Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/NGj3aWxU3nC34pg8Zolmi8TvJJM.roa
File: NGj3aWxU3nC34pg8Zolmi8TvJJM.roa (raw, json)
Hash identifier: XrPZPu+bMqacBOdsFjABSt1SQjtLeJijcOYoB5QsF1k=
Subject key identifier: 34:68:F7:69:6C:54:DE:70:B7:E2:98:3C:66:89:66:8B:C4:EF:24:93
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3899
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NGj3aWxU3nC34pg8Zolmi8TvJJM.roa
Signing time: Thu 04 Apr 2024 01:22:23 +0000
ROA not before: Thu 04 Apr 2024 01:22:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14489 (0x3899)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 01:22:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3468F7696C54DE70B7E2983C6689668BC4EF2493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:af:4a:cf:57:a6:e8:fb:19:cb:38:43:6e:a6:
71:20:32:1c:cc:af:4e:b4:0a:64:c8:8b:2e:13:f9:
b8:89:f7:37:83:1f:b5:90:13:35:5a:44:2b:9a:e1:
22:07:0c:1f:9a:b2:eb:2e:5d:0c:9d:3b:e2:88:3d:
d6:83:21:73:d3:7e:71:b2:0c:d0:e2:1e:98:52:85:
a1:6d:8b:49:71:99:eb:04:44:03:1d:7d:55:1b:d2:
64:8a:28:8b:19:cf:a0:58:1a:fa:29:36:80:07:9b:
f4:c1:80:75:08:3c:70:8e:db:65:b4:d5:de:fa:69:
31:4f:f4:26:88:d6:5e:b4:f9:f0:31:ab:ad:99:7a:
42:6f:7f:20:b2:72:96:9a:67:9d:0b:d0:90:6c:87:
8e:8e:fc:25:c2:68:fb:70:02:40:98:43:c4:4e:00:
c7:ac:05:2b:38:e0:df:bb:3b:69:81:5f:88:e3:19:
23:33:22:51:0f:9c:b1:2e:c9:fe:9d:80:82:9a:de:
21:3b:bb:86:a0:82:98:16:9b:93:f1:7e:de:a5:99:
28:f7:46:95:72:d4:0b:f1:6b:24:ef:31:78:e8:d2:
a5:be:dc:70:fa:e2:b2:ed:5b:89:62:63:f0:be:85:
86:64:90:3e:d2:ce:0c:85:ac:c7:e9:53:ff:76:7f:
af:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:68:F7:69:6C:54:DE:70:B7:E2:98:3C:66:89:66:8B:C4:EF:24:93
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NGj3aWxU3nC34pg8Zolmi8TvJJM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
16:ee:b8:be:a5:0c:f6:97:de:a3:31:3d:07:f8:16:e9:0b:ce:
cc:73:8a:c7:09:15:c2:6e:d1:be:7e:f1:16:63:91:a5:35:39:
68:31:ee:71:09:4f:28:5a:ba:17:77:16:4a:43:53:3c:f2:6a:
06:53:5d:e6:8d:3e:80:30:1f:fb:48:53:ba:6f:13:35:06:d8:
2f:61:70:fb:d4:e9:fa:68:a9:a7:9f:d8:67:4b:4b:59:f4:37:
b6:d4:f3:92:ec:8f:69:f2:9b:33:75:97:3f:5e:50:25:29:c0:
84:66:38:e4:3c:6a:9a:a3:15:0f:71:8f:b8:de:8b:df:8f:f8:
96:c4:cc:2f:a2:8d:3b:7d:7b:de:2f:56:96:01:3f:55:b1:3d:
35:cf:19:8b:0d:a2:3d:df:61:72:2d:a9:98:9a:87:7d:d9:68:
c6:96:04:59:b2:9a:66:f0:3b:d5:0a:d4:b0:6d:2d:97:7a:c4:
69:f1:b1:7c:7e:87:cc:b2:0f:f4:f3:e2:8d:d1:40:10:63:3b:
2f:7b:16:f0:87:d1:2a:52:2c:f6:19:30:bb:6a:68:42:cc:ce:
d6:d0:ff:d2:75:23:d0:8e:b0:af:36:da:95:66:0c:57:3a:83:
ad:22:90:8b:93:fb:50:d8:ce:05:39:47:d3:76:33:76:a9:e7:
d9:21:bd:f3
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQw
MTIyMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM0NjhGNzY5NkM1NERF
NzBCN0UyOTgzQzY2ODk2NjhCQzRFRjI0OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzr0rPV6bo+xnLOENupnEgMhzMr060CmTIiy4T+biJ9zeDH7WQ
EzVaRCua4SIHDB+asusuXQydO+KIPdaDIXPTfnGyDNDiHphShaFti0lxmesERAMd
fVUb0mSKKIsZz6BYGvopNoAHm/TBgHUIPHCO22W01d76aTFP9CaI1l60+fAxq62Z
ekJvfyCycpaaZ50L0JBsh46O/CXCaPtwAkCYQ8ROAMesBSs44N+7O2mBX4jjGSMz
IlEPnLEuyf6dgIKa3iE7u4aggpgWm5Pxft6lmSj3RpVy1AvxayTvMXjo0qW+3HD6
4rLtW4liY/C+hYZkkD7SzgyFrMfpU/92f6+tAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUNGj3aWxU3nC34pg8Zolmi8TvJJMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05HajNhV3hVM25DMzRw
Zzhab2xtaThUdkpKTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBABbuuL6lDPaX3qMx
PQf4FukLzsxziscJFcJu0b5+8RZjkaU1OWgx7nEJTyhauhd3FkpDUzzyagZTXeaN
PoAwH/tIU7pvEzUG2C9hcPvU6fpoqaef2GdLS1n0N7bU85Lsj2nymzN1lz9eUCUp
wIRmOOQ8apqjFQ9xj7jei9+P+JbEzC+ijTt9e94vVpYBP1WxPTXPGYsNoj3fYXIt
qZiah33ZaMaWBFmymmbwO9UK1LBtLZd6xGnxsXx+h8yyD/Tz4o3RQBBjOy97FvCH
0SpSLPYZMLtqaELMztbQ/9J1I9COsK822pVmDFc6g60ikIuT+1DYzgU5R9N2M3ap
59khvfM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:21 2024 by rpki-client on console-fra.rpki-client.org