Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ntrhLexwyxrCoUP3y4wGV_-kD3c.roa
File: ntrhLexwyxrCoUP3y4wGV_-kD3c.roa (raw, json)
Hash identifier: L5Uf1s6EBt9FD4BxXgCcd4Lk7JbokgqVhE+ZawusfvY=
Subject key identifier: 9E:DA:E1:2D:EC:70:CB:1A:C2:A1:43:F7:CB:8C:06:57:FF:A4:0F:77
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33B5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ntrhLexwyxrCoUP3y4wGV_-kD3c.roa
Signing time: Thu 28 Mar 2024 12:52:04 +0000
ROA not before: Thu 28 Mar 2024 12:52:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13237 (0x33b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 12:52:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9EDAE12DEC70CB1AC2A143F7CB8C0657FFA40F77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:09:cd:08:bd:f3:b6:43:85:4e:00:d3:32:c2:
1c:37:a0:66:8e:30:12:3f:0f:84:a0:c2:36:30:57:
6d:9b:6d:1b:c5:b5:c6:c0:a4:19:e2:48:f7:da:e2:
2b:d2:dc:47:71:d8:38:14:b4:57:98:af:ff:ad:05:
82:bf:c6:c3:02:0e:e7:ab:2a:7c:7e:0a:40:fb:f0:
c5:4b:3b:3a:31:b0:e7:41:52:8c:6e:bb:5f:f5:c9:
29:19:62:65:6f:bd:1c:9c:b6:6d:4e:b9:b2:d9:12:
3b:c1:3f:76:3c:29:49:16:61:b3:66:b1:7b:dd:a7:
b9:f7:72:92:5c:59:af:76:57:40:f7:91:60:20:e1:
9c:f2:80:6f:b7:9b:52:c2:5c:32:47:45:11:e8:51:
c4:ef:e7:91:da:d7:fb:ec:86:1a:c0:0b:9e:7c:3d:
05:ef:56:88:41:f1:4c:78:27:b4:8c:6e:dd:48:a8:
7c:ac:1a:e7:4c:83:e9:15:ef:8d:a2:52:81:79:03:
65:ec:96:08:9b:25:49:a3:fa:74:11:01:a5:bf:aa:
ff:1f:69:27:ec:ef:34:08:97:f1:63:af:27:f7:66:
5a:88:aa:20:90:63:6c:6a:c1:67:24:77:89:f8:6c:
7c:eb:14:55:82:d1:f0:b8:3c:2e:e3:84:ea:25:80:
1f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:DA:E1:2D:EC:70:CB:1A:C2:A1:43:F7:CB:8C:06:57:FF:A4:0F:77
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ntrhLexwyxrCoUP3y4wGV_-kD3c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
98:5c:b0:67:97:7f:67:16:1e:db:41:50:b6:1e:de:2e:14:90:
fa:9a:94:38:b6:04:d2:77:e1:1f:30:e5:bb:15:97:35:bf:60:
72:69:a3:45:04:00:94:11:0e:15:c0:d3:34:22:75:a1:18:f7:
d1:86:88:32:93:68:66:99:62:9b:d4:39:6d:00:9d:b0:82:6e:
54:10:de:e6:bd:e4:22:27:d6:25:06:0b:dd:eb:02:89:24:24:
d8:1b:81:ed:75:73:81:fa:1a:1a:25:84:cb:85:90:91:56:4f:
65:0a:03:34:b4:1f:d3:f0:ed:7e:2e:23:b3:4c:d1:a4:5d:e5:
c4:1c:5c:70:26:77:88:8d:23:34:c3:4f:13:e8:2a:cc:0d:53:
dc:bb:ba:9c:b9:fd:74:c9:7b:90:64:68:c3:67:ae:e3:20:74:
f2:58:96:5b:b1:44:fb:30:e3:80:d7:9a:d1:9c:0a:fc:c6:a7:
2b:b5:a7:a1:20:bd:77:01:47:69:18:22:ad:80:59:09:2f:3a:
66:6e:61:73:7f:10:0e:eb:4b:5b:2b:a6:cb:3c:77:e7:98:1e:
b0:4d:99:35:8a:48:fd:79:7f:49:9d:c4:ee:fa:05:0f:57:d6:
f8:1f:35:a2:b6:c6:91:8a:b0:96:aa:af:4e:ae:0b:b1:5b:40:
1d:52:ee:7d
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICM7UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgx
MjUyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlFREFFMTJERUM3MENC
MUFDMkExNDNGN0NCOEMwNjU3RkZBNDBGNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSCc0IvfO2Q4VOANMywhw3oGaOMBI/D4SgwjYwV22bbRvFtcbA
pBniSPfa4ivS3Edx2DgUtFeYr/+tBYK/xsMCDuerKnx+CkD78MVLOzoxsOdBUoxu
u1/1ySkZYmVvvRyctm1OubLZEjvBP3Y8KUkWYbNmsXvdp7n3cpJcWa92V0D3kWAg
4ZzygG+3m1LCXDJHRRHoUcTv55Ha1/vshhrAC558PQXvVohB8Ux4J7SMbt1IqHys
GudMg+kV742iUoF5A2XslgibJUmj+nQRAaW/qv8faSfs7zQIl/Fjryf3ZlqIqiCQ
Y2xqwWckd4n4bHzrFFWC0fC4PC7jhOolgB8PAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUntrhLexwyxrCoUP3y4wGV/+kD3cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L250cmhMZXh3eXhyQ29V
UDN5NHdHVl8ta0QzYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJhcsGeXf2cWHttB
ULYe3i4UkPqalDi2BNJ34R8w5bsVlzW/YHJpo0UEAJQRDhXA0zQidaEY99GGiDKT
aGaZYpvUOW0AnbCCblQQ3ua95CIn1iUGC93rAokkJNgbge11c4H6GholhMuFkJFW
T2UKAzS0H9Pw7X4uI7NM0aRd5cQcXHAmd4iNIzTDTxPoKswNU9y7upy5/XTJe5Bk
aMNnruMgdPJYlluxRPsw44DXmtGcCvzGpyu1p6EgvXcBR2kYIq2AWQkvOmZuYXN/
EA7rS1srpss8d+eYHrBNmTWKSP15f0mdxO76BQ9X1vgfNaK2xpGKsJaqr06uC7Fb
QB1S7n0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:21 2025 by rpki-client