Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kfjH-GI2_QOKjvtLZkpQwX39Eq4.roa
File: kfjH-GI2_QOKjvtLZkpQwX39Eq4.roa (raw, json)
Hash identifier: X+h673b3Ko4XvNkY3Zva5tT7WJziKOm4IN4iDZ99kGU=
Subject key identifier: 91:F8:C7:F8:62:36:FD:03:8A:8E:FB:4B:66:4A:50:C1:7D:FD:12:AE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B65
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kfjH-GI2_QOKjvtLZkpQwX39Eq4.roa
Signing time: Mon 29 Apr 2024 02:53:38 +0000
ROA not before: Mon 29 Apr 2024 02:53:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19301 (0x4b65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 02:53:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=91F8C7F86236FD038A8EFB4B664A50C17DFD12AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3b:cf:75:e3:67:ae:5c:a4:c5:9a:5a:7d:7f:
b7:3c:ac:7b:d2:6a:ce:79:dc:4d:75:22:17:ae:4c:
04:21:fc:82:e0:5c:80:a9:c7:41:93:4b:3c:8d:db:
74:b2:d4:a1:99:19:10:b3:57:a0:e9:92:39:8e:79:
81:e2:b5:35:b8:e2:d8:80:c1:97:d7:9e:b9:5a:c0:
ee:a3:78:a5:8f:bf:96:5f:bd:01:82:67:40:49:2d:
d5:4e:e4:50:17:b4:20:98:25:f4:3a:39:81:ee:36:
f1:9e:28:a9:52:21:23:a0:44:28:4c:98:fd:48:43:
15:40:1b:cb:e4:e2:dd:74:df:5f:79:f2:16:a1:6a:
13:9c:db:16:b1:3d:bd:a1:2e:bb:9a:5a:8e:f4:0a:
43:38:76:d0:20:fc:30:d9:0e:7f:e4:45:94:48:32:
49:31:f2:b8:03:86:f9:e3:2a:99:1b:c9:79:16:a4:
3d:02:90:9d:a2:67:1f:b6:78:10:67:d0:4a:0c:2c:
84:02:6f:81:12:61:cb:f2:03:78:53:fe:95:fb:95:
74:eb:4d:bc:ca:59:3c:43:ff:af:ad:1e:41:6e:fe:
9d:01:a8:69:e2:be:c4:8a:e8:25:87:ed:07:be:1f:
d6:5b:f9:34:44:8b:ac:c1:5b:5d:63:a0:c8:8a:c4:
42:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F8:C7:F8:62:36:FD:03:8A:8E:FB:4B:66:4A:50:C1:7D:FD:12:AE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kfjH-GI2_QOKjvtLZkpQwX39Eq4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
79:66:d0:03:e8:db:6a:1b:e6:b8:48:b0:78:c8:4b:da:9f:17:
36:7a:36:23:14:97:f6:c9:e2:09:b7:e7:84:a1:55:13:82:1e:
e8:8c:f6:33:b1:b4:f3:5b:02:04:2e:49:cb:31:39:6f:a9:46:
95:09:f6:1b:d8:16:c7:21:cb:44:72:43:04:54:45:b3:78:ea:
ab:29:f4:82:a5:39:31:7d:f4:ce:f8:15:ec:eb:f9:bf:8b:d6:
c1:45:24:9b:26:b1:25:b6:0d:58:72:7a:04:01:61:8d:70:62:
3e:b0:9f:f8:d5:fa:e7:ab:5d:93:1c:f7:cf:bd:2a:57:07:0a:
29:10:50:d7:96:ba:4d:58:d3:95:27:2b:6c:43:05:1f:7c:3a:
9d:7d:61:43:6b:c0:c6:dd:b7:4a:1c:c1:b3:0d:04:70:a4:b4:
c6:d9:66:02:ca:7e:f1:95:49:54:66:66:c1:b8:49:42:b5:8d:
41:24:6b:b1:f6:eb:5a:44:14:53:83:5f:20:e4:60:0e:2d:68:
fc:5f:35:c4:50:a9:05:6a:52:6b:80:2c:82:db:73:19:86:23:
90:ba:ac:73:c9:68:6c:5a:40:4c:ef:53:02:95:cd:f5:16:46:
08:77:59:1f:75:b1:7f:bd:a1:16:85:ac:95:37:ee:2c:29:3f:
ff:33:ab:70
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICS2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjkw
MjUzMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkxRjhDN0Y4NjIzNkZE
MDM4QThFRkI0QjY2NEE1MEMxN0RGRDEyQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4O89142euXKTFmlp9f7c8rHvSas553E11IheuTAQh/ILgXICp
x0GTSzyN23Sy1KGZGRCzV6DpkjmOeYHitTW44tiAwZfXnrlawO6jeKWPv5ZfvQGC
Z0BJLdVO5FAXtCCYJfQ6OYHuNvGeKKlSISOgRChMmP1IQxVAG8vk4t1031958hah
ahOc2xaxPb2hLruaWo70CkM4dtAg/DDZDn/kRZRIMkkx8rgDhvnjKpkbyXkWpD0C
kJ2iZx+2eBBn0EoMLIQCb4ESYcvyA3hT/pX7lXTrTbzKWTxD/6+tHkFu/p0BqGni
vsSK6CWH7Qe+H9Zb+TREi6zBW11joMiKxEJpAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUkfjH+GI2/QOKjvtLZkpQwX39Eq4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tmakgtR0kyX1FPS2p2
dExaa3BRd1gzOUVxNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHlm0APo22ob5rhI
sHjIS9qfFzZ6NiMUl/bJ4gm354ShVROCHuiM9jOxtPNbAgQuScsxOW+pRpUJ9hvY
Fschy0RyQwRURbN46qsp9IKlOTF99M74Fezr+b+L1sFFJJsmsSW2DVhyegQBYY1w
Yj6wn/jV+uerXZMc98+9KlcHCikQUNeWuk1Y05UnK2xDBR98Op19YUNrwMbdt0oc
wbMNBHCktMbZZgLKfvGVSVRmZsG4SUK1jUEka7H261pEFFODXyDkYA4taPxfNcRQ
qQVqUmuALILbcxmGI5C6rHPJaGxaQEzvUwKVzfUWRgh3WR91sX+9oRaFrJU37iwp
P/8zq3A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org