Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1023/JLQYInniMmjrZ1vFfNGSmRm-nvs.roa
File: JLQYInniMmjrZ1vFfNGSmRm-nvs.roa (raw, json)
Hash identifier: QlXwsqHXts+1fdHKwVf4SHuTfyC0wOTsCK0g1e5FrpE=
Subject key identifier: 24:B4:18:22:79:E2:32:68:EB:67:5B:C5:7C:D1:92:99:19:BE:9E:FB
Certificate issuer: /CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83
Certificate serial: 06
Authority key identifier: 32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/JLQYInniMmjrZ1vFfNGSmRm-nvs.roa
Signing time: Wed 06 Nov 2024 09:54:30 +0000
ROA not before: Wed 06 Nov 2024 09:54:30 +0000
ROA not after: Thu 06 Nov 2025 09:48:25 +0000
asID: 132883
IP address blocks: 203.83.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83
Validity
Not Before: Nov 6 09:54:30 2024 GMT
Not After : Nov 6 09:48:25 2025 GMT
Subject: CN=24B4182279E23268EB675BC57CD1929919BE9EFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ef:05:86:9c:46:25:a8:97:24:6a:c3:a5:81:
7c:0b:54:2d:f8:7d:45:63:01:ba:a5:bf:c0:f2:eb:
fe:24:68:3c:5a:e5:24:bf:9c:13:9d:91:e6:d5:55:
e6:a1:bd:76:b9:40:fd:18:44:dd:d6:6c:53:a4:32:
d5:62:1d:2c:98:f2:3b:be:78:7b:4f:5d:f8:4b:03:
b5:17:7c:3c:87:b7:b0:b7:49:db:6a:bf:69:1c:4f:
86:62:66:6b:70:c2:de:bc:95:09:dc:6e:90:47:be:
dd:3e:7d:f1:75:f6:65:b1:e1:96:c9:9e:93:64:32:
ec:96:e7:db:11:f8:39:ad:b2:a8:b3:6c:9e:57:dc:
84:d8:c8:44:a6:d0:db:6f:ed:5d:15:75:19:53:7b:
85:1f:5b:a3:bb:60:2f:30:88:d9:ba:98:da:06:1c:
88:7b:a3:b7:94:ba:f9:c7:e2:27:9a:13:81:8d:be:
67:9e:41:37:6c:a8:de:e9:2d:93:f4:e8:08:47:26:
80:b7:65:9c:62:8d:e4:81:6a:65:7d:26:51:20:fd:
9e:88:86:94:33:d2:7c:d0:64:13:c2:5e:c6:1b:59:
33:86:e3:da:27:07:f0:55:5e:55:e8:1d:4f:f5:d6:
e6:47:01:b8:94:01:ad:50:0e:e9:4f:91:b6:21:ea:
9a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B4:18:22:79:E2:32:68:EB:67:5B:C5:7C:D1:92:99:19:BE:9E:FB
X509v3 Authority Key Identifier:
keyid:32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/JLQYInniMmjrZ1vFfNGSmRm-nvs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.83.11.0/24
Signature Algorithm: sha256WithRSAEncryption
69:a7:eb:a1:f7:a0:a4:f0:91:05:db:d9:68:8f:98:52:6d:b9:
88:3b:9e:d6:20:88:bc:bc:a0:71:ab:b2:d8:89:53:1a:59:22:
02:6f:7c:ab:41:a2:5d:73:48:ca:86:2c:76:41:92:3e:97:3d:
f5:32:52:30:65:94:36:55:dc:78:14:4e:f5:28:2f:27:d4:a4:
c0:c4:01:7b:7f:91:80:db:30:ab:68:7b:f9:1f:a3:22:6c:92:
a1:90:5a:7a:b6:b8:a2:2e:65:8e:d1:78:e0:6e:93:4d:ac:e5:
76:27:76:3d:9a:3d:d3:32:f7:d8:8d:30:26:97:6c:7d:41:e1:
97:7b:f1:ab:68:a9:bc:ec:7c:0e:d3:0d:27:24:20:be:33:76:
4c:16:69:58:fe:34:a8:d7:b5:a9:77:ba:c6:f8:6a:8c:38:93:
ea:b8:4b:01:f0:28:76:1d:b0:61:b8:55:ee:40:52:fc:83:ed:
62:78:cb:bc:a7:2e:f4:ae:5c:6c:6f:48:1d:43:6e:98:00:0a:
b0:35:49:ef:77:7e:f3:85:19:75:18:4b:9f:9a:27:9e:b3:6f:
9e:1b:82:51:33:fe:cf:d5:62:7b:e9:80:3e:35:4e:1d:04:92:
46:56:f2:4b:3b:f7:76:64:69:c1:1b:0d:44:82:5d:aa:b1:f4:
67:07:7e:47
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzMkQ1
RUMxNUM1RTU2NEU0NzBFQzdCMTRDRDQ3REUyRDg2MkFDRTgzMB4XDTI0MTEwNjA5
NTQzMFoXDTI1MTEwNjA5NDgyNVowMzExMC8GA1UEAxMoMjRCNDE4MjI3OUUyMzI2
OEVCNjc1QkM1N0NEMTkyOTkxOUJFOUVGQjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKrvBYacRiWolyRqw6WBfAtULfh9RWMBuqW/wPLr/iRoPFrlJL+c
E52R5tVV5qG9drlA/RhE3dZsU6Qy1WIdLJjyO754e09d+EsDtRd8PIe3sLdJ22q/
aRxPhmJma3DC3ryVCdxukEe+3T598XX2ZbHhlsmek2Qy7Jbn2xH4Oa2yqLNsnlfc
hNjIRKbQ22/tXRV1GVN7hR9bo7tgLzCI2bqY2gYciHujt5S6+cfiJ5oTgY2+Z55B
N2yo3uktk/ToCEcmgLdlnGKN5IFqZX0mUSD9noiGlDPSfNBkE8JexhtZM4bj2icH
8FVeVegdT/XW5kcBuJQBrVAO6U+RtiHqmqkCAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBQktBgieeIyaOtnW8V80ZKZGb6e+zAfBgNVHSMEGDAWgBQy1ewVxeVk5HDsexTN
R94thirOgzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMDIz
L010WHNGY1hsWk9SdzdIc1V6VWZlTFlZcXpvTS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTXRYc0ZjWGxaT1J3N0hzVXpVZmVMWVlxem9NLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTAyMy9KTFFZSW5uaU1tanJa
MXZGZk5HU21SbS1udnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAy1MLMA0GCSqGSIb3DQEBCwUAA4IBAQBpp+uh96Ck8JEF29loj5hSbbmIO57W
IIi8vKBxq7LYiVMaWSICb3yrQaJdc0jKhix2QZI+lz31MlIwZZQ2Vdx4FE71KC8n
1KTAxAF7f5GA2zCraHv5H6MibJKhkFp6triiLmWO0XjgbpNNrOV2J3Y9mj3TMvfY
jTAml2x9QeGXe/GraKm87HwO0w0nJCC+M3ZMFmlY/jSo17Wpd7rG+GqMOJPquEsB
8Ch2HbBhuFXuQFL8g+1ieMu8py70rlxsb0gdQ26YAAqwNUnvd37zhRl1GEufmiee
s2+eG4JRM/7P1WJ76YA+NU4dBJJGVvJLO/d2ZGnBGw1Egl2qsfRnB35H
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:23:08 2025 by rpki-client