Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kfOVGSLqx7rpa2OOjgmUOY6qmaY.roa
File: kfOVGSLqx7rpa2OOjgmUOY6qmaY.roa (raw, json)
Hash identifier: b1vMOT20mwSRF3KtB+YRFvtlNU37VDJuzSQ8yI9xNDw=
Subject key identifier: 91:F3:95:19:22:EA:C7:BA:E9:6B:63:8E:8E:09:94:39:8E:AA:99:A6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5561
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kfOVGSLqx7rpa2OOjgmUOY6qmaY.roa
Signing time: Sun 12 May 2024 10:24:03 +0000
ROA not before: Sun 12 May 2024 10:24:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21857 (0x5561)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 10:24:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=91F3951922EAC7BAE96B638E8E0994398EAA99A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2b:53:7e:f6:9c:d3:df:89:8e:55:12:9b:dc:
60:3b:10:ff:aa:61:27:60:db:d8:2d:ad:ea:a1:40:
d9:e5:cf:57:7f:5d:a8:13:9f:04:02:29:96:b1:ff:
d1:e7:76:e0:17:52:6a:2c:82:e9:82:9b:7d:2e:9b:
8a:5b:99:44:f7:3f:6d:fb:71:92:bf:f1:53:ca:8c:
f1:df:57:66:d9:42:08:ca:3e:a9:f2:74:b2:68:f4:
6c:bc:4c:90:67:cf:94:a2:5e:33:2d:8a:b0:7c:f2:
cf:78:89:fd:59:d1:2e:08:e5:b8:fb:58:e8:74:45:
b9:f3:2d:6f:59:4f:90:d4:a2:1c:70:27:69:a5:25:
5e:a3:e2:98:83:90:08:ac:cc:06:d8:4a:f9:81:69:
44:a4:92:3a:22:cc:36:52:8f:72:1a:ec:75:ec:ab:
42:d7:80:4d:60:a5:4b:5c:c1:49:f8:1c:35:9a:f2:
c9:d6:bf:bc:34:3d:8c:e2:3f:25:eb:02:3b:b2:7b:
62:ba:ad:7f:38:9d:bc:cc:fc:52:d9:aa:78:96:31:
19:75:ea:1c:d8:ca:b6:b0:1f:a3:88:97:48:ca:c1:
9e:de:be:eb:50:20:29:69:dd:ff:00:0d:6d:b7:a0:
ef:d9:aa:88:4c:45:dd:05:68:da:ae:93:5b:58:0f:
88:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F3:95:19:22:EA:C7:BA:E9:6B:63:8E:8E:09:94:39:8E:AA:99:A6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kfOVGSLqx7rpa2OOjgmUOY6qmaY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
a1:10:29:dc:38:fc:52:06:fa:c0:63:9a:dd:38:fd:d9:28:4b:
10:85:0a:e8:b1:ed:79:d2:db:de:e8:9c:89:bb:11:cd:07:c4:
f6:92:52:09:32:b1:7c:0c:0c:ce:a4:eb:18:dc:a6:4d:f5:48:
50:a9:c9:c2:0a:e3:39:09:fc:4d:5f:dc:a4:50:2f:45:13:23:
f5:4e:2c:d1:7b:8c:9d:0d:35:72:9f:79:a4:70:19:21:7a:72:
6e:46:01:fc:d0:15:2b:66:61:4e:19:5a:6c:69:75:51:7b:23:
6f:6e:d4:ba:14:79:4c:f1:34:51:64:72:56:22:49:07:e1:42:
c9:bc:3e:68:aa:4a:91:0d:44:71:69:8d:db:5e:e5:25:c7:b4:
2e:8b:6a:a7:25:58:61:f0:44:23:3a:a6:5a:2d:31:59:57:63:
3d:a0:72:4f:41:88:62:07:5a:86:92:11:aa:c7:a2:29:37:e3:
5e:d2:87:5b:3f:30:0f:84:f7:cb:9d:14:83:a4:ee:af:ea:17:
87:29:bd:72:94:4b:7a:a8:e6:38:6d:2c:a4:ed:e2:12:cf:d3:
27:2e:e3:ba:f9:3b:25:50:2d:0d:35:cb:db:11:b3:15:44:47:
54:38:9c:ef:d6:35:f4:b1:6c:c0:32:58:69:53:86:bc:9c:a8:
14:30:f7:37
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIx
MDI0MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkxRjM5NTE5MjJFQUM3
QkFFOTZCNjM4RThFMDk5NDM5OEVBQTk5QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDK1N+9pzT34mOVRKb3GA7EP+qYSdg29gtreqhQNnlz1d/XagT
nwQCKZax/9HnduAXUmosgumCm30um4pbmUT3P237cZK/8VPKjPHfV2bZQgjKPqny
dLJo9Gy8TJBnz5SiXjMtirB88s94if1Z0S4I5bj7WOh0RbnzLW9ZT5DUohxwJ2ml
JV6j4piDkAiszAbYSvmBaUSkkjoizDZSj3Ia7HXsq0LXgE1gpUtcwUn4HDWa8snW
v7w0PYziPyXrAjuye2K6rX84nbzM/FLZqniWMRl16hzYyrawH6OIl0jKwZ7evutQ
IClp3f8ADW23oO/ZqohMRd0FaNquk1tYD4jFAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUkfOVGSLqx7rpa2OOjgmUOY6qmaYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tmT1ZHU0xxeDdycGEy
T09qZ21VT1k2cW1hWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAKEQKdw4/FIG+sBj
mt04/dkoSxCFCuix7XnS297onIm7Ec0HxPaSUgkysXwMDM6k6xjcpk31SFCpycIK
4zkJ/E1f3KRQL0UTI/VOLNF7jJ0NNXKfeaRwGSF6cm5GAfzQFStmYU4ZWmxpdVF7
I29u1LoUeUzxNFFkclYiSQfhQsm8PmiqSpENRHFpjdte5SXHtC6LaqclWGHwRCM6
plotMVlXYz2gck9BiGIHWoaSEarHoik3417Sh1s/MA+E98udFIOk7q/qF4cpvXKU
S3qo5jhtLKTt4hLP0ycu47r5OyVQLQ01y9sRsxVER1Q4nO/WNfSxbMAyWGlThryc
qBQw9zc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:05 2024 by rpki-client on console-ams.rpki-client.org