Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/119/BhAPA23_9841Ad-T5RPGRWrr8lU.roa
File: BhAPA23_9841Ad-T5RPGRWrr8lU.roa (raw, json)
Hash identifier: kYugWE0/6l95HXjqsbTP6qrpO8X0FDHGL1s3owYnbDM=
Subject key identifier: 06:10:0F:03:6D:FF:F7:CE:35:01:DF:93:E5:13:C6:45:6A:EB:F2:55
Certificate issuer: /CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A
Certificate serial: 0D01
Authority key identifier: F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/BhAPA23_9841Ad-T5RPGRWrr8lU.roa
Signing time: Tue 24 Sep 2024 00:19:02 +0000
ROA not before: Tue 24 Sep 2024 00:19:02 +0000
ROA not after: Sat 20 Sep 2025 07:41:26 +0000
asID: 45074
IP address blocks: 219.235.152.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3329 (0xd01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A
Validity
Not Before: Sep 24 00:19:02 2024 GMT
Not After : Sep 20 07:41:26 2025 GMT
Subject: CN=06100F036DFFF7CE3501DF93E513C6456AEBF255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fe:90:3c:49:71:06:18:bd:6e:49:8c:cc:1a:
69:50:a2:ac:db:da:8c:fd:06:f6:cd:90:8b:84:8d:
04:39:bf:4d:a5:3b:e8:ce:0a:9d:a9:e0:77:13:1c:
17:d7:f8:e1:76:b4:f6:50:06:29:99:4d:c2:e6:24:
d8:1c:7a:e6:33:d8:4e:87:9b:ef:6f:28:7c:a9:6a:
0c:b8:0b:7e:7f:53:73:21:24:4b:28:ea:a7:db:41:
8e:d7:18:ce:27:00:36:3b:9f:08:d5:56:7c:98:b1:
1d:e1:51:4e:b1:37:ce:35:af:a0:0a:47:fa:d2:6e:
e7:06:92:ab:f6:34:83:b6:9d:d9:6c:08:0f:21:52:
05:90:53:74:06:b2:d3:33:b7:a9:c8:9c:ac:36:1c:
87:14:d9:3f:81:13:f0:3b:ee:e2:2c:b7:df:45:ab:
5b:d8:fd:cf:0e:a5:76:ce:a9:50:92:38:29:db:85:
c4:23:4d:f9:91:a1:2e:f5:c5:6b:24:71:5f:f7:fb:
03:f4:87:d9:00:c6:43:73:b4:a7:9f:6b:c9:06:a4:
42:21:a3:7e:c6:a8:d8:b3:52:d1:08:90:e9:ea:3d:
f6:87:f9:87:d6:89:01:42:86:93:48:6c:70:cd:b7:
c0:84:f0:b1:78:3e:78:d3:09:95:11:07:b5:28:f4:
32:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:10:0F:03:6D:FF:F7:CE:35:01:DF:93:E5:13:C6:45:6A:EB:F2:55
X509v3 Authority Key Identifier:
keyid:F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/BhAPA23_9841Ad-T5RPGRWrr8lU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.235.152.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:16:91:ea:26:27:9c:54:e7:14:f1:a0:fc:b0:4d:16:11:91:
db:d4:f8:7b:1f:46:ff:d9:4b:10:0b:c4:61:7e:68:86:5f:95:
13:14:6d:f6:a1:92:7f:7d:c8:90:1c:8d:7b:37:43:39:57:fe:
48:87:da:68:9a:bc:ed:6d:f6:6b:4f:42:87:8b:24:9a:88:10:
8b:51:02:07:03:98:c7:79:0f:69:5c:f6:f6:29:70:e4:a8:d8:
a6:dc:4d:0e:57:4c:0d:5c:f2:62:a2:d3:63:3f:59:79:c8:6f:
ed:e1:64:63:74:1c:42:74:a2:c3:d3:a0:30:52:8e:c7:e3:86:
c6:fc:23:33:4e:06:b7:2c:01:32:e4:76:42:1d:8f:5d:60:c5:
11:72:2e:f4:53:c6:de:72:cc:e9:00:fe:0f:77:66:4d:68:d1:
60:ad:34:93:d9:36:0a:e8:d1:13:5b:2a:b6:2f:1f:01:40:2e:
b3:67:87:6e:52:cd:1f:31:39:95:b8:74:01:a1:4d:a3:26:11:
71:b9:b3:b9:fd:4d:2f:2b:ae:e1:5c:b4:a5:72:35:13:62:15:
d1:79:37:14:e1:41:78:cd:d6:e3:44:0e:b3:f5:be:96:18:4c:
f3:77:bb:17:13:d4:ae:91:c2:5e:f9:a2:a8:b4:8b:05:93:4d:
3b:26:4a:4b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDQEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjU1
NkMzQUFBMTAwMUY4OURDMEZDRUQ1NDM2QTIxQkI0RkYzNUQ3QTAeFw0yNDA5MjQw
MDE5MDJaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDA2MTAwRjAzNkRGRkY3
Q0UzNTAxREY5M0U1MTNDNjQ1NkFFQkYyNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB/pA8SXEGGL1uSYzMGmlQoqzb2oz9BvbNkIuEjQQ5v02lO+jO
Cp2p4HcTHBfX+OF2tPZQBimZTcLmJNgceuYz2E6Hm+9vKHypagy4C35/U3MhJEso
6qfbQY7XGM4nADY7nwjVVnyYsR3hUU6xN841r6AKR/rSbucGkqv2NIO2ndlsCA8h
UgWQU3QGstMzt6nInKw2HIcU2T+BE/A77uIst99Fq1vY/c8OpXbOqVCSOCnbhcQj
TfmRoS71xWskcV/3+wP0h9kAxkNztKefa8kGpEIho37GqNizUtEIkOnqPfaH+YfW
iQFChpNIbHDNt8CE8LF4PnjTCZURB7Uo9DIXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBhAPA23/9841Ad+T5RPGRWrr8lUwHwYDVR0jBBgwFoAU9VbDqqEAH4ncD87V
Q2ohu0/zXXowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5
LzlWYkRxcUVBSDRuY0Q4N1ZRMm9odTBfelhYby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvOVZiRHFxRUFING5jRDg3VlEyb2h1MF96WFhvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5L0JoQVBBMjNfOTg0MUFk
LVQ1UlBHUldycjhsVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPb65gwDQYJKoZIhvcNAQELBQADggEBACwWkeomJ5xU5xTxoPywTRYRkdvU+Hsf
Rv/ZSxALxGF+aIZflRMUbfahkn99yJAcjXs3QzlX/kiH2miavO1t9mtPQoeLJJqI
EItRAgcDmMd5D2lc9vYpcOSo2KbcTQ5XTA1c8mKi02M/WXnIb+3hZGN0HEJ0osPT
oDBSjsfjhsb8IzNOBrcsATLkdkIdj11gxRFyLvRTxt5yzOkA/g93Zk1o0WCtNJPZ
Ngro0RNbKrYvHwFALrNnh25SzR8xOZW4dAGhTaMmEXG5s7n9TS8rruFctKVyNRNi
FdF5NxThQXjN1uNEDrP1vpYYTPN3uxcT1K6Rwl75oqi0iwWTTTsmSks=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:21:51 2025 by rpki-client