Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/wngvhSvegbNJ0pszKdXPKgFuyZw.roa
File: wngvhSvegbNJ0pszKdXPKgFuyZw.roa (raw, json)
Hash identifier: e9o8KFg3nOO2kMnWGyw9QpKCDzIHgXVHWVgNTQWWfPQ=
Subject key identifier: C2:78:2F:85:2B:DE:81:B3:49:D2:9B:33:29:D5:CF:2A:01:6E:C9:9C
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 0423
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/wngvhSvegbNJ0pszKdXPKgFuyZw.roa
Signing time: Wed 22 May 2024 03:27:50 +0000
ROA not before: Wed 22 May 2024 03:27:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 2914
IP address blocks: 124.175.0.0/18 maxlen: 24
124.175.64.0/21 maxlen: 24
124.175.72.0/21 maxlen: 24
124.175.80.0/21 maxlen: 24
124.175.88.0/21 maxlen: 24
124.175.96.0/21 maxlen: 24
124.175.104.0/21 maxlen: 24
124.175.112.0/21 maxlen: 24
124.175.120.0/21 maxlen: 24
124.175.160.0/21 maxlen: 24
124.175.168.0/21 maxlen: 24
124.175.176.0/21 maxlen: 24
124.175.184.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1059 (0x423)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: May 22 03:27:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C2782F852BDE81B349D29B3329D5CF2A016EC99C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a4:ff:5d:ac:0e:75:46:2e:0d:e9:5f:b1:f0:
d9:54:0a:9a:fd:36:9b:20:74:43:47:fb:db:b5:32:
d1:42:32:8f:74:f3:a0:68:9a:a1:2a:8d:b2:80:0a:
ef:d9:6c:d3:c5:84:40:c4:2b:a5:ab:d1:94:79:ce:
08:bb:e4:9f:40:27:01:ff:26:2b:0b:8f:57:83:2b:
d5:5b:89:15:cf:74:b2:16:7c:1b:75:0f:33:de:7a:
b3:a8:02:3e:18:5a:54:9c:cb:42:3d:06:ff:9b:96:
d5:8f:e7:a9:5f:65:d6:c1:b9:f5:39:4d:75:43:7e:
86:dc:d3:54:49:02:6d:55:12:3f:dc:9a:dd:f2:97:
2f:0c:0c:7b:ec:80:c9:db:79:7f:f6:f9:d8:95:8e:
51:7e:98:24:d3:95:bd:bc:55:61:cd:cc:1b:7b:d9:
5a:fe:65:d9:2a:97:a9:29:71:26:62:7f:51:38:b5:
d4:66:b3:e4:db:02:9e:bb:2b:1e:c4:50:61:e4:39:
c0:a6:cf:bf:54:6c:ce:a3:dd:4f:93:e5:59:01:20:
64:c7:c2:5e:96:d9:49:5e:81:90:e7:46:86:7d:6d:
df:36:82:6c:84:3b:9e:47:56:e8:01:48:68:8c:75:
b2:7c:27:5a:26:37:6b:34:41:c6:6d:93:0d:10:35:
06:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:78:2F:85:2B:DE:81:B3:49:D2:9B:33:29:D5:CF:2A:01:6E:C9:9C
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/wngvhSvegbNJ0pszKdXPKgFuyZw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.175.0.0/17
124.175.160.0/19
Signature Algorithm: sha256WithRSAEncryption
cc:ca:fc:7d:32:8b:cd:b5:7a:c1:b2:ae:ec:88:71:c2:7c:c1:
47:7a:44:17:af:64:78:fa:07:8c:47:5c:ee:57:be:95:8c:3f:
d3:3f:1d:67:fa:61:a2:cf:dd:e0:af:35:65:65:a0:7f:a4:1e:
79:55:98:d9:87:fc:8d:9b:ee:76:b1:47:f5:26:0f:7c:f8:42:
00:32:fa:44:a9:cb:da:ee:fd:fd:bf:b2:23:7d:dc:16:dd:fd:
d2:de:ae:27:3a:ee:1a:eb:9a:55:1c:08:0b:57:52:23:31:69:
a8:ca:3e:1c:c1:fb:26:b0:3e:d2:b5:c9:10:79:b8:09:a2:81:
be:8c:c0:4c:c6:14:83:95:b0:7c:83:ed:db:53:2b:e7:d8:d3:
04:04:ff:43:4d:e9:e5:a1:ac:a2:64:9c:34:e2:c6:d2:fc:ad:
fe:18:ed:37:cd:75:81:53:f1:02:6a:37:dd:de:09:83:c9:ff:
85:52:0e:51:0a:6c:2a:24:e8:34:65:35:55:13:e9:17:a1:25:
38:58:9b:65:ed:bf:d2:43:03:5d:49:67:84:07:0e:cc:ec:9e:
5f:20:00:9e:05:22:c9:18:27:09:80:c4:71:b5:76:fc:90:ec:
f3:0e:7b:33:fb:a1:37:40:1e:61:7b:97:83:15:1f:e2:97:cf:
d7:0c:10:87
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICBCMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNDA1MjIw
MzI3NTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMyNzgyRjg1MkJERTgx
QjM0OUQyOUIzMzI5RDVDRjJBMDE2RUM5OUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDApP9drA51Ri4N6V+x8NlUCpr9NpsgdENH+9u1MtFCMo9086Bo
mqEqjbKACu/ZbNPFhEDEK6Wr0ZR5zgi75J9AJwH/JisLj1eDK9VbiRXPdLIWfBt1
DzPeerOoAj4YWlScy0I9Bv+bltWP56lfZdbBufU5TXVDfobc01RJAm1VEj/cmt3y
ly8MDHvsgMnbeX/2+diVjlF+mCTTlb28VWHNzBt72Vr+Zdkql6kpcSZif1E4tdRm
s+TbAp67Kx7EUGHkOcCmz79UbM6j3U+T5VkBIGTHwl6W2UlegZDnRoZ9bd82gmyE
O55HVugBSGiMdbJ8J1omN2s0QcZtkw0QNQZ5AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUwngvhSvegbNJ0pszKdXPKgFuyZwwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvd25ndmhTdmVnYk5KMHBzektk
WFBLZ0Z1eVp3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEB3yv
AAMEBXyvoDANBgkqhkiG9w0BAQsFAAOCAQEAzMr8fTKLzbV6wbKu7IhxwnzBR3pE
F69kePoHjEdc7le+lYw/0z8dZ/phos/d4K81ZWWgf6QeeVWY2Yf8jZvudrFH9SYP
fPhCADL6RKnL2u79/b+yI33cFt390t6uJzruGuuaVRwIC1dSIzFpqMo+HMH7JrA+
0rXJEHm4CaKBvozATMYUg5WwfIPt21Mr59jTBAT/Q03p5aGsomScNOLG0vyt/hjt
N811gVPxAmo33d4Jg8n/hVIOUQpsKiToNGU1VRPpF6ElOFibZe2/0kMDXUlnhAcO
zOyeXyAAngUiyRgnCYDEcbV2/JDs8w57M/uhN0AeYXuXgxUf4pfP1wwQhw==
-----END CERTIFICATE-----
Generated at Wed Jun 26 18:22:48 2024 by rpki-client on console-ams.rpki-client.org