Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/nkUlAipcxboCX5iFqjQneFvmL0A.roa
File: nkUlAipcxboCX5iFqjQneFvmL0A.roa (raw, json)
Hash identifier: /eYbrDQpegI3fLU8jHIuE+khPWn+ld17TCb/dZrYT/w=
Subject key identifier: 9E:45:25:02:2A:5C:C5:BA:02:5F:98:85:AA:34:27:78:5B:E6:2F:40
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3409
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nkUlAipcxboCX5iFqjQneFvmL0A.roa
Signing time: Thu 28 Mar 2024 23:22:04 +0000
ROA not before: Thu 28 Mar 2024 23:22:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13321 (0x3409)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 23:22:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9E4525022A5CC5BA025F9885AA3427785BE62F40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:49:bd:bc:a6:ae:0b:1e:9d:72:6b:00:d3:a2:
7f:b2:9b:6d:3c:d0:f4:65:69:a6:49:af:d2:7b:bf:
a3:49:9a:e5:60:0e:d7:f3:49:4f:67:01:8e:71:33:
8f:48:c1:8b:e1:ab:b8:02:37:9f:92:62:86:c7:9e:
b6:34:fb:e3:64:7e:03:5b:6f:59:54:cd:97:ee:78:
cd:ef:04:b5:49:e4:80:c3:2b:22:57:86:6c:f9:d2:
23:d2:5f:ce:63:db:c6:da:48:36:19:96:e8:25:5a:
d4:92:c8:92:cd:2d:30:e5:ad:2e:c9:07:9d:e6:0e:
71:a7:cd:df:63:ca:87:86:03:38:4d:fd:39:92:8e:
7c:4d:2b:6a:f2:d4:bb:30:da:16:08:0d:4c:17:9d:
a3:58:a8:17:0f:75:77:5b:94:54:8a:fc:93:59:d7:
bc:b9:87:29:c9:5a:f9:e0:d0:56:fd:5d:42:05:47:
9c:77:a3:1d:89:5d:c8:f0:b1:e7:af:b8:16:86:a2:
99:f2:61:58:6a:3e:5f:5c:42:01:4d:7f:53:69:06:
de:a6:83:37:9d:b6:95:a6:40:26:9f:66:2b:a7:22:
6b:04:17:f2:82:3b:43:53:3b:ac:ae:ca:e3:c7:4b:
43:00:7f:31:e0:67:22:31:ee:7e:80:e4:b1:65:ce:
84:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:45:25:02:2A:5C:C5:BA:02:5F:98:85:AA:34:27:78:5B:E6:2F:40
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nkUlAipcxboCX5iFqjQneFvmL0A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3f:82:2f:e4:f1:cc:eb:bf:83:c7:dc:71:93:ff:1c:c7:5e:aa:
7f:d2:a9:48:38:75:ab:ba:73:14:30:45:ee:60:52:3a:67:a2:
03:e3:83:e2:96:ec:51:ef:4f:3a:28:99:38:a5:b6:d9:8d:e1:
0f:07:a9:6d:81:82:38:39:a3:02:11:9e:29:30:c7:02:84:c3:
03:30:0e:50:d9:c0:4a:6e:17:17:63:b1:90:46:4e:ec:ab:84:
8f:8d:3c:3d:58:f3:9c:48:ee:3c:92:52:24:50:af:3c:e4:0b:
37:b4:ee:53:64:40:30:0b:88:83:8d:70:0c:29:3a:ae:0a:e4:
f5:56:84:72:76:65:d7:6e:e0:b1:8c:ae:c1:bb:4a:91:46:12:
1d:49:cb:30:f9:97:36:50:8f:23:4a:34:ff:ec:6a:dc:e1:9b:
cc:c9:4d:67:a8:7b:03:49:ba:3b:78:c2:3d:e2:62:f1:9a:e2:
f6:df:0e:2e:39:f2:c4:ba:45:4d:82:85:d6:64:0b:5f:2f:d8:
2c:c0:37:3c:60:dc:7d:e7:ee:a9:02:ec:09:3e:27:11:86:10:
03:6d:cc:aa:0f:b4:0a:b5:4c:ce:cc:a6:f0:c4:11:5f:67:6e:
79:a8:5c:1e:4f:40:dd:77:58:5b:07:41:a7:ab:ec:b7:30:6a:
78:6c:e9:ed
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNAkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgy
MzIyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlFNDUyNTAyMkE1Q0M1
QkEwMjVGOTg4NUFBMzQyNzc4NUJFNjJGNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPSb28pq4LHp1yawDTon+ym2080PRlaaZJr9J7v6NJmuVgDtfz
SU9nAY5xM49IwYvhq7gCN5+SYobHnrY0++NkfgNbb1lUzZfueM3vBLVJ5IDDKyJX
hmz50iPSX85j28baSDYZluglWtSSyJLNLTDlrS7JB53mDnGnzd9jyoeGAzhN/TmS
jnxNK2ry1Lsw2hYIDUwXnaNYqBcPdXdblFSK/JNZ17y5hynJWvng0Fb9XUIFR5x3
ox2JXcjwseevuBaGopnyYVhqPl9cQgFNf1NpBt6mgzedtpWmQCafZiunImsEF/KC
O0NTO6yuyuPHS0MAfzHgZyIx7n6A5LFlzoRfAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUnkUlAipcxboCX5iFqjQneFvmL0AwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25rVWxBaXBjeGJvQ1g1
aUZxalFuZUZ2bUwwQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAD+CL+TxzOu/g8fc
cZP/HMdeqn/SqUg4dau6cxQwRe5gUjpnogPjg+KW7FHvTzoomTilttmN4Q8HqW2B
gjg5owIRnikwxwKEwwMwDlDZwEpuFxdjsZBGTuyrhI+NPD1Y85xI7jySUiRQrzzk
Cze07lNkQDALiIONcAwpOq4K5PVWhHJ2Zddu4LGMrsG7SpFGEh1JyzD5lzZQjyNK
NP/satzhm8zJTWeoewNJujt4wj3iYvGa4vbfDi458sS6RU2ChdZkC18v2CzANzxg
3H3n7qkC7Ak+JxGGEANtzKoPtAq1TM7MpvDEEV9nbnmoXB5PQN13WFsHQaer7Lcw
anhs6e0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:09 2024 by rpki-client on console-ams.rpki-client.org