Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KayDgyzkd1hOKku77FiIqibwBIM.roa
File: KayDgyzkd1hOKku77FiIqibwBIM.roa (raw, json)
Hash identifier: OZMOuF4RP/fZk+Y37+u0OljNch5efqj3hIlUfFM3o54=
Subject key identifier: 29:AC:83:83:2C:E4:77:58:4E:2A:4B:BB:EC:58:88:AA:26:F0:04:83
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 42E5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KayDgyzkd1hOKku77FiIqibwBIM.roa
Signing time: Wed 17 Apr 2024 18:52:59 +0000
ROA not before: Wed 17 Apr 2024 18:52:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17125 (0x42e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 18:52:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=29AC83832CE477584E2A4BBBEC5888AA26F00483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:af:f7:66:58:23:61:e3:7c:0d:b1:c4:85:de:
28:ed:07:ec:5b:08:88:90:d1:40:ee:8d:7c:5a:86:
93:09:59:f0:2b:ab:c7:76:c5:f5:36:be:23:d4:e0:
a2:96:b4:93:13:da:c9:0a:d1:fb:1b:e3:a5:75:8b:
67:59:89:f0:50:2c:ea:22:bb:9d:f4:e5:a9:f0:ef:
c3:ff:ca:37:d1:67:c6:80:a7:61:20:4c:52:dc:a8:
72:10:ae:17:99:28:4e:bf:9d:e4:9f:3f:18:e0:f4:
7a:20:26:5c:e2:9a:e3:bd:07:3a:68:0a:55:45:5a:
64:73:a7:76:47:9e:e7:97:d3:a1:59:4a:d6:c5:1e:
53:8e:e2:41:41:f8:ee:4a:83:f3:ca:81:44:6e:3d:
cc:ba:59:d2:5e:51:e1:1b:07:6e:4d:dc:2e:20:4e:
38:de:73:31:5b:8f:86:c3:d0:da:c6:56:b6:fa:18:
9f:df:5a:56:64:c0:e2:af:41:5f:f2:ca:3f:55:3a:
41:68:81:ec:92:b6:59:99:c1:aa:8a:91:80:81:8e:
be:a0:b6:1d:63:a9:27:57:de:a6:5e:5b:ef:a5:ba:
36:bb:9c:75:af:0d:0e:48:6a:56:47:d5:ba:8d:e1:
78:ae:85:36:88:aa:9f:a6:9b:7b:31:7e:f5:69:66:
8e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:AC:83:83:2C:E4:77:58:4E:2A:4B:BB:EC:58:88:AA:26:F0:04:83
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KayDgyzkd1hOKku77FiIqibwBIM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
65:78:ef:c7:00:75:1f:71:c6:f1:13:82:de:1f:d9:9b:b4:61:
76:a6:7b:3e:60:62:61:bd:08:19:0f:04:0b:db:3a:85:1b:3c:
06:5f:bc:67:42:13:f0:eb:1a:77:3a:a4:84:1a:9b:dc:f7:8f:
72:a9:2c:50:bc:95:b3:60:f1:23:38:9a:15:b9:94:5b:1d:fa:
bb:34:49:32:3e:04:59:c5:82:d7:c4:e7:39:6e:e1:63:7a:a8:
38:0f:82:c7:da:6f:88:9f:33:7e:dd:b3:ca:74:8e:19:48:c3:
1c:1e:16:4f:55:a4:38:e4:86:ba:48:ed:58:62:8e:c4:0b:0a:
e7:30:98:c8:80:3f:01:98:92:a6:f3:d1:9f:f3:85:41:d9:9e:
a7:2a:8f:17:36:ae:92:23:04:e2:08:46:c4:82:5a:ec:3c:b9:
2d:0d:04:98:a5:cd:08:e9:92:17:8e:30:75:e4:bf:3d:1c:8e:
99:06:57:27:6e:26:a3:a7:82:fe:6b:63:bf:92:1e:e0:eb:e7:
02:da:d8:bd:fa:a6:4a:e4:5c:9c:ac:7b:16:f7:c1:f3:cf:bc:
56:9a:54:5a:08:b1:67:f1:24:e1:25:3e:de:88:d9:3f:1b:35:
4b:ad:9e:17:b9:2f:a8:8e:ac:a3:ea:2c:24:c6:cf:2c:ee:3a:
5f:0b:64:bc
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcx
ODUyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5QUM4MzgzMkNFNDc3
NTg0RTJBNEJCQkVDNTg4OEFBMjZGMDA0ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVr/dmWCNh43wNscSF3ijtB+xbCIiQ0UDujXxahpMJWfArq8d2
xfU2viPU4KKWtJMT2skK0fsb46V1i2dZifBQLOoiu5305anw78P/yjfRZ8aAp2Eg
TFLcqHIQrheZKE6/neSfPxjg9HogJlzimuO9BzpoClVFWmRzp3ZHnueX06FZStbF
HlOO4kFB+O5Kg/PKgURuPcy6WdJeUeEbB25N3C4gTjjeczFbj4bD0NrGVrb6GJ/f
WlZkwOKvQV/yyj9VOkFogeyStlmZwaqKkYCBjr6gth1jqSdX3qZeW++luja7nHWv
DQ5IalZH1bqN4XiuhTaIqp+mm3sxfvVpZo5fAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUKayDgyzkd1hOKku77FiIqibwBIMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0theURneXprZDFoT0tr
dTc3RmlJcWlid0JJTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGV478cAdR9xxvET
gt4f2Zu0YXamez5gYmG9CBkPBAvbOoUbPAZfvGdCE/DrGnc6pIQam9z3j3KpLFC8
lbNg8SM4mhW5lFsd+rs0STI+BFnFgtfE5zlu4WN6qDgPgsfab4ifM37ds8p0jhlI
wxweFk9VpDjkhrpI7VhijsQLCucwmMiAPwGYkqbz0Z/zhUHZnqcqjxc2rpIjBOII
RsSCWuw8uS0NBJilzQjpkheOMHXkvz0cjpkGVyduJqOngv5rY7+SHuDr5wLa2L36
pkrkXJysexb3wfPPvFaaVFoIsWfxJOElPt6I2T8bNUutnhe5L6iOrKPqLCTGzyzu
Ol8LZLw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:19 2024 by rpki-client on console-fra.rpki-client.org