Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/242/nmxSYPawNMWIXM-zbMaBhDP0tps.roa
File: nmxSYPawNMWIXM-zbMaBhDP0tps.roa (raw, json)
Hash identifier: mOJBxnJCnrJ/1VdhH4HV+KA3jfpIhL9cRnI4Q7MhOuU=
Subject key identifier: 9E:6C:52:60:F6:B0:34:C5:88:5C:CF:B3:6C:C6:81:84:33:F4:B6:9B
Certificate issuer: /CN=0A6F972D24078F89088ED110A26DCDF90A9EBCEA
Certificate serial: 0CCB
Authority key identifier: 0A:6F:97:2D:24:07:8F:89:08:8E:D1:10:A2:6D:CD:F9:0A:9E:BC:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Cm-XLSQHj4kIjtEQom3N-QqevOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/nmxSYPawNMWIXM-zbMaBhDP0tps.roa
Signing time: Fri 22 Mar 2024 03:04:01 +0000
ROA not before: Fri 22 Mar 2024 03:04:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 45102
IP address blocks: 59.82.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3275 (0xccb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0A6F972D24078F89088ED110A26DCDF90A9EBCEA
Validity
Not Before: Mar 22 03:04:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9E6C5260F6B034C5885CCFB36CC6818433F4B69B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:f1:21:13:e1:8e:b3:c4:05:82:a8:fd:95:59:
9b:87:d3:26:5a:e0:47:5e:d5:96:11:36:7e:fb:5b:
ed:df:20:bd:fd:37:71:98:b7:be:6a:70:11:0d:35:
6c:01:cc:b8:2c:ec:fe:4d:7a:53:2a:96:69:a7:17:
26:77:1b:aa:da:c8:d7:34:f0:9d:89:b6:f4:3b:9b:
19:44:ba:68:5b:13:66:97:0c:d4:67:4f:b0:af:23:
c7:43:54:42:38:51:9f:0b:5e:b8:f1:c2:78:e4:8c:
0f:a9:79:6b:54:89:4d:27:36:2d:24:55:4d:a2:3e:
0d:83:20:d4:7d:4f:94:55:1d:40:b7:93:b9:43:35:
ce:8e:f4:13:7f:84:62:97:04:0f:b2:d9:49:a0:41:
8b:1a:0c:6b:85:a5:b8:2d:f3:73:dc:29:94:61:9f:
bd:85:8b:bb:85:2b:f0:21:eb:db:c8:49:3a:d1:3f:
18:4a:c0:99:37:68:63:6e:4f:53:aa:70:05:29:79:
e8:22:13:0e:1d:12:dd:92:57:62:9a:6c:6e:8d:41:
7f:83:eb:a1:7e:88:31:f2:6d:0e:09:2e:37:99:31:
26:62:69:ba:46:13:18:fe:66:6d:14:ea:63:8d:18:
9a:48:dc:87:46:03:05:f6:17:a4:cc:ad:16:52:bf:
a7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6C:52:60:F6:B0:34:C5:88:5C:CF:B3:6C:C6:81:84:33:F4:B6:9B
X509v3 Authority Key Identifier:
keyid:0A:6F:97:2D:24:07:8F:89:08:8E:D1:10:A2:6D:CD:F9:0A:9E:BC:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/Cm-XLSQHj4kIjtEQom3N-QqevOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Cm-XLSQHj4kIjtEQom3N-QqevOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/nmxSYPawNMWIXM-zbMaBhDP0tps.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.82.136.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:a9:58:bc:c7:8a:64:6c:4d:53:b4:6c:d3:45:e8:8b:e0:64:
