Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kD9kX82HsIKpQCToN3ZLxnkuq30.roa
File: kD9kX82HsIKpQCToN3ZLxnkuq30.roa (raw, json)
Hash identifier: WDa6QeDur+78jO9iZldRyGI/S0AxVPz/VYc4sklLXd8=
Subject key identifier: 90:3F:64:5F:CD:87:B0:82:A9:40:24:E8:37:76:4B:C6:79:2E:AB:7D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A41
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kD9kX82HsIKpQCToN3ZLxnkuq30.roa
Signing time: Sat 06 Apr 2024 06:22:26 +0000
ROA not before: Sat 06 Apr 2024 06:22:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14913 (0x3a41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 06:22:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=903F645FCD87B082A94024E837764BC6792EAB7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:1f:49:1a:5e:3b:ba:7d:3f:d3:71:a2:3a:94:
31:f3:cc:4f:52:a5:9b:40:3d:77:d6:e5:b0:c3:1d:
91:3d:d5:2e:1c:ab:80:8e:e5:fa:0d:6e:8c:cb:6a:
27:1e:e6:aa:25:cf:02:31:2d:d5:e2:c7:99:6e:2b:
dc:e3:df:55:5b:87:e0:8f:be:4d:71:f4:64:c0:3b:
d9:ba:6d:55:bd:58:0e:f1:2e:f2:62:27:4b:ba:1b:
92:93:06:21:2a:7f:56:dd:c8:e7:ab:98:0d:01:26:
b4:86:5d:65:ad:a5:cf:39:4f:ec:5d:5c:8e:a6:dc:
44:0d:1e:88:68:48:aa:03:6d:3a:95:2c:fe:bf:e7:
2f:03:12:e1:ed:a1:99:c0:44:1a:e9:88:42:b7:5d:
2b:77:b3:e2:4d:bc:c3:32:05:57:16:a9:af:5a:58:
b5:cf:a2:9a:9c:70:38:68:a3:67:8d:46:f5:87:6c:
40:b1:2d:38:8d:90:37:45:e2:35:09:f3:1b:d8:bc:
8c:fe:d0:e0:28:bc:46:5f:dd:c4:bb:c2:52:b2:3d:
38:f0:75:ab:b8:be:10:ba:3a:9e:26:aa:18:88:64:
88:a5:67:b5:c7:f7:d7:85:b3:98:de:0b:ab:56:cc:
66:c0:27:73:31:60:0e:2c:ae:2e:31:1b:66:45:ac:
06:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:3F:64:5F:CD:87:B0:82:A9:40:24:E8:37:76:4B:C6:79:2E:AB:7D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kD9kX82HsIKpQCToN3ZLxnkuq30.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
2e:1f:0a:5e:71:2c:37:d9:6a:a3:db:88:90:59:44:a8:33:2e:
6c:f6:c3:c2:5b:50:7b:15:85:b8:dd:87:b9:da:b7:14:9c:12:
7d:4a:68:d6:7d:77:00:7a:d0:ec:93:59:f5:48:1e:15:41:21:
63:b1:93:49:c2:ea:64:b6:f9:9d:c1:3c:b2:c4:93:8a:91:83:
4e:23:ef:dc:2d:64:ab:77:1a:46:54:dc:2b:5b:d2:4c:05:4c:
93:d5:51:74:0f:68:e8:b3:e8:34:f3:82:95:dc:a7:f7:6f:53:
19:3d:52:41:0d:f0:28:86:f9:b7:c3:36:a7:29:6d:ac:a6:53:
0f:93:6f:c4:10:82:d0:bb:f4:85:ee:4f:e4:e9:ce:bf:c4:2c:
62:79:31:3c:2a:61:3a:b1:95:fd:8b:cd:c4:17:f6:bf:0f:47:
9b:9b:93:90:2b:bb:0d:f7:71:cf:ad:62:fe:e8:0d:89:9b:6e:
ef:55:00:a3:68:cd:12:f9:47:a9:cd:a1:75:ac:d3:09:c8:a4:
b6:d9:f6:d5:38:4a:a5:88:12:ea:0f:47:1e:90:ed:18:33:f1:
f7:11:58:3f:b0:9d:39:ae:35:a8:1c:a0:07:66:04:09:4d:17:
81:15:39:a1:74:9f:cb:7d:f5:ed:6d:39:54:d8:3f:87:c7:06:
f5:8a:42:3d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOkEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYw
NjIyMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwM0Y2NDVGQ0Q4N0Iw
ODJBOTQwMjRFODM3NzY0QkM2NzkyRUFCN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrH0kaXju6fT/TcaI6lDHzzE9SpZtAPXfW5bDDHZE91S4cq4CO
5foNbozLaice5qolzwIxLdXix5luK9zj31Vbh+CPvk1x9GTAO9m6bVW9WA7xLvJi
J0u6G5KTBiEqf1bdyOermA0BJrSGXWWtpc85T+xdXI6m3EQNHohoSKoDbTqVLP6/
5y8DEuHtoZnARBrpiEK3XSt3s+JNvMMyBVcWqa9aWLXPopqccDhoo2eNRvWHbECx
LTiNkDdF4jUJ8xvYvIz+0OAovEZf3cS7wlKyPTjwdau4vhC6Op4mqhiIZIilZ7XH
99eFs5jeC6tWzGbAJ3MxYA4sri4xG2ZFrAZzAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUkD9kX82HsIKpQCToN3ZLxnkuq30wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tEOWtYODJIc0lLcFFD
VG9OM1pMeG5rdXEzMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAC4fCl5xLDfZaqPb
iJBZRKgzLmz2w8JbUHsVhbjdh7natxScEn1KaNZ9dwB60OyTWfVIHhVBIWOxk0nC
6mS2+Z3BPLLEk4qRg04j79wtZKt3GkZU3Ctb0kwFTJPVUXQPaOiz6DTzgpXcp/dv
Uxk9UkEN8CiG+bfDNqcpbaymUw+Tb8QQgtC79IXuT+Tpzr/ELGJ5MTwqYTqxlf2L
zcQX9r8PR5ubk5Aruw33cc+tYv7oDYmbbu9VAKNozRL5R6nNoXWs0wnIpLbZ9tU4
SqWIEuoPRx6Q7Rgz8fcRWD+wnTmuNagcoAdmBAlNF4EVOaF0n8t99e1tOVTYP4fH
BvWKQj0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org