Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kfmTAaCXivQMSyAVadSTVEE98Yw.roa
File: kfmTAaCXivQMSyAVadSTVEE98Yw.roa (raw, json)
Hash identifier: lJX850Yt0WhUB0ono9IQ3jObaGW9Gg2GTc/y5Vja7s8=
Subject key identifier: 91:F9:93:01:A0:97:8A:F4:0C:4B:20:15:69:D4:93:54:41:3D:F1:8C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5809
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kfmTAaCXivQMSyAVadSTVEE98Yw.roa
Signing time: Wed 15 May 2024 23:24:13 +0000
ROA not before: Wed 15 May 2024 23:24:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22537 (0x5809)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 23:24:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=91F99301A0978AF40C4B201569D49354413DF18C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1e:e9:d4:4e:6f:49:bd:f9:a4:d9:0e:82:31:
12:c5:87:94:13:de:ec:74:97:47:45:62:cc:5c:b9:
f3:bc:60:d8:a8:f8:2a:1e:e2:fd:cd:b8:10:98:26:
3d:1c:ac:8f:dd:e2:fc:04:e5:57:1e:a2:85:a7:8c:
ae:e3:2f:e0:65:42:fa:0d:5c:6d:fe:80:1d:f8:3d:
ef:37:b5:dd:40:04:37:d5:e3:78:2d:2f:cf:60:a1:
1a:a3:92:a1:46:17:26:a3:24:c9:d0:41:0b:a3:69:
0e:48:e0:54:9f:85:fc:12:fb:b0:80:e0:53:f9:49:
e1:94:29:82:81:d0:58:5a:ca:56:e8:bc:f7:ba:b5:
2c:0a:9b:47:92:d7:04:ec:18:ec:8e:be:03:38:e7:
c0:19:8f:a5:9d:bf:8f:46:92:18:53:e4:9a:b0:6f:
5d:ac:fd:0e:55:ea:04:af:92:c9:b2:fa:2b:4d:55:
47:ed:10:ba:7e:eb:43:06:79:9e:0c:74:ef:97:68:
d8:35:6c:06:17:26:bd:68:08:de:01:a7:5b:be:82:
a6:bc:9f:e4:41:2e:3a:e3:07:29:4d:65:8d:63:22:
67:3d:5e:11:dc:10:df:76:81:75:49:39:4c:0a:2f:
2a:43:87:75:e3:1f:77:38:f9:40:cd:c9:9d:67:9a:
97:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F9:93:01:A0:97:8A:F4:0C:4B:20:15:69:D4:93:54:41:3D:F1:8C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kfmTAaCXivQMSyAVadSTVEE98Yw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
97:15:ec:80:71:26:a5:a9:cd:0c:8f:c2:3d:12:ea:6b:db:ef:
ae:37:9a:65:fe:3f:66:2c:d9:62:bb:57:a1:2c:78:75:6d:9f:
44:cd:f2:0a:85:d0:85:f1:ca:46:fb:c5:17:50:f9:96:26:1c:
e6:c3:7b:51:bd:6e:f3:98:2d:f3:6a:16:02:9d:33:8d:f2:8a:
0c:87:63:65:80:66:ca:52:57:bf:ae:bf:31:58:8e:1a:96:44:
05:84:00:1a:26:09:08:9e:c9:ac:e1:a1:c7:8a:8e:72:a0:77:
bb:10:75:25:52:c9:b9:26:75:39:63:c9:ca:59:38:9d:40:99:
8f:cf:53:bd:f1:14:05:96:82:cc:33:44:f7:cb:26:8a:9c:ae:
3d:46:c2:1d:10:7d:fd:05:7d:5a:6a:8f:42:20:e7:6f:f5:f8:
bb:56:e8:9b:b9:4c:c6:aa:aa:c1:17:72:82:b4:76:22:3e:2c:
7c:7e:08:71:3a:60:81:48:19:43:2c:11:18:a1:d3:ce:36:10:
72:07:54:b7:e4:c1:65:d2:c2:24:4e:ff:23:da:29:61:da:86:
b6:0a:e5:2c:41:ec:71:a9:59:39:f0:0f:0d:1a:cb:7e:1a:0c:
e7:8b:1e:4a:58:64:9d:b8:d4:de:77:49:7c:be:f9:c4:bc:b7:
36:52:54:32
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICWAkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUy
MzI0MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkxRjk5MzAxQTA5NzhB
RjQwQzRCMjAxNTY5RDQ5MzU0NDEzREYxOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9HunUTm9Jvfmk2Q6CMRLFh5QT3ux0l0dFYsxcufO8YNio+Coe
4v3NuBCYJj0crI/d4vwE5VceooWnjK7jL+BlQvoNXG3+gB34Pe83td1ABDfV43gt
L89goRqjkqFGFyajJMnQQQujaQ5I4FSfhfwS+7CA4FP5SeGUKYKB0FhaylbovPe6
tSwKm0eS1wTsGOyOvgM458AZj6Wdv49GkhhT5Jqwb12s/Q5V6gSvksmy+itNVUft
ELp+60MGeZ4MdO+XaNg1bAYXJr1oCN4Bp1u+gqa8n+RBLjrjBylNZY1jImc9XhHc
EN92gXVJOUwKLypDh3XjH3c4+UDNyZ1nmpe7AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUkfmTAaCXivQMSyAVadSTVEE98YwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tmbVRBYUNYaXZRTVN5
QVZhZFNUVkVFOThZdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJcV7IBxJqWpzQyP
wj0S6mvb7643mmX+P2Ys2WK7V6EseHVtn0TN8gqF0IXxykb7xRdQ+ZYmHObDe1G9
bvOYLfNqFgKdM43yigyHY2WAZspSV7+uvzFYjhqWRAWEABomCQieyazhoceKjnKg
d7sQdSVSybkmdTljycpZOJ1AmY/PU73xFAWWgswzRPfLJoqcrj1Gwh0Qff0FfVpq
j0Ig52/1+LtW6Ju5TMaqqsEXcoK0diI+LHx+CHE6YIFIGUMsERih0842EHIHVLfk
wWXSwiRO/yPaKWHahrYK5SxB7HGpWTnwDw0ay34aDOeLHkpYZJ241N53SXy++cS8
tzZSVDI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org