03:c1:0b:c2:dc:14:d8:81:4d:b1:bd:d6:c2:da:
01:c1:6f:8b:86:94:58:0e:fa:4c:c4:79:1d:e1:31:
82:73:5f:95:29:66:86:94:93:14:78:0f:2b:82:52:
6f:60:45:95:0a:d9:1b:c9:55:ab:41:b1:bd:20:4b:
48:65:b0:e0:e0:e1:76:f6:2c:c9:18:49:c4:06:b9:
22:20:09:90:a2:28:6e:be:e8:33:84:a7:b1:07:4c:
21:74:fd:68:58:0f:53:29:f1:9e:71:64:04:50:54:
5f:c1:a0:7f:ed:f1:ea:5e:5e:00:64:1b:53:ad:28:
a2:cd:0f:af:02:bf:3e:74:19:08:5c:6c:84:cb:a6:
56:be:d3:ff:6a:21:89:27:76:a3:87:b9:3b:7d:f9:
19:e2:2f:e1:13:71:c8:6f:cc:7a:80:98:68:c0:29:
1b:60:e1:b4:e8:00:24:7b:cb:99:42:ef:77:25:17:
54:ab:d5:0b:09:b6:40:73:1b:1a:9c:52:b8:96:58:
87:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:84:CD:D8:A2:54:79:A5:72:DD:6F:AF:93:1C:59:9B:8F:B1:7D:22
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KITN2KJUeaVy3W-vkxxZm4-xfSI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
99:56:dc:6d:78:26:23:3e:a8:cb:4c:37:70:75:3d:38:74:1f:
4c:63:6f:5a:cd:ab:e1:23:aa:7c:ab:59:0c:c5:d1:ca:ad:43:
3d:a5:e5:fb:b3:c1:fe:92:a3:ff:1e:57:18:02:03:12:75:c1:
ff:84:9f:17:32:2c:4c:be:be:fc:c4:58:d0:5d:3e:ff:93:2d:
99:a9:12:f8:d6:60:9b:6f:f5:58:ce:98:ef:bc:db:86:e4:34:
a7:a5:01:61:01:fa:55:87:4f:ec:4e:44:d4:6b:ce:4b:76:2f:
c7:d0:9c:38:7f:61:d2:f7:d2:58:8d:69:49:6f:fd:c1:f0:99:
8b:7e:24:93:51:e2:d3:d4:16:be:ab:25:52:25:39:59:93:79:
81:18:98:6b:37:53:ee:9f:e7:89:5c:df:f5:f7:a9:0f:be:b8:
42:16:65:8f:e6:b7:17:cf:e5:29:80:6f:ef:ed:4a:11:f5:4e:
38:4e:da:99:87:7c:3d:7a:47:89:12:01:f3:41:6a:16:58:83:
aa:1a:b3:0e:45:0e:f9:64:da:db:19:47:9a:64:39:72:7d:99:
f3:2b:7c:77:9d:30:db:16:c2:d7:68:cf:4c:54:42:c2:da:c4:
64:a5:af:a8:86:c6:05:7c:3b:17:84:24:7a:f0:ad:cb:f2:1b:
29:17:01:d4
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQw0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcy
MzUyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI4ODRDREQ4QTI1NDc5
QTU3MkRENkZBRjkzMUM1OTlCOEZCMTdEMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTNcjtduGf2w1eRuW9LoYon2BDGghUgJf9lwAHetO1aL169ZFL
ZFyCkQzfkbPpz35LopjPbPQ2bciPmwkDwQvC3BTYgU2xvdbC2gHBb4uGlFgO+kzE
eR3hMYJzX5UpZoaUkxR4DyuCUm9gRZUK2RvJVatBsb0gS0hlsODg4Xb2LMkYScQG
uSIgCZCiKG6+6DOEp7EHTCF0/WhYD1Mp8Z5xZARQVF/BoH/t8epeXgBkG1OtKKLN
D68Cvz50GQhcbITLpla+0/9qIYkndqOHuTt9+RniL+ETcchvzHqAmGjAKRtg4bTo
ACR7y5lC73clF1Sr1QsJtkBzGxqcUriWWIdDAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUKITN2KJUeaVy3W+vkxxZm4+xfSIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tJVE4yS0pVZWFWeTNX
LXZreHhabTQteGZTSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJlW3G14JiM+qMtM
N3B1PTh0H0xjb1rNq+EjqnyrWQzF0cqtQz2l5fuzwf6So/8eVxgCAxJ1wf+Enxcy
LEy+vvzEWNBdPv+TLZmpEvjWYJtv9VjOmO+824bkNKelAWEB+lWHT+xORNRrzkt2
L8fQnDh/YdL30liNaUlv/cHwmYt+JJNR4tPUFr6rJVIlOVmTeYEYmGs3U+6f54lc
3/X3qQ++uEIWZY/mtxfP5SmAb+/tShH1TjhO2pmHfD16R4kSAfNBahZYg6oasw5F
Dvlk2tsZR5pkOXJ9mfMrfHedMNsWwtdoz0xUQsLaxGSlr6iGxgV8OxeEJHrwrcvy
GykXAdQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:31 2024 by rpki-client on console-ams.rpki-client.org