Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KeNQkvKXoSc7UAsTX0iBFsn4vLg.roa
File: KeNQkvKXoSc7UAsTX0iBFsn4vLg.roa (raw, json)
Hash identifier: IS4fTUxr4UnJGk2kGH4wUQ4w2eLPsUtVS6dILPIradM=
Subject key identifier: 29:E3:50:92:F2:97:A1:27:3B:50:0B:13:5F:48:81:16:C9:F8:BC:B8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B21
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KeNQkvKXoSc7UAsTX0iBFsn4vLg.roa
Signing time: Sun 28 Apr 2024 18:23:47 +0000
ROA not before: Sun 28 Apr 2024 18:23:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19233 (0x4b21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 18:23:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=29E35092F297A1273B500B135F488116C9F8BCB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:48:03:c1:5d:fc:0c:a7:be:b8:35:7c:80:fa:
7f:a6:b2:34:fd:85:05:65:ee:9c:a3:dd:ff:b1:4b:
6e:4a:81:74:88:d0:58:23:3a:cc:62:03:51:22:74:
11:62:51:90:dd:85:ac:4d:26:62:b9:e2:45:d8:b8:
e0:21:59:6f:60:c7:c2:99:49:ec:75:c5:45:47:2b:
8c:04:c3:0f:be:48:b1:e4:f7:6d:65:36:78:ce:4b:
f8:f0:51:ee:ce:07:9f:77:d2:a6:3d:2f:29:fb:bd:
15:57:3d:41:50:5f:ce:9b:27:07:8e:48:8f:ad:aa:
de:12:4f:55:9d:c2:c9:4a:58:6f:c9:05:e9:79:6d:
43:c3:35:6f:38:23:f3:c7:6a:85:5d:17:ae:85:51:
3d:79:c4:6c:2c:4e:3a:62:ee:ea:56:ef:52:e3:32:
08:c4:6d:e2:40:8a:e9:46:27:65:c9:91:be:ba:20:
dd:20:7e:f0:ac:e6:93:1a:6d:17:57:c2:88:a5:02:
78:85:a5:f5:a1:c5:dd:85:b2:0b:c5:35:2f:7c:0e:
25:cf:bc:6e:c1:91:a9:2e:4b:19:9e:c0:e9:97:f7:
4c:4f:e2:31:e5:87:e7:dc:98:90:75:fc:e3:9b:a4:
03:68:04:69:54:05:08:4e:5d:5f:37:bb:95:08:e1:
7d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E3:50:92:F2:97:A1:27:3B:50:0B:13:5F:48:81:16:C9:F8:BC:B8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KeNQkvKXoSc7UAsTX0iBFsn4vLg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:27:fe:d8:bf:1a:a2:53:a1:d0:52:db:8b:f8:c7:e4:1d:b6:
81:d3:e3:93:46:75:c2:a8:c9:18:cf:68:53:41:c9:cc:46:79:
4c:15:0d:ec:e9:fa:3f:ff:6d:55:ae:8f:81:4b:af:5f:42:5d:
10:a4:c2:4f:1e:30:5b:df:ec:ec:62:90:b0:26:c7:f5:68:e9:
29:20:6a:87:7c:de:e0:74:c6:56:0c:6c:7c:74:bc:87:e2:6e:
1a:ec:9e:54:41:c5:4b:5a:93:58:63:7a:f0:c1:4d:21:62:40:
ab:9e:db:74:c4:5d:26:71:d4:c8:e9:38:ac:45:20:b5:42:65:
6c:64:12:2f:85:be:d5:5b:cb:98:f7:2c:67:de:bf:4b:c4:06:
cf:eb:2d:e2:4c:69:b0:bf:b2:2a:aa:4d:10:8a:fd:46:b9:13:
20:70:5b:68:46:e2:6d:d3:53:46:44:62:17:8a:86:d9:5d:af:
0d:6f:c8:18:ba:d1:cd:e6:96:3d:f8:af:fb:a6:ee:38:64:76:
e8:07:3e:51:01:4c:2e:ab:20:a4:01:18:a7:35:a2:68:dd:63:
c6:04:40:fd:b6:dd:dd:25:16:dc:7b:9d:0a:13:4e:25:8d:6e:
86:9a:29:db:4d:f3:19:bd:c9:9a:5b:e0:a2:e0:c6:df:2b:9b:
3e:40:f8:02
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSyEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgx
ODIzNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5RTM1MDkyRjI5N0Ex
MjczQjUwMEIxMzVGNDg4MTE2QzlGOEJDQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxSAPBXfwMp764NXyA+n+msjT9hQVl7pyj3f+xS25KgXSI0Fgj
OsxiA1EidBFiUZDdhaxNJmK54kXYuOAhWW9gx8KZSex1xUVHK4wEww++SLHk921l
NnjOS/jwUe7OB5930qY9Lyn7vRVXPUFQX86bJweOSI+tqt4ST1WdwslKWG/JBel5
bUPDNW84I/PHaoVdF66FUT15xGwsTjpi7upW71LjMgjEbeJAiulGJ2XJkb66IN0g
fvCs5pMabRdXwoilAniFpfWhxd2FsgvFNS98DiXPvG7BkakuSxmewOmX90xP4jHl
h+fcmJB1/OObpANoBGlUBQhOXV83u5UI4X01AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUKeNQkvKXoSc7UAsTX0iBFsn4vLgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tlTlFrdktYb1NjN1VB
c1RYMGlCRnNuNHZMZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJon/ti/GqJTodBS
24v4x+QdtoHT45NGdcKoyRjPaFNBycxGeUwVDezp+j//bVWuj4FLr19CXRCkwk8e
MFvf7OxikLAmx/Vo6Skgaod83uB0xlYMbHx0vIfibhrsnlRBxUtak1hjevDBTSFi
QKue23TEXSZx1MjpOKxFILVCZWxkEi+FvtVby5j3LGfev0vEBs/rLeJMabC/siqq
TRCK/Ua5EyBwW2hG4m3TU0ZEYheKhtldrw1vyBi60c3mlj34r/um7jhkdugHPlEB
TC6rIKQBGKc1omjdY8YEQP223d0lFtx7nQoTTiWNboaaKdtN8xm9yZpb4KLgxt8r
mz5A+AI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:19 2024 by rpki-client on console-fra.rpki-client.org