a8:43:6a:b2:63:58:1c:9f:4c:d7:b1:6d:70:a5:e8:99:f6:72:
66:9d:41:b8:0f:99:ff:e5:b0:c1:ae:1a:1b:08:35:b2:ba:23:
b1:a2:14:3f:c8:de:46:62:79:a7:6a:7a:64:5a:bb:45:f7:aa:
b6:6c:a9:72:6a:6a:4d:31:6f:c2:a8:a0:57:54:4f:38:42:81:
91:2c:c9:4f:17:85:0b:35:f8:b8:ac:23:13:24:72:0e:a4:3e:
7a:05:7b:3a:8e:a0:58:2f:66:79:23:cf:7d:c0:e6:47:40:60:
52:4d:71:4e:77:aa:a8:e9:ac:93:b5:32:ae:f6:60:45:d6:2e:
dd:0a:eb:7e:d0:6f:88:49:45:9d:6d:02:d2:c1:d1:dd:55:be:
25:22:60:7b:e0:e0:2b:fb:4b:9c:86:96:28:c9:3c:fc:13:d0:
74:85:0e:fc:f6:db:b6:df:ef:ef:c9:44:f0:e2:a4:3a:24:f6:
f0:e8:1a:08:a0:9c:bc:72:04:a0:89:77:08:88:8d:89:35:61:
1d:5e:e9:67:81:6d:34:8c:ac:6f:ba:f8:ee:36:da:ee:ec:b4:
69:0b:47:a0:4a:7e:8c:9f:21:a9:94:f8:8e:53:87:69:f1:46:
2e:6f:0e:7d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDMswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEE2
Rjk3MkQyNDA3OEY4OTA4OEVEMTEwQTI2RENERjkwQTlFQkNFQTAeFw0yNDAzMjIw
MzA0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlFNkM1MjYwRjZCMDM0
QzU4ODVDQ0ZCMzZDQzY4MTg0MzNGNEI2OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDy8SET4Y6zxAWCqP2VWZuH0yZa4Ede1ZYRNn77W+3fIL39N3GY
t75qcBENNWwBzLgs7P5NelMqlmmnFyZ3G6rayNc08J2JtvQ7mxlEumhbE2aXDNRn
T7CvI8dDVEI4UZ8LXrjxwnjkjA+peWtUiU0nNi0kVU2iPg2DINR9T5RVHUC3k7lD
Nc6O9BN/hGKXBA+y2UmgQYsaDGuFpbgt83PcKZRhn72Fi7uFK/Ah69vISTrRPxhK
wJk3aGNuT1OqcAUpeegiEw4dEt2SV2KabG6NQX+D66F+iDHybQ4JLjeZMSZiabpG
Exj+Zm0U6mONGJpI3IdGAwX2F6TMrRZSv6epAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUnmxSYPawNMWIXM+zbMaBhDP0tpswHwYDVR0jBBgwFoAUCm+XLSQHj4kIjtEQ
om3N+QqevOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQy
L0NtLVhMU1FIajRrSWp0RVFvbTNOLVFxZXZPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvQ20tWExTUUhqNGtJanRFUW9tM04tUXFldk9vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQyL25teFNZUGF3Tk1XSVhN
LXpiTWFCaERQMHRwcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAM7UogwDQYJKoZIhvcNAQELBQADggEBAG+pWLzHimRsTVO0bNNF6IvgZKhDarJj
WByfTNexbXCl6Jn2cmadQbgPmf/lsMGuGhsINbK6I7GiFD/I3kZieadqemRau0X3
qrZsqXJqak0xb8KooFdUTzhCgZEsyU8XhQs1+LisIxMkcg6kPnoFezqOoFgvZnkj
z33A5kdAYFJNcU53qqjprJO1Mq72YEXWLt0K637Qb4hJRZ1tAtLB0d1VviUiYHvg
4Cv7S5yGlijJPPwT0HSFDvz227bf7+/JRPDipDok9vDoGgignLxyBKCJdwiIjYk1
YR1e6WeBbTSMrG+6+O422u7stGkLR6BKfoyfIamU+I5Th2nxRi5vDn0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:51 2025 by rpki-client