Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/NCLTv6pWrirX349Cye53KIaydSE.roa
File: NCLTv6pWrirX349Cye53KIaydSE.roa (raw, json)
Hash identifier: wskOqIzZYVfEh6Lr2TGTTEGg2ubTlQm5npPrKTsNqZw=
Subject key identifier: 34:22:D3:BF:AA:56:AE:2A:D7:DF:8F:42:C9:EE:77:28:86:B2:75:21
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4869
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NCLTv6pWrirX349Cye53KIaydSE.roa
Signing time: Thu 25 Apr 2024 03:23:19 +0000
ROA not before: Thu 25 Apr 2024 03:23:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18537 (0x4869)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 03:23:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3422D3BFAA56AE2AD7DF8F42C9EE772886B27521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c6:c7:07:52:b9:fe:7c:d8:ae:7e:ec:aa:f5:
d9:08:b7:7f:c6:8f:a3:c1:a6:7a:06:53:d9:89:b0:
40:c9:40:85:29:e1:df:3d:ce:e9:5d:ac:d3:58:f1:
55:45:01:53:f6:c9:de:57:b9:f2:43:62:38:ad:da:
fa:c2:d5:1f:5a:a6:0e:23:ee:1d:00:9c:2b:23:9d:
00:cb:b4:bf:64:de:59:a4:2e:69:90:61:c5:5a:31:
ec:6e:a2:db:db:7e:94:02:6d:36:d0:4c:df:ac:17:
b3:8d:d7:cb:4e:d6:ea:cd:24:89:61:ad:a2:7b:3a:
6c:a5:48:62:c5:8d:5e:d6:b5:76:03:8d:a8:e0:5a:
f8:18:d8:20:c5:43:c6:85:00:7d:cd:9a:75:57:d3:
79:ab:00:a8:89:c1:89:ec:63:30:d7:18:5e:70:ab:
db:ab:29:5e:d5:5b:99:12:8e:53:b5:51:57:00:de:
29:3a:af:13:7b:d2:15:6c:ae:15:b9:cf:df:46:78:
ab:77:76:61:80:2a:38:d6:4c:a4:44:25:38:8f:44:
16:53:3a:ab:d1:80:f4:07:a7:18:95:ae:19:33:77:
7b:1e:05:98:31:42:51:6a:43:e6:9a:18:c5:e3:6d:
6c:71:72:8c:d2:76:6a:9e:a3:b8:35:53:55:38:6f:
12:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:22:D3:BF:AA:56:AE:2A:D7:DF:8F:42:C9:EE:77:28:86:B2:75:21
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NCLTv6pWrirX349Cye53KIaydSE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
5c:71:ca:cf:51:2a:b0:2e:35:11:ee:0b:31:65:05:cd:56:3d:
e2:b9:2d:e3:b5:27:0d:37:d5:50:fe:11:a1:6b:ed:52:c1:17:
9c:df:98:8c:e4:da:98:20:d5:44:84:f7:82:f5:26:68:9f:9d:
16:9a:aa:d3:9b:27:73:f0:20:a1:cc:06:32:3c:52:b3:69:c7:
37:89:6f:4c:72:43:7e:40:5b:3f:de:6e:8f:45:c7:c3:21:d8:
02:ad:85:3a:3d:df:fe:97:e4:22:cb:fa:06:32:13:fb:f2:1c:
58:bd:27:54:ad:16:21:fd:1c:16:93:24:d3:0d:be:51:97:0f:
19:a9:84:d7:8c:60:f3:87:77:eb:8c:fd:2d:a5:e7:ac:5d:86:
46:8f:b4:b5:b4:29:f5:5d:04:9e:11:dd:1f:b6:16:f9:60:50:
cf:b2:ad:2e:51:6a:58:c3:3a:84:da:21:ef:c1:5a:8f:6c:bc:
e3:18:45:41:74:95:2e:8e:44:8f:ad:26:dc:2a:fd:dd:55:ca:
e0:9e:18:c5:9b:34:32:72:db:0d:04:0a:5a:9f:9a:98:07:48:
c1:82:99:21:34:1e:34:75:1e:d2:68:94:d6:49:3f:ca:65:22:
76:e7:03:54:69:18:76:71:6e:ed:df:85:29:68:03:d7:d9:66:
43:4c:52:c8
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSGkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUw
MzIzMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM0MjJEM0JGQUE1NkFF
MkFEN0RGOEY0MkM5RUU3NzI4ODZCMjc1MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvxscHUrn+fNiufuyq9dkIt3/Gj6PBpnoGU9mJsEDJQIUp4d89
zuldrNNY8VVFAVP2yd5XufJDYjit2vrC1R9apg4j7h0AnCsjnQDLtL9k3lmkLmmQ
YcVaMexuotvbfpQCbTbQTN+sF7ON18tO1urNJIlhraJ7OmylSGLFjV7WtXYDjajg
WvgY2CDFQ8aFAH3NmnVX03mrAKiJwYnsYzDXGF5wq9urKV7VW5kSjlO1UVcA3ik6
rxN70hVsrhW5z99GeKt3dmGAKjjWTKREJTiPRBZTOqvRgPQHpxiVrhkzd3seBZgx
QlFqQ+aaGMXjbWxxcozSdmqeo7g1U1U4bxLvAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUNCLTv6pWrirX349Cye53KIaydSEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05DTFR2NnBXcmlyWDM0
OUN5ZTUzS0lheWRTRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAFxxys9RKrAuNRHu
CzFlBc1WPeK5LeO1Jw031VD+EaFr7VLBF5zfmIzk2pgg1USE94L1JmifnRaaqtOb
J3PwIKHMBjI8UrNpxzeJb0xyQ35AWz/ebo9Fx8Mh2AKthTo93/6X5CLL+gYyE/vy
HFi9J1StFiH9HBaTJNMNvlGXDxmphNeMYPOHd+uM/S2l56xdhkaPtLW0KfVdBJ4R
3R+2FvlgUM+yrS5RaljDOoTaIe/BWo9svOMYRUF0lS6ORI+tJtwq/d1VyuCeGMWb
NDJy2w0EClqfmpgHSMGCmSE0HjR1HtJolNZJP8plInbnA1RpGHZxbu3fhSloA9fZ
ZkNMUsg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:21 2024 by rpki-client on console-fra.rpki-client.org