Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/NAL5FbzUXVLbmWQPRF7UDtONplw.roa
File: NAL5FbzUXVLbmWQPRF7UDtONplw.roa (raw, json)
Hash identifier: /t/yyLiqwdezIe+/afzXAixQnMo0sVR8zJ/b/Rgca1k=
Subject key identifier: 34:02:F9:15:BC:D4:5D:52:DB:99:64:0F:44:5E:D4:0E:D3:8D:A6:5C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3461
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NAL5FbzUXVLbmWQPRF7UDtONplw.roa
Signing time: Fri 29 Mar 2024 10:22:04 +0000
ROA not before: Fri 29 Mar 2024 10:22:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13409 (0x3461)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 10:22:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3402F915BCD45D52DB99640F445ED40ED38DA65C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:21:76:29:31:ed:fc:84:bd:47:23:57:ab:75:
54:b1:e5:78:fa:77:a0:fe:eb:12:07:7a:19:12:f9:
ed:e8:0d:c2:ef:0d:07:f0:9c:13:86:07:f5:cf:08:
ff:47:1a:f8:b5:34:3d:11:09:29:c0:82:85:bd:d1:
86:fb:ee:0e:3c:88:22:87:48:75:36:53:09:a1:2c:
23:c0:a5:b5:31:97:a9:c5:83:08:a6:fc:6e:ed:f6:
d7:0f:80:31:26:76:ee:80:49:f5:70:9f:f6:8b:79:
ab:48:ce:d7:c4:68:ae:87:68:56:72:14:7e:8f:e5:
29:87:8a:a5:68:c4:5b:37:21:42:71:33:ba:1e:95:
7e:5b:0d:e6:97:b9:87:d0:b9:37:3d:bf:39:87:d5:
da:a1:5e:97:45:43:6c:be:4a:5b:40:d2:61:6a:b4:
c7:43:fe:77:4c:aa:a1:d5:8e:9d:1c:31:03:ef:5e:
ee:0e:a7:71:4b:6a:05:70:64:b3:32:71:b9:92:da:
29:af:ae:0c:48:9a:28:42:ad:8f:34:87:ea:b8:9e:
43:7d:7e:88:31:c4:29:82:b6:06:82:df:ca:a5:1c:
89:4d:79:26:c8:4a:80:47:2b:77:47:de:53:95:df:
94:a2:a9:83:91:23:02:e9:90:34:15:60:04:10:f9:
7f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:02:F9:15:BC:D4:5D:52:DB:99:64:0F:44:5E:D4:0E:D3:8D:A6:5C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NAL5FbzUXVLbmWQPRF7UDtONplw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
97:fb:dd:84:c7:52:19:18:64:27:ed:90:71:a7:24:eb:4e:63:
b5:a6:88:d9:1f:b3:1e:cd:7e:4b:3b:ed:37:c2:4d:6a:25:9c:
d1:09:cd:12:85:99:1a:ec:2e:10:99:57:f4:81:55:f5:7f:86:
d1:54:56:01:ab:d9:8b:7f:38:2b:2a:e2:21:83:5c:b5:95:d9:
74:26:f9:42:0a:14:e1:a3:be:2c:96:86:ad:2c:42:ec:51:8e:
c0:6a:d9:5d:ca:95:71:7d:04:75:39:44:3f:fc:7a:4e:a6:54:
98:3b:fe:1f:f9:bf:f7:b5:80:b2:df:2a:a4:5a:30:3a:c1:7b:
4f:95:00:fd:72:1b:0d:f5:89:4b:89:2e:ed:45:8f:79:61:9e:
19:5e:de:e2:9b:8f:a3:93:b7:56:76:5c:1c:b9:05:3c:a3:01:
3f:20:ad:97:de:8f:18:a5:66:8c:ba:fc:fa:96:1f:76:cd:08:
bd:1f:67:8c:99:5b:32:75:41:8c:60:2e:c1:44:c6:8f:7d:e3:
17:79:be:bc:86:96:42:cc:51:af:6c:f1:74:88:b3:32:98:f3:
94:17:1a:7b:96:ff:56:16:be:15:54:7a:15:78:00:0a:73:f2:
1f:37:66:8f:1c:5b:0c:5e:95:cc:81:69:bd:2c:70:21:29:20:
02:13:6a:0c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNGEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkx
MDIyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM0MDJGOTE1QkNENDVE
NTJEQjk5NjQwRjQ0NUVENDBFRDM4REE2NUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChIXYpMe38hL1HI1erdVSx5Xj6d6D+6xIHehkS+e3oDcLvDQfw
nBOGB/XPCP9HGvi1ND0RCSnAgoW90Yb77g48iCKHSHU2UwmhLCPApbUxl6nFgwim
/G7t9tcPgDEmdu6ASfVwn/aLeatIztfEaK6HaFZyFH6P5SmHiqVoxFs3IUJxM7oe
lX5bDeaXuYfQuTc9vzmH1dqhXpdFQ2y+SltA0mFqtMdD/ndMqqHVjp0cMQPvXu4O
p3FLagVwZLMycbmS2imvrgxImihCrY80h+q4nkN9fogxxCmCtgaC38qlHIlNeSbI
SoBHK3dH3lOV35SiqYORIwLpkDQVYAQQ+X8lAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUNAL5FbzUXVLbmWQPRF7UDtONplwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05BTDVGYnpVWFZMYm1X
UVBSRjdVRHRPTnBsdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJf73YTHUhkYZCft
kHGnJOtOY7WmiNkfsx7Nfks77TfCTWolnNEJzRKFmRrsLhCZV/SBVfV/htFUVgGr
2Yt/OCsq4iGDXLWV2XQm+UIKFOGjviyWhq0sQuxRjsBq2V3KlXF9BHU5RD/8ek6m
VJg7/h/5v/e1gLLfKqRaMDrBe0+VAP1yGw31iUuJLu1Fj3lhnhle3uKbj6OTt1Z2
XBy5BTyjAT8grZfejxilZoy6/PqWH3bNCL0fZ4yZWzJ1QYxgLsFExo994xd5vryG
lkLMUa9s8XSIszKY85QXGnuW/1YWvhVUehV4AApz8h83Zo8cWwxelcyBab0scCEp
IAITagw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:39:40 2025 by rpki-client