Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/nlqN3UgRpsRbpvHToQTEzkpiMIA.roa
File: nlqN3UgRpsRbpvHToQTEzkpiMIA.roa (raw, json)
Hash identifier: uVRXqPNZ8xS1WCEP+JJFiDqfXkzH3VmsUHva4saXZa8=
Subject key identifier: 9E:5A:8D:DD:48:11:A6:C4:5B:A6:F1:D3:A1:04:C4:CE:4A:62:30:80
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37F9
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nlqN3UgRpsRbpvHToQTEzkpiMIA.roa
Signing time: Wed 03 Apr 2024 05:22:22 +0000
ROA not before: Wed 03 Apr 2024 05:22:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14329 (0x37f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 05:22:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9E5A8DDD4811A6C45BA6F1D3A104C4CE4A623080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a6:5e:67:19:7d:57:4c:9f:f7:31:99:68:5a:
8f:72:02:0c:18:3a:08:3e:74:0a:d9:43:b1:76:9c:
09:6c:35:a3:5c:8e:58:ad:a9:93:9a:6b:e9:05:ce:
58:18:b7:e9:f3:eb:4e:e4:34:3e:c3:d9:7a:3f:13:
fb:c1:ca:45:11:ec:e4:7e:24:79:d8:40:62:84:d3:
cc:bd:f0:51:01:ea:f7:e4:1a:fb:d7:9a:1e:4b:af:
52:83:3a:6e:40:8e:2d:fb:24:98:b1:42:c7:a0:34:
ca:95:9e:ab:7f:03:4a:25:a3:7a:76:7c:e4:dc:38:
57:a7:b3:a8:a8:b9:2e:d9:1e:8a:3b:1a:63:25:b7:
4d:63:d7:5f:82:c2:d8:9a:fb:39:b4:d1:d3:ff:ab:
63:bf:b1:09:71:a8:63:4f:a0:7f:72:9e:9d:5f:e9:
43:5e:a8:a0:09:d4:d5:d4:12:a4:b1:bc:29:47:57:
3c:e8:ba:c0:37:0b:eb:55:0f:56:5d:4a:71:7e:90:
5f:c8:4b:1a:4b:53:d9:e4:c4:64:a2:4d:cc:59:b2:
5f:54:10:a0:d1:40:37:8c:90:c1:32:f7:0e:0a:d1:
3e:4c:e6:00:e3:ca:58:3c:15:33:61:a6:96:dc:c7:
89:29:20:66:b6:ec:82:ce:1a:65:4f:10:f1:a4:ea:
52:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:5A:8D:DD:48:11:A6:C4:5B:A6:F1:D3:A1:04:C4:CE:4A:62:30:80
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nlqN3UgRpsRbpvHToQTEzkpiMIA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
ae:ee:c1:a8:df:43:39:c1:a9:78:fe:b9:87:67:85:00:46:94:
9d:4e:cb:90:e5:f6:24:9e:90:a2:0a:27:0b:5a:19:30:a4:9c:
67:65:f1:0c:2a:1d:59:7e:6f:4d:56:83:95:4b:6c:fc:2d:6c:
95:49:e5:37:51:05:57:a5:6e:7c:bd:79:a5:54:3d:54:a9:ec:
c6:aa:a7:fb:69:82:82:35:f3:98:e3:02:6a:66:50:f9:f6:a0:
4c:26:41:af:45:d2:c9:4d:55:d7:ef:1b:97:32:1f:64:de:71:
f5:91:0e:e8:26:47:4f:1a:2e:33:3c:3a:de:60:b3:ea:4a:59:
8b:05:d2:1c:e1:88:fa:cb:bc:77:cb:ff:8d:73:90:1b:31:49:
19:57:9b:9b:4c:db:94:91:bc:91:86:ae:a4:1d:93:f0:ff:ce:
c1:8a:e8:bd:5b:94:ba:85:2d:a4:44:c8:79:cf:78:c8:ea:d3:
94:52:91:fc:66:cb:66:68:6a:ed:69:a7:42:bb:d2:16:a9:64:
3a:32:fc:98:55:ce:0c:7a:56:6f:57:88:0b:0f:eb:0a:21:d2:
50:83:5d:78:24:fd:30:b7:2a:3f:76:c4:a8:72:e5:5d:a6:1f:
61:80:7b:a0:58:c7:4e:37:dd:59:b6:57:e2:57:1d:3a:09:2c:
f2:d4:cc:8d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICN/kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMw
NTIyMjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlFNUE4RERENDgxMUE2
QzQ1QkE2RjFEM0ExMDRDNENFNEE2MjMwODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClpl5nGX1XTJ/3MZloWo9yAgwYOgg+dArZQ7F2nAlsNaNcjlit
qZOaa+kFzlgYt+nz607kND7D2Xo/E/vBykUR7OR+JHnYQGKE08y98FEB6vfkGvvX
mh5Lr1KDOm5Aji37JJixQsegNMqVnqt/A0olo3p2fOTcOFens6iouS7ZHoo7GmMl
t01j11+Cwtia+zm00dP/q2O/sQlxqGNPoH9ynp1f6UNeqKAJ1NXUEqSxvClHVzzo
usA3C+tVD1ZdSnF+kF/ISxpLU9nkxGSiTcxZsl9UEKDRQDeMkMEy9w4K0T5M5gDj
ylg8FTNhppbcx4kpIGa27ILOGmVPEPGk6lIjAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUnlqN3UgRpsRbpvHToQTEzkpiMIAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25scU4zVWdScHNSYnB2
SFRvUVRFemtwaU1JQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAK7uwajfQznBqXj+
uYdnhQBGlJ1Oy5Dl9iSekKIKJwtaGTCknGdl8QwqHVl+b01Wg5VLbPwtbJVJ5TdR
BVelbny9eaVUPVSp7Maqp/tpgoI185jjAmpmUPn2oEwmQa9F0slNVdfvG5cyH2Te
cfWRDugmR08aLjM8Ot5gs+pKWYsF0hzhiPrLvHfL/41zkBsxSRlXm5tM25SRvJGG
rqQdk/D/zsGK6L1blLqFLaREyHnPeMjq05RSkfxmy2Zoau1pp0K70hapZDoy/JhV
zgx6Vm9XiAsP6woh0lCDXXgk/TC3Kj92xKhy5V2mH2GAe6BYx0433Vm2V+JXHToJ
LPLUzI0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:09 2024 by rpki-client on console-ams.rpki-client.org