Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Knv__RQ-x1KYeii-IHgXr2lKbRg.roa
File: Knv__RQ-x1KYeii-IHgXr2lKbRg.roa (raw, json)
Hash identifier: YZrGtfMEk9i3C1YJnfIPlD89KTRB6Wm+SOspz4r0uSQ=
Subject key identifier: 2A:7B:FF:FD:14:3E:C7:52:98:7A:28:BE:20:78:17:AF:69:4A:6D:18
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5341
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Knv__RQ-x1KYeii-IHgXr2lKbRg.roa
Signing time: Thu 09 May 2024 14:24:01 +0000
ROA not before: Thu 09 May 2024 14:24:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21313 (0x5341)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 14:24:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2A7BFFFD143EC752987A28BE207817AF694A6D18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4e:15:53:06:44:8b:fb:a0:b0:7d:45:15:84:
a6:07:c9:e6:96:8c:4c:b4:a9:1b:5c:d3:2e:ee:3f:
f9:05:29:5e:70:6c:29:94:02:dc:62:2b:ec:b6:dd:
8c:2e:cd:46:32:4c:14:16:13:f4:41:26:c1:ad:53:
96:10:06:f3:f9:85:ce:e0:51:96:4a:8e:76:74:92:
84:8c:50:e0:57:a3:58:a8:e7:38:5a:b8:6c:0e:6b:
44:15:bc:60:f1:72:2c:c8:23:f0:bf:0a:f5:f6:84:
5c:7b:2c:90:0b:78:19:ac:2d:b6:71:88:9c:c1:85:
0a:35:42:2e:39:b6:83:8b:32:b8:41:ef:a6:7e:6d:
49:ca:74:71:45:7c:e1:b1:6d:ec:3a:40:ca:96:ab:
9b:78:02:b8:1d:61:55:a3:9a:04:67:e5:03:0e:bf:
98:e5:ca:30:d8:e8:d1:7e:64:a1:b4:44:68:7c:72:
b3:34:03:ac:3b:75:ab:a5:9d:18:e3:c6:66:93:2e:
9d:1b:44:cf:c3:65:5e:12:e8:bd:c0:05:e0:c0:f9:
a0:78:bd:59:06:ea:6e:8a:5b:2f:e0:19:04:24:35:
b1:94:a9:f9:9b:96:9b:99:5f:35:85:1d:b8:68:3c:
ba:30:14:e0:57:aa:ee:97:4c:15:f7:33:eb:bb:1f:
7c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7B:FF:FD:14:3E:C7:52:98:7A:28:BE:20:78:17:AF:69:4A:6D:18
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Knv__RQ-x1KYeii-IHgXr2lKbRg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
46:4d:2f:8a:e3:05:f2:52:5c:db:3f:50:17:c0:74:9f:c7:4b:
d7:77:43:84:a2:ab:0a:8a:8b:67:89:55:48:e2:41:9d:fb:7b:
5b:7f:79:52:e2:48:3c:f6:61:20:44:85:cb:9e:2e:7e:24:2b:
62:ac:fb:60:ad:6a:e6:57:b2:8e:67:ac:71:7b:95:c0:9f:2d:
7d:ce:4d:07:09:72:e6:8a:1b:a6:aa:c8:c3:bc:98:e6:96:8d:
9f:85:29:ad:e9:66:a6:9b:c8:04:8c:6b:08:5c:76:7b:d9:8e:
1c:70:d3:5d:bf:7e:13:6a:e8:be:ae:40:75:d7:be:11:77:b4:
6c:e7:b2:7e:44:08:73:90:8b:69:59:79:0b:d2:74:55:2f:0d:
e1:fa:13:36:a2:66:05:ef:3b:4b:94:7b:58:74:23:13:ce:11:
cd:7a:d1:10:f4:25:fc:90:cc:ed:8d:b0:9f:0c:9b:7d:74:f0:
11:18:bd:b8:e5:b9:41:0f:1b:80:b9:48:5a:32:4b:fb:cd:07:
1d:7d:55:3b:0c:52:8d:c9:6e:95:41:bf:1d:98:f5:16:6a:b7:
6d:7b:f0:01:76:d4:9e:23:aa:ff:f8:ba:48:c9:05:84:8c:af:
31:3b:2f:8d:67:3c:d5:73:e5:84:6d:22:fe:12:82:d2:a8:c3:
30:6f:bf:b3
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICU0EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkx
NDI0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJBN0JGRkZEMTQzRUM3
NTI5ODdBMjhCRTIwNzgxN0FGNjk0QTZEMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCVThVTBkSL+6CwfUUVhKYHyeaWjEy0qRtc0y7uP/kFKV5wbCmU
AtxiK+y23YwuzUYyTBQWE/RBJsGtU5YQBvP5hc7gUZZKjnZ0koSMUOBXo1io5zha
uGwOa0QVvGDxcizII/C/CvX2hFx7LJALeBmsLbZxiJzBhQo1Qi45toOLMrhB76Z+
bUnKdHFFfOGxbew6QMqWq5t4ArgdYVWjmgRn5QMOv5jlyjDY6NF+ZKG0RGh8crM0
A6w7daulnRjjxmaTLp0bRM/DZV4S6L3ABeDA+aB4vVkG6m6KWy/gGQQkNbGUqfmb
lpuZXzWFHbhoPLowFOBXqu6XTBX3M+u7H3zzAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUKnv//RQ+x1KYeii+IHgXr2lKbRgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tudl9fUlEteDFLWWVp
aS1JSGdYcjJsS2JSZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEZNL4rjBfJSXNs/
UBfAdJ/HS9d3Q4SiqwqKi2eJVUjiQZ37e1t/eVLiSDz2YSBEhcueLn4kK2Ks+2Ct
auZXso5nrHF7lcCfLX3OTQcJcuaKG6aqyMO8mOaWjZ+FKa3pZqabyASMawhcdnvZ
jhxw012/fhNq6L6uQHXXvhF3tGznsn5ECHOQi2lZeQvSdFUvDeH6EzaiZgXvO0uU
e1h0IxPOEc160RD0JfyQzO2NsJ8Mm3108BEYvbjluUEPG4C5SFoyS/vNBx19VTsM
Uo3JbpVBvx2Y9RZqt2178AF21J4jqv/4ukjJBYSMrzE7L41nPNVz5YRtIv4SgtKo
wzBvv7M=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:38 2025 by rpki-client