Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/nwtr5A6Ex1Z8sTx-aC3UPSbnWlg.roa
File: nwtr5A6Ex1Z8sTx-aC3UPSbnWlg.roa (raw, json)
Hash identifier: JNSbIPjAaegDYiPnSXax6o8zAVvF2KNoLDuPEV1sj1c=
Subject key identifier: 9F:0B:6B:E4:0E:84:C7:56:7C:B1:3C:7E:68:2D:D4:3D:26:E7:5A:58
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FCD
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nwtr5A6Ex1Z8sTx-aC3UPSbnWlg.roa
Signing time: Sat 13 Apr 2024 15:52:49 +0000
ROA not before: Sat 13 Apr 2024 15:52:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16333 (0x3fcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 15:52:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9F0B6BE40E84C7567CB13C7E682DD43D26E75A58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:55:74:2c:88:07:4e:28:69:a4:35:8e:cf:dd:
82:a9:50:b4:64:90:21:d0:0a:3c:1f:3a:6d:4a:f0:
f5:6f:89:50:f1:2a:40:b0:19:17:2e:79:b0:31:c1:
cf:0d:fd:86:3f:f1:9e:9e:4a:c6:77:8f:2c:69:33:
cb:83:cd:20:c1:e9:6c:f8:a1:01:86:bd:10:91:11:
21:58:32:fb:44:89:66:fc:09:a4:dc:47:1b:4d:b2:
08:b5:bc:83:05:0b:c5:40:ad:cd:81:0a:c6:a9:bf:
a4:a2:1c:c6:02:e7:4e:26:77:77:bb:eb:33:1f:79:
ee:45:7a:d5:3a:c4:79:d9:b5:35:1d:1c:7d:f0:df:
7a:f2:4b:53:d1:62:2f:e7:b0:75:ae:6a:72:05:ba:
bf:39:05:ad:e8:96:9c:ee:1c:cf:90:32:ed:7d:d9:
f0:7c:f9:20:ad:a1:10:e5:a0:37:39:0b:78:59:2b:
db:af:7b:28:68:94:a0:76:e9:7a:fc:40:ee:4e:46:
6c:25:06:34:53:d4:75:06:a6:6b:91:fb:49:34:6e:
ef:3a:68:63:29:86:76:64:61:65:d4:90:0e:d0:a8:
58:9d:55:c4:20:1e:e4:e6:e8:4f:7f:60:b2:88:c6:
19:09:ff:af:b3:ce:2a:25:22:22:bb:47:f4:8c:13:
b3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:0B:6B:E4:0E:84:C7:56:7C:B1:3C:7E:68:2D:D4:3D:26:E7:5A:58
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nwtr5A6Ex1Z8sTx-aC3UPSbnWlg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
86:c2:12:1b:73:c9:52:f9:70:91:45:a4:8f:20:d9:8b:25:3d:
ed:cb:2d:c6:ef:3a:3c:f5:40:8c:8c:6b:d2:40:a1:d5:04:51:
46:ad:b6:ee:b0:80:47:72:8b:9c:2d:a2:42:26:55:1e:12:25:
1c:7d:74:22:41:9b:79:d3:29:a3:5b:25:f0:c7:53:07:ab:91:
99:42:1c:bb:7b:3e:25:d2:de:26:29:da:8b:cb:2f:f6:f4:90:
77:21:77:1e:a3:30:dd:e8:e3:36:62:b3:dd:0c:fa:5c:34:de:
28:ea:2c:46:10:df:80:6a:30:0f:68:fd:a1:fb:cd:91:1d:e6:
cf:fe:ab:f6:25:46:a4:4f:db:ba:9b:58:66:04:b7:76:fc:96:
09:d8:ad:9e:a4:d8:d9:63:bb:b6:81:20:f8:9c:4e:ed:ee:3f:
c0:e0:79:40:01:99:fb:c6:22:eb:58:79:9d:bf:17:ac:62:ac:
78:82:cc:2c:ca:c3:da:67:29:63:d0:e4:d3:03:fb:76:7f:39:
01:f0:37:91:d0:34:7f:9c:fc:a5:85:66:52:af:b9:f6:2e:05:
04:7b:6f:a4:f4:a4:9d:8f:32:7a:3c:ad:4d:d9:e8:41:76:03:
e4:cd:69:0f:d1:5c:9f:b1:08:2e:a5:07:54:e7:3f:e5:de:54:
39:e8:cf:59
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICP80wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
NTUyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlGMEI2QkU0MEU4NEM3
NTY3Q0IxM0M3RTY4MkRENDNEMjZFNzVBNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+VXQsiAdOKGmkNY7P3YKpULRkkCHQCjwfOm1K8PVviVDxKkCw
GRcuebAxwc8N/YY/8Z6eSsZ3jyxpM8uDzSDB6Wz4oQGGvRCRESFYMvtEiWb8CaTc
RxtNsgi1vIMFC8VArc2BCsapv6SiHMYC504md3e76zMfee5FetU6xHnZtTUdHH3w
33ryS1PRYi/nsHWuanIFur85Ba3olpzuHM+QMu192fB8+SCtoRDloDc5C3hZK9uv
eyholKB26Xr8QO5ORmwlBjRT1HUGpmuR+0k0bu86aGMphnZkYWXUkA7QqFidVcQg
HuTm6E9/YLKIxhkJ/6+zziolIiK7R/SME7N9AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUnwtr5A6Ex1Z8sTx+aC3UPSbnWlgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L253dHI1QTZFeDFaOHNU
eC1hQzNVUFNibldsZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIbCEhtzyVL5cJFF
pI8g2YslPe3LLcbvOjz1QIyMa9JAodUEUUattu6wgEdyi5wtokImVR4SJRx9dCJB
m3nTKaNbJfDHUwerkZlCHLt7PiXS3iYp2ovLL/b0kHchdx6jMN3o4zZis90M+lw0
3ijqLEYQ34BqMA9o/aH7zZEd5s/+q/YlRqRP27qbWGYEt3b8lgnYrZ6k2Nlju7aB
IPicTu3uP8DgeUABmfvGIutYeZ2/F6xirHiCzCzKw9pnKWPQ5NMD+3Z/OQHwN5HQ
NH+c/KWFZlKvufYuBQR7b6T0pJ2PMno8rU3Z6EF2A+TNaQ/RXJ+xCC6lB1TnP+Xe
VDnoz1k=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:13:14 2025 by rpki-client