Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/NkOpaHvUqEBPyVV3Np5e2Z9gkjg.roa
File: NkOpaHvUqEBPyVV3Np5e2Z9gkjg.roa (raw, json)
Hash identifier: MHxCvICpgh7i9aEhc5ESbzjQcFaQHinSMUf8iflCTWM=
Subject key identifier: 36:43:A9:68:7B:D4:A8:40:4F:C9:55:77:36:9E:5E:D9:9F:60:92:38
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5595
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NkOpaHvUqEBPyVV3Np5e2Z9gkjg.roa
Signing time: Sun 12 May 2024 16:54:13 +0000
ROA not before: Sun 12 May 2024 16:54:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21909 (0x5595)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 16:54:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3643A9687BD4A8404FC95577369E5ED99F609238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3c:a6:d5:31:a0:64:0a:1d:70:26:7e:8d:29:
b3:a4:9c:12:3f:69:75:d6:83:63:2f:99:e7:80:8f:
c2:60:97:90:99:d5:fc:9d:9c:43:af:38:16:b1:4d:
2a:c5:ee:b2:24:f6:74:f0:28:f7:6c:d8:b2:49:a5:
7c:09:0e:68:cb:e9:28:8b:37:fb:42:e4:96:3d:5f:
15:0f:6b:3d:3d:f1:fc:f4:b3:f2:e1:24:15:5f:57:
8e:be:50:98:db:5d:9e:b8:37:74:25:8b:6b:e2:a9:
69:f7:2e:46:68:f7:59:13:49:ed:02:fa:44:de:68:
86:02:1f:c3:93:62:9a:e7:ea:09:ef:38:0b:5e:e0:
c5:b0:85:fb:2b:42:7d:ed:29:c0:90:86:30:80:44:
57:4f:65:61:2c:ea:7d:a9:44:1c:01:91:a0:44:16:
c1:2d:c3:64:34:97:59:1b:e4:50:42:6f:f1:67:e1:
f6:c5:ee:a8:62:21:d2:68:4a:b2:1c:ac:9e:ff:81:
dc:94:46:29:c2:f4:73:4b:c6:ea:21:28:ae:22:be:
9c:6f:93:09:cc:e0:23:37:f7:ee:5b:e1:88:91:ff:
91:6c:bf:6d:bb:e4:89:48:13:97:75:b2:2d:2b:d6:
f5:64:3e:55:d7:77:f7:8e:0e:af:fb:bc:4e:0b:fc:
b4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:43:A9:68:7B:D4:A8:40:4F:C9:55:77:36:9E:5E:D9:9F:60:92:38
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NkOpaHvUqEBPyVV3Np5e2Z9gkjg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
33:07:3f:96:9f:47:ac:74:c5:cc:89:55:ab:52:d3:25:84:2e:
86:b3:da:15:55:80:c6:89:71:05:f5:a1:e9:89:e6:12:2b:b5:
25:3a:31:20:79:91:f0:79:3c:06:d2:2c:61:24:6a:cd:40:86:
c0:21:bc:d9:5d:78:99:1d:92:32:ae:34:8d:9f:b6:49:a6:96:
f8:c5:14:07:c3:a5:39:59:f8:13:55:ee:77:dc:4c:de:c8:6c:
90:81:63:76:74:cf:f4:35:41:4b:b5:55:18:a3:3a:69:8f:0e:
09:eb:27:1d:fb:61:09:94:19:81:cc:0c:84:8f:f3:36:ec:2d:
c6:a6:27:91:c1:12:8b:8e:c6:21:b3:39:58:f7:d8:59:c8:59:
4e:c2:e5:04:d9:4a:37:7c:21:24:b5:eb:c0:61:d9:32:31:8c:
a3:8d:00:a0:66:00:ad:2d:5e:4f:a9:ab:53:15:59:0e:e5:33:
20:20:4b:f2:02:da:dc:5d:86:3e:7c:e8:e5:e1:24:cd:00:fd:
9f:91:25:42:77:35:5a:ba:07:56:d4:0f:ad:e2:28:e5:fd:ab:
9d:79:46:0b:ca:6b:64:e9:36:3c:ba:c2:db:ac:38:01:8f:7f:
d5:43:41:4d:7d:bd:21:5a:ac:33:3e:66:43:35:f2:1a:92:79:
97:06:26:f9
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICVZUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIx
NjU0MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM2NDNBOTY4N0JENEE4
NDA0RkM5NTU3NzM2OUU1RUQ5OUY2MDkyMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9PKbVMaBkCh1wJn6NKbOknBI/aXXWg2MvmeeAj8Jgl5CZ1fyd
nEOvOBaxTSrF7rIk9nTwKPds2LJJpXwJDmjL6SiLN/tC5JY9XxUPaz098fz0s/Lh
JBVfV46+UJjbXZ64N3Qli2viqWn3LkZo91kTSe0C+kTeaIYCH8OTYprn6gnvOAte
4MWwhfsrQn3tKcCQhjCARFdPZWEs6n2pRBwBkaBEFsEtw2Q0l1kb5FBCb/Fn4fbF
7qhiIdJoSrIcrJ7/gdyURinC9HNLxuohKK4ivpxvkwnM4CM39+5b4YiR/5Fsv227
5IlIE5d1si0r1vVkPlXXd/eODq/7vE4L/LRTAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUNkOpaHvUqEBPyVV3Np5e2Z9gkjgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05rT3BhSHZVcUVCUHlW
VjNOcDVlMlo5Z2tqZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADMHP5afR6x0xcyJ
VatS0yWELoaz2hVVgMaJcQX1oemJ5hIrtSU6MSB5kfB5PAbSLGEkas1AhsAhvNld
eJkdkjKuNI2ftkmmlvjFFAfDpTlZ+BNV7nfcTN7IbJCBY3Z0z/Q1QUu1VRijOmmP
DgnrJx37YQmUGYHMDISP8zbsLcamJ5HBEouOxiGzOVj32FnIWU7C5QTZSjd8ISS1
68Bh2TIxjKONAKBmAK0tXk+pq1MVWQ7lMyAgS/IC2txdhj586OXhJM0A/Z+RJUJ3
NVq6B1bUD63iKOX9q515RgvKa2TpNjy6wtusOAGPf9VDQU19vSFarDM+ZkM18hqS
eZcGJvk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:36 2024 by rpki-client on console-ams.rpki-client.org