Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/NYXMljsagzBshAYAqtEZ3z9sacE.roa
File: NYXMljsagzBshAYAqtEZ3z9sacE.roa (raw, json)
Hash identifier: JxGHFWYiY0eHSh2rblLOeh3owWIFlh822yk9V2i+bcc=
Subject key identifier: 35:85:CC:96:3B:1A:83:30:6C:84:06:00:AA:D1:19:DF:3F:6C:69:C1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4A7D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NYXMljsagzBshAYAqtEZ3z9sacE.roa
Signing time: Sat 27 Apr 2024 21:53:27 +0000
ROA not before: Sat 27 Apr 2024 21:53:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19069 (0x4a7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 27 21:53:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3585CC963B1A83306C840600AAD119DF3F6C69C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7b:db:61:e4:d8:b3:47:18:1b:69:ca:2b:62:
a3:d8:5c:ae:dc:ba:7e:23:62:2d:94:fd:57:c9:c8:
7f:33:5f:b4:1e:6c:17:54:06:be:2f:af:1a:46:8e:
97:87:6e:37:d8:75:fd:59:76:ba:c9:1e:57:7e:ad:
2f:41:47:4b:b9:c6:94:6b:26:c3:bb:05:32:1d:2a:
50:14:1f:1a:ee:d4:9f:9c:c1:99:aa:fa:8e:a1:18:
b8:c0:e4:c3:30:bc:cf:c7:45:a6:50:d3:7f:80:51:
76:9a:7d:7e:48:1f:99:2d:52:a0:79:c0:ed:84:e1:
94:b9:08:6e:29:71:ff:21:6e:86:e5:d6:e6:ab:d2:
93:88:25:4f:b1:81:d6:3c:f6:e5:82:a5:16:3b:5c:
a8:06:a0:a0:dc:0f:3c:99:7d:32:3c:da:34:45:b4:
0b:93:e8:d1:ab:cb:5c:83:3c:d7:c5:37:44:31:64:
03:cb:f0:92:8e:d8:60:49:5c:d3:f5:15:69:32:e8:
0e:d7:e1:41:2c:c2:7a:2c:a1:db:0e:89:4a:77:27:
17:c2:c7:cc:57:d8:48:46:21:92:3c:d8:28:4f:9e:
0b:91:59:c0:78:85:db:17:55:29:36:57:87:ff:41:
65:d0:f0:d7:48:ed:6a:b8:15:5d:13:a5:6e:70:94:
6d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:85:CC:96:3B:1A:83:30:6C:84:06:00:AA:D1:19:DF:3F:6C:69:C1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NYXMljsagzBshAYAqtEZ3z9sacE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
26:0a:9d:ae:19:37:b6:bb:88:a1:8b:50:e8:26:88:6e:98:0d:
b5:50:a6:27:33:e3:97:78:75:11:68:da:0a:38:92:20:13:77:
8c:5f:2f:e6:e6:ee:e3:09:25:d9:e8:b8:69:49:8c:b2:bb:a3:
c0:86:1b:a8:71:c8:fb:cb:2e:af:cb:d1:61:fa:0a:f9:af:59:
a3:9b:e0:ad:60:ef:7b:8b:2f:01:54:6a:0b:19:7f:2b:17:69:
1f:6f:eb:33:fc:2d:90:b5:2c:11:be:93:2c:6e:8c:b1:f2:32:
c1:b6:2c:86:3b:48:6d:ac:28:43:24:6b:05:6f:1d:fc:fd:98:
3f:8c:54:79:b7:6d:52:8c:d4:e6:bb:57:ac:ee:d8:2b:89:f3:
0b:23:e4:81:01:61:64:5d:68:58:22:05:c3:d7:e6:b5:d0:14:
28:0d:ad:b5:9f:ef:b4:60:46:7b:29:a6:ae:c8:a4:a5:08:81:
9f:4e:d2:de:3e:fe:d6:83:27:1c:1c:2a:54:10:e5:bc:23:d1:
85:41:c6:66:5f:4a:63:a3:f7:fb:ca:f9:ba:5b:da:66:d5:21:
ae:fd:75:62:31:1b:ac:64:60:b6:40:e3:2d:a1:f3:6c:8c:c6:
f8:0e:5f:08:cd:ad:4b:4c:a1:a2:64:de:c5:16:3c:11:09:11:
40:a6:50:6c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICSn0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjcy
MTUzMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM1ODVDQzk2M0IxQTgz
MzA2Qzg0MDYwMEFBRDExOURGM0Y2QzY5QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4e9th5NizRxgbacorYqPYXK7cun4jYi2U/VfJyH8zX7QebBdU
Br4vrxpGjpeHbjfYdf1ZdrrJHld+rS9BR0u5xpRrJsO7BTIdKlAUHxru1J+cwZmq
+o6hGLjA5MMwvM/HRaZQ03+AUXaafX5IH5ktUqB5wO2E4ZS5CG4pcf8hbobl1uar
0pOIJU+xgdY89uWCpRY7XKgGoKDcDzyZfTI82jRFtAuT6NGry1yDPNfFN0QxZAPL
8JKO2GBJXNP1FWky6A7X4UEswnosodsOiUp3JxfCx8xX2EhGIZI82ChPnguRWcB4
hdsXVSk2V4f/QWXQ8NdI7Wq4FV0TpW5wlG3BAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUNYXMljsagzBshAYAqtEZ3z9sacEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05ZWE1sanNhZ3pCc2hB
WUFxdEVaM3o5c2FjRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBACYKna4ZN7a7iKGL
UOgmiG6YDbVQpicz45d4dRFo2go4kiATd4xfL+bm7uMJJdnouGlJjLK7o8CGG6hx
yPvLLq/L0WH6CvmvWaOb4K1g73uLLwFUagsZfysXaR9v6zP8LZC1LBG+kyxujLHy
MsG2LIY7SG2sKEMkawVvHfz9mD+MVHm3bVKM1Oa7V6zu2CuJ8wsj5IEBYWRdaFgi
BcPX5rXQFCgNrbWf77RgRnsppq7IpKUIgZ9O0t4+/taDJxwcKlQQ5bwj0YVBxmZf
SmOj9/vK+bpb2mbVIa79dWIxG6xkYLZA4y2h82yMxvgOXwjNrUtMoaJk3sUWPBEJ
EUCmUGw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:27 2025 by rpki-client