Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KoJXrTk1mGzB6kfd_lZrLA8l9R4.roa
File: KoJXrTk1mGzB6kfd_lZrLA8l9R4.roa (raw, json)
Hash identifier: 0fqipzxDkMdoJ2VHx6Q/I5Ml0GWJG4ScFMp6VKndr1g=
Subject key identifier: 2A:82:57:AD:39:35:98:6C:C1:EA:47:DD:FE:56:6B:2C:0F:25:F5:1E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4799
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KoJXrTk1mGzB6kfd_lZrLA8l9R4.roa
Signing time: Wed 24 Apr 2024 01:23:13 +0000
ROA not before: Wed 24 Apr 2024 01:23:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18329 (0x4799)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 01:23:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2A8257AD3935986CC1EA47DDFE566B2C0F25F51E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:dd:66:19:99:7f:0f:85:4a:32:95:0d:cd:d7:
2e:44:9a:c0:1b:d4:66:62:7c:6b:b3:82:81:1a:b4:
d7:7c:7c:65:00:c8:c8:5f:a1:8e:8b:1c:3c:82:e3:
79:80:d1:cd:d1:6b:b9:79:68:dc:97:16:cc:2f:31:
ac:73:a8:6c:ee:3c:2f:1d:3a:6f:da:0e:6c:7f:f5:
39:de:21:c1:0d:8c:f4:2b:c8:7d:03:1c:f1:64:97:
f0:f6:4d:59:94:8b:21:8d:94:2b:b5:ee:53:11:9e:
e5:3c:a3:94:ce:c7:00:1e:29:3e:25:7b:cf:b4:b0:
84:9a:25:a0:b4:03:68:b5:a7:51:f7:91:49:45:06:
03:f0:86:4a:95:fb:df:47:5a:4d:48:7e:68:db:17:
1e:93:04:ff:1b:7e:33:04:f9:54:65:55:92:5b:d4:
c5:2d:d2:b9:38:81:94:be:72:0b:e6:6e:b2:8f:af:
81:8f:e1:0b:c9:d0:cd:ef:0a:0b:ad:09:eb:0f:89:
5b:b8:74:81:2f:99:a5:83:a8:3d:5a:9e:ad:a8:62:
88:a4:b9:19:56:5b:42:c9:90:09:f4:ae:4b:58:39:
5e:7b:cf:75:9f:d7:4f:0f:fe:f2:d7:16:01:22:92:
f0:4f:55:91:b8:df:e4:c7:52:b7:e6:4e:4c:6e:bd:
c6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:82:57:AD:39:35:98:6C:C1:EA:47:DD:FE:56:6B:2C:0F:25:F5:1E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KoJXrTk1mGzB6kfd_lZrLA8l9R4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
23:b9:37:45:62:bb:ba:3e:35:60:b0:35:45:6c:07:5d:35:aa:
08:2a:ad:a9:6a:b5:3d:01:4f:90:5f:b8:d7:d2:e0:0d:de:7a:
d7:d7:42:e4:8d:68:2b:97:70:2e:8f:73:f5:d8:5e:e1:10:69:
16:ff:ab:73:32:41:cc:d8:2e:2a:3c:76:4d:c3:d8:62:b0:68:
43:63:69:82:40:97:e6:cd:bf:c8:d2:f6:2b:ca:0e:cf:d6:40:
58:d2:45:5f:20:45:78:64:4d:02:bd:69:4a:fe:db:88:b0:e1:
56:79:98:18:29:0c:44:c5:04:15:10:97:19:fe:3f:7c:d5:81:
cf:ca:74:45:31:91:e0:dd:10:45:8c:d1:16:2d:af:25:4d:34:
ce:8a:87:ea:ad:c5:88:56:09:c7:a1:b5:50:3d:1b:84:69:69:
63:5f:25:b3:06:f0:04:e4:10:ae:f3:17:97:e9:c3:f3:01:3b:
17:21:4a:0d:4f:d5:57:c4:8f:01:3d:db:a3:ed:5c:0d:44:29:
f1:03:16:88:35:ce:b1:48:23:f7:d1:a7:31:d7:d9:44:c6:15:
4c:0d:5f:38:3e:cd:5f:11:7f:eb:e4:70:89:91:33:9a:55:33:
58:92:21:ab:42:44:e3:22:4f:13:04:d5:f4:b1:26:03:9c:3a:
2f:8b:aa:dc
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICR5kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQw
MTIzMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJBODI1N0FEMzkzNTk4
NkNDMUVBNDdEREZFNTY2QjJDMEYyNUY1MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJ3WYZmX8PhUoylQ3N1y5EmsAb1GZifGuzgoEatNd8fGUAyMhf
oY6LHDyC43mA0c3Ra7l5aNyXFswvMaxzqGzuPC8dOm/aDmx/9TneIcENjPQryH0D
HPFkl/D2TVmUiyGNlCu17lMRnuU8o5TOxwAeKT4le8+0sISaJaC0A2i1p1H3kUlF
BgPwhkqV+99HWk1IfmjbFx6TBP8bfjME+VRlVZJb1MUt0rk4gZS+cgvmbrKPr4GP
4QvJ0M3vCgutCesPiVu4dIEvmaWDqD1anq2oYoikuRlWW0LJkAn0rktYOV57z3Wf
108P/vLXFgEikvBPVZG43+THUrfmTkxuvcZhAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUKoJXrTk1mGzB6kfd/lZrLA8l9R4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tvSlhyVGsxbUd6QjZr
ZmRfbFpyTEE4bDlSNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACO5N0Viu7o+NWCw
NUVsB101qggqralqtT0BT5BfuNfS4A3eetfXQuSNaCuXcC6Pc/XYXuEQaRb/q3My
QczYLio8dk3D2GKwaENjaYJAl+bNv8jS9ivKDs/WQFjSRV8gRXhkTQK9aUr+24iw
4VZ5mBgpDETFBBUQlxn+P3zVgc/KdEUxkeDdEEWM0RYtryVNNM6Kh+qtxYhWCceh
tVA9G4RpaWNfJbMG8ATkEK7zF5fpw/MBOxchSg1P1VfEjwE926PtXA1EKfEDFog1
zrFII/fRpzHX2UTGFUwNXzg+zV8Rf+vkcImRM5pVM1iSIatCROMiTxME1fSxJgOc
Oi+Lqtw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:32 2024 by rpki-client on console-ams.rpki-client.org