Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/119/SC_pkcDhJ5o4NG17MetL3m9J4FE.roa
File: SC_pkcDhJ5o4NG17MetL3m9J4FE.roa (raw, json)
Hash identifier: 3QuKzabkQZa5U+aV6n5UNJwnM3YYQc4z4PuXFHFnB14=
Subject key identifier: 48:2F:E9:91:C0:E1:27:9A:38:34:6D:7B:31:EB:4B:DE:6F:49:E0:51
Certificate issuer: /CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A
Certificate serial: 0D00
Authority key identifier: F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/SC_pkcDhJ5o4NG17MetL3m9J4FE.roa
Signing time: Tue 24 Sep 2024 00:19:01 +0000
ROA not before: Tue 24 Sep 2024 00:19:01 +0000
ROA not after: Sat 20 Sep 2025 07:41:26 +0000
asID: 9807
IP address blocks: 219.235.128.0/21 maxlen: 21
219.235.136.0/21 maxlen: 21
219.235.144.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3328 (0xd00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A
Validity
Not Before: Sep 24 00:19:01 2024 GMT
Not After : Sep 20 07:41:26 2025 GMT
Subject: CN=482FE991C0E1279A38346D7B31EB4BDE6F49E051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0d:35:36:38:cc:73:dd:31:2f:36:88:61:c0:
ad:f7:68:f8:68:ba:c7:24:8d:e2:b0:71:1d:7a:29:
dc:9a:96:f2:b9:b0:e5:3d:fd:33:1c:57:d4:8f:6e:
13:e4:37:e2:b4:53:c5:f6:d7:3d:57:a8:4c:c0:5b:
68:fe:66:ff:5f:4d:4c:fb:58:a5:73:aa:b0:f2:40:
46:ed:9e:29:41:3f:22:c3:1d:c5:bc:80:86:b9:5a:
2d:18:c5:ba:91:1a:8d:57:f8:c1:fc:87:2a:53:34:
09:9d:15:71:52:92:0c:30:04:7d:36:80:8d:d1:5c:
5f:bb:8c:1a:e7:9b:31:a5:af:8f:ec:39:a0:94:67:
c2:c3:1f:c3:e8:e9:0a:5f:a7:44:41:a3:b0:4a:3a:
de:70:95:dc:7a:ce:41:47:31:25:71:cd:bc:d3:bf:
fc:ab:59:0a:9c:af:d9:5b:af:b7:7d:9a:6b:8e:4f:
bd:7a:53:c1:23:62:d6:ee:9d:28:2a:0b:b2:ff:84:
bb:d4:a5:d3:80:11:cb:32:6f:f3:ed:e3:1d:f6:bd:
f2:bf:31:a0:49:51:10:de:d6:15:e1:3f:94:25:28:
6a:ae:18:68:2c:94:51:8e:09:cd:82:4e:e9:bc:63:
ea:9a:2e:eb:7b:97:f6:b5:59:cb:13:b4:b6:12:9c:
c3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:2F:E9:91:C0:E1:27:9A:38:34:6D:7B:31:EB:4B:DE:6F:49:E0:51
X509v3 Authority Key Identifier:
keyid:F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/SC_pkcDhJ5o4NG17MetL3m9J4FE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.235.128.0-219.235.151.255
Signature Algorithm: sha256WithRSAEncryption
63:22:f4:dd:57:8a:1d:26:40:7e:d2:7d:70:f9:b9:12:20:60:
fe:c8:16:7e:7b:c6:d0:6c:04:c8:85:aa:0a:2f:8a:8e:b7:4c:
8a:c7:80:1f:2e:3d:d3:c2:a5:8b:24:8a:8c:4d:e4:91:76:f7:
9b:76:ae:3d:14:a9:e8:0b:bf:49:70:75:eb:4e:c9:35:e0:18:
bf:91:a7:20:02:b2:01:65:5a:58:f0:6e:8a:34:c9:c7:15:fb:
70:3d:0b:fd:9a:5a:11:39:46:cc:c6:e8:14:2b:c9:3f:45:df:
40:e0:52:57:b1:c7:22:47:40:a0:06:9b:50:42:96:73:09:3a:
a9:42:53:27:c7:ea:3e:73:6f:26:b3:17:70:48:88:f2:da:a6:
ec:40:84:dc:1b:f9:00:87:27:65:5a:7d:a8:b0:48:1a:01:23:
b6:af:86:18:fc:96:00:06:79:1c:5e:db:f7:71:6e:e6:dc:0c:
c7:2f:a8:81:16:dc:45:7f:e6:23:ca:fc:12:7e:91:05:df:d7:
6d:b0:03:68:20:6a:c6:6a:41:e8:b5:ff:cd:a8:10:eb:f1:ac:
65:a5:1d:1b:ba:79:0a:e9:ae:4e:69:4a:6b:9c:27:70:d8:d2:
56:04:aa:b5:60:74:2b:ef:99:04:c6:bd:4a:22:c8:af:d5:f7:
c8:73:70:e1
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICDQAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjU1
NkMzQUFBMTAwMUY4OURDMEZDRUQ1NDM2QTIxQkI0RkYzNUQ3QTAeFw0yNDA5MjQw
MDE5MDFaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDQ4MkZFOTkxQzBFMTI3
OUEzODM0NkQ3QjMxRUI0QkRFNkY0OUUwNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSDTU2OMxz3TEvNohhwK33aPhousckjeKwcR16KdyalvK5sOU9
/TMcV9SPbhPkN+K0U8X21z1XqEzAW2j+Zv9fTUz7WKVzqrDyQEbtnilBPyLDHcW8
gIa5Wi0YxbqRGo1X+MH8hypTNAmdFXFSkgwwBH02gI3RXF+7jBrnmzGlr4/sOaCU
Z8LDH8Po6Qpfp0RBo7BKOt5wldx6zkFHMSVxzbzTv/yrWQqcr9lbr7d9mmuOT716
U8EjYtbunSgqC7L/hLvUpdOAEcsyb/Pt4x32vfK/MaBJURDe1hXhP5QlKGquGGgs
lFGOCc2CTum8Y+qaLut7l/a1WcsTtLYSnMOfAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUSC/pkcDhJ5o4NG17MetL3m9J4FEwHwYDVR0jBBgwFoAU9VbDqqEAH4ncD87V
Q2ohu0/zXXowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5
LzlWYkRxcUVBSDRuY0Q4N1ZRMm9odTBfelhYby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvOVZiRHFxRUFING5jRDg3VlEyb2h1MF96WFhvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5L1NDX3BrY0RoSjVvNE5H
MTdNZXRMM205SjRGRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4w
DAMEB9vrgAMEA9vrkDANBgkqhkiG9w0BAQsFAAOCAQEAYyL03VeKHSZAftJ9cPm5
EiBg/sgWfnvG0GwEyIWqCi+KjrdMiseAHy4908KliySKjE3kkXb3m3auPRSp6Au/
SXB1607JNeAYv5GnIAKyAWVaWPBuijTJxxX7cD0L/ZpaETlGzMboFCvJP0XfQOBS
V7HHIkdAoAabUEKWcwk6qUJTJ8fqPnNvJrMXcEiI8tqm7ECE3Bv5AIcnZVp9qLBI
GgEjtq+GGPyWAAZ5HF7b93Fu5twMxy+ogRbcRX/mI8r8En6RBd/XbbADaCBqxmpB
6LX/zagQ6/GsZaUdG7p5CumuTmlKa5wncNjSVgSqtWB0K++ZBMa9SiLIr9X3yHNw
4Q==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:17:27 2025 by rpki-client