Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kf2zrKCwGs-pkeJbxUjWaIYssyc.roa
File: kf2zrKCwGs-pkeJbxUjWaIYssyc.roa (raw, json)
Hash identifier: 6BehY9cOnJqZKNYOo+jYw64ZjA72RjZogaZseby90d0=
Subject key identifier: 91:FD:B3:AC:A0:B0:1A:CF:A9:91:E2:5B:C5:48:D6:68:86:2C:B3:27
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5735
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kf2zrKCwGs-pkeJbxUjWaIYssyc.roa
Signing time: Tue 14 May 2024 20:54:10 +0000
ROA not before: Tue 14 May 2024 20:54:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22325 (0x5735)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 20:54:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=91FDB3ACA0B01ACFA991E25BC548D668862CB327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:22:a7:24:3f:82:e0:d6:fe:b4:cf:ad:e8:fd:
31:1b:8d:41:b7:97:aa:95:fe:90:e4:17:6f:9d:f4:
0d:0f:a9:6d:ba:af:92:99:d9:93:56:77:5d:cc:02:
2f:f2:5f:79:45:46:37:91:24:b2:65:85:16:d6:f3:
b7:47:bd:f7:72:ba:ac:16:c0:ae:79:73:f4:8b:26:
94:56:84:ca:3f:91:1c:39:63:5d:e9:2d:e6:61:66:
9a:e0:2b:33:f5:60:e3:63:c1:b6:47:41:c1:34:6a:
88:06:e6:94:4b:b7:04:69:5d:b4:26:63:6c:5b:04:
f8:a4:b7:0d:a7:eb:77:cd:df:e6:9a:13:9f:b1:81:
f8:9c:88:4e:f4:dd:ea:b6:16:ac:fe:37:64:19:88:
d1:58:cd:5b:15:4f:a9:b2:0f:18:ae:50:ef:bd:83:
06:9f:bc:07:54:76:8c:30:98:d4:d1:bb:7b:d8:f1:
af:62:92:c5:93:7f:52:18:f3:fc:c4:2b:f6:33:bf:
ee:7f:f9:15:c6:a7:6a:eb:6c:28:f9:bb:6e:11:39:
45:30:e1:9c:2d:e5:7f:0d:c6:43:0d:a2:54:45:71:
97:32:fd:9b:c8:bc:d6:33:69:d9:83:5e:e9:22:80:
f9:e1:f4:5e:6b:52:70:7b:56:b4:af:a8:64:23:c4:
04:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FD:B3:AC:A0:B0:1A:CF:A9:91:E2:5B:C5:48:D6:68:86:2C:B3:27
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kf2zrKCwGs-pkeJbxUjWaIYssyc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a1:47:a0:b9:23:d1:a9:1c:33:df:6e:90:3a:dd:2b:fd:f4:04:
f6:0a:7d:28:e8:49:57:0c:74:e4:73:a6:6f:ca:31:e7:c2:b8:
0e:fd:08:8c:08:d9:9b:23:70:b6:04:92:df:11:fd:fc:bb:8a:
20:12:93:64:41:5d:bc:9e:f2:bc:c7:b9:50:a4:ec:d4:2f:fc:
c0:6d:80:38:c2:8e:3c:dd:e5:8c:1a:55:bb:d3:35:cf:24:5e:
20:63:0e:b7:92:77:03:2e:74:23:62:39:d5:0a:16:db:cb:71:
b0:b2:75:57:ac:58:4b:b9:7a:7e:aa:5b:23:e2:8d:3f:d9:05:
c6:76:06:94:e1:f3:43:b7:ce:05:8a:db:6a:99:f5:e4:ab:0b:
6c:44:90:79:ae:e9:0b:73:07:e8:1a:0c:68:50:8a:eb:a9:78:
66:4d:62:38:e8:78:af:e0:1d:4e:1d:7d:f3:47:68:05:17:e1:
8f:99:d5:6d:ae:51:41:0e:a1:fe:95:9d:ac:65:81:b0:2f:81:
68:c8:89:a2:e0:bf:e9:46:aa:d5:9e:43:2c:0e:b9:f3:3e:ef:
08:1b:cb:11:ac:b6:24:c5:96:e1:ef:90:e8:ed:ae:86:12:0e:
0e:8e:54:84:e4:b4:60:f7:bb:80:a2:47:2c:4b:f3:bc:91:51:
da:1b:6d:80
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVzUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQy
MDU0MTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkxRkRCM0FDQTBCMDFB
Q0ZBOTkxRTI1QkM1NDhENjY4ODYyQ0IzMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6IqckP4Lg1v60z63o/TEbjUG3l6qV/pDkF2+d9A0PqW26r5KZ
2ZNWd13MAi/yX3lFRjeRJLJlhRbW87dHvfdyuqwWwK55c/SLJpRWhMo/kRw5Y13p
LeZhZprgKzP1YONjwbZHQcE0aogG5pRLtwRpXbQmY2xbBPiktw2n63fN3+aaE5+x
gficiE703eq2Fqz+N2QZiNFYzVsVT6myDxiuUO+9gwafvAdUdowwmNTRu3vY8a9i
ksWTf1IY8/zEK/Yzv+5/+RXGp2rrbCj5u24ROUUw4Zwt5X8NxkMNolRFcZcy/ZvI
vNYzadmDXukigPnh9F5rUnB7VrSvqGQjxASvAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUkf2zrKCwGs+pkeJbxUjWaIYssycwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tmMnpyS0N3R3MtcGtl
SmJ4VWpXYUlZc3N5Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKFHoLkj0akcM99u
kDrdK/30BPYKfSjoSVcMdORzpm/KMefCuA79CIwI2ZsjcLYEkt8R/fy7iiASk2RB
Xbye8rzHuVCk7NQv/MBtgDjCjjzd5YwaVbvTNc8kXiBjDreSdwMudCNiOdUKFtvL
cbCydVesWEu5en6qWyPijT/ZBcZ2BpTh80O3zgWK22qZ9eSrC2xEkHmu6QtzB+ga
DGhQiuupeGZNYjjoeK/gHU4dffNHaAUX4Y+Z1W2uUUEOof6VnaxlgbAvgWjIiaLg
v+lGqtWeQywOufM+7wgbyxGstiTFluHvkOjtroYSDg6OVITktGD3u4CiRyxL87yR
UdobbYA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:05 2024 by rpki-client on console-ams.rpki-client.org