Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1211/-PYxHf79lq5Y83XvsEm6IvWYYj4.roa
File: -PYxHf79lq5Y83XvsEm6IvWYYj4.roa (raw, json)
Hash identifier: e48t9XJyELNJgNVxm5A5rQ1TK2VQD8qbX3BWWky+918=
Subject key identifier: F8:F6:31:1D:FE:FD:96:AE:58:F3:75:EF:B0:49:BA:22:F5:98:62:3E
Certificate issuer: /CN=183D882201945BE13993B4C6DAC954F8EE426C97
Certificate serial: 1016
Authority key identifier: 18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/-PYxHf79lq5Y83XvsEm6IvWYYj4.roa
Signing time: Mon 24 Feb 2025 05:00:05 +0000
ROA not before: Mon 24 Feb 2025 05:00:05 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 63701
IP address blocks: 45.123.128.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4118 (0x1016)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=183D882201945BE13993B4C6DAC954F8EE426C97
Validity
Not Before: Feb 24 05:00:05 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=F8F6311DFEFD96AE58F375EFB049BA22F598623E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6c:7c:4b:6e:91:49:d7:eb:dc:de:a2:e3:93:
63:fe:50:4d:99:8b:bf:f0:69:a8:d1:68:2c:a1:7d:
fa:5a:d2:95:cc:b8:11:0c:df:44:ee:0b:e6:70:5d:
ce:42:06:5d:12:d3:09:ef:43:45:db:20:a6:38:48:
4f:49:d9:d0:03:30:23:59:a7:f4:89:87:d6:df:6b:
b8:cf:3f:cd:d1:60:d6:30:9c:b8:58:aa:6a:b5:55:
50:1d:5b:39:04:26:7b:0d:e3:87:fe:17:d0:7b:45:
40:4f:14:04:7c:94:ce:82:6d:15:a6:d8:d5:29:bb:
68:17:36:1a:eb:20:a0:2e:bc:60:96:f2:b9:1f:88:
94:3c:4e:50:e6:ce:db:85:9b:ed:3b:46:cd:c1:ae:
fc:b9:c9:0e:e2:b3:6e:1b:de:91:c4:f3:fc:cd:c6:
02:e5:df:ce:55:02:6c:a2:53:ce:09:85:1f:08:a3:
2b:1f:14:b6:96:8b:e3:22:75:2f:99:a6:b3:4c:1d:
10:68:68:76:04:26:e2:91:f6:82:37:ab:af:58:99:
40:0a:88:ac:65:20:76:dd:c2:54:65:1d:84:07:7c:
d1:3f:cb:65:89:cd:15:9f:64:d2:f3:25:a9:09:10:
37:0a:ed:9c:45:62:0a:d3:2c:d0:10:0a:83:b5:d9:
95:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:F6:31:1D:FE:FD:96:AE:58:F3:75:EF:B0:49:BA:22:F5:98:62:3E
X509v3 Authority Key Identifier:
keyid:18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/-PYxHf79lq5Y83XvsEm6IvWYYj4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.123.128.0/22
Signature Algorithm: sha256WithRSAEncryption
59:cc:33:f9:02:01:3c:1f:e5:d6:e6:46:e8:74:01:b0:4b:1c:
e8:c8:de:2c:83:89:1d:85:00:4b:ef:c1:2a:c5:6a:85:75:c7:
63:c5:b6:1e:9e:6d:fe:98:c3:fa:23:b7:e0:a6:56:17:e9:0a:
bf:b7:d3:f3:cc:54:0b:c1:7f:d0:da:9e:d1:fd:a4:ba:fe:bd:
e3:04:a8:55:0e:7b:e9:82:8d:90:11:79:78:93:77:64:72:77:
45:55:62:03:e9:db:c7:32:d0:97:9b:b0:7d:51:90:47:75:4b:
09:a7:95:9d:f7:f4:ad:b5:b6:43:5a:0c:e4:2f:7b:ad:e2:76:
76:91:7c:b3:5f:b7:ba:68:93:a2:41:ea:ae:5e:4f:68:47:7e:
25:79:d0:f1:45:45:08:91:8a:2b:76:6f:59:48:4c:ec:cb:d2:
a9:4b:f8:7d:89:30:b8:2c:77:d9:b8:66:0b:fc:76:dd:10:ed:
dd:9c:0e:d2:e5:78:9a:95:4c:06:84:d8:f9:c7:9c:92:32:2c:
2e:43:dc:f2:da:11:a6:55:65:00:51:af:2c:c0:82:de:8c:5b:
68:a6:f7:e9:64:82:cd:c4:17:01:f8:30:11:16:fa:49:a0:2e:
34:de:5c:39:60:a7:06:81:8a:74:28:db:2a:21:73:0a:01:4f:
9e:32:a7:74
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEBYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTgz
RDg4MjIwMTk0NUJFMTM5OTNCNEM2REFDOTU0RjhFRTQyNkM5NzAeFw0yNTAyMjQw
NTAwMDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEY4RjYzMTFERkVGRDk2
QUU1OEYzNzVFRkIwNDlCQTIyRjU5ODYyM0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZbHxLbpFJ1+vc3qLjk2P+UE2Zi7/waajRaCyhffpa0pXMuBEM
30TuC+ZwXc5CBl0S0wnvQ0XbIKY4SE9J2dADMCNZp/SJh9bfa7jPP83RYNYwnLhY
qmq1VVAdWzkEJnsN44f+F9B7RUBPFAR8lM6CbRWm2NUpu2gXNhrrIKAuvGCW8rkf
iJQ8TlDmztuFm+07Rs3Brvy5yQ7is24b3pHE8/zNxgLl385VAmyiU84JhR8Ioysf
FLaWi+MidS+ZprNMHRBoaHYEJuKR9oI3q69YmUAKiKxlIHbdwlRlHYQHfNE/y2WJ
zRWfZNLzJakJEDcK7ZxFYgrTLNAQCoO12ZVpAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU+PYxHf79lq5Y83XvsEm6IvWYYj4wHwYDVR0jBBgwFoAUGD2IIgGUW+E5k7TG
2slU+O5CbJcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx
MS9HRDJJSWdHVVctRTVrN1RHMnNsVS1PNUNiSmMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0dEMklJZ0dVVy1FNWs3VEcyc2xVLU81Q2JKYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTEvLVBZeEhmNzlscTVZ
ODNYdnNFbTZJdldZWWo0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAi17gDANBgkqhkiG9w0BAQsFAAOCAQEAWcwz+QIBPB/l1uZG6HQBsEsc6Mje
LIOJHYUAS+/BKsVqhXXHY8W2Hp5t/pjD+iO34KZWF+kKv7fT88xUC8F/0Nqe0f2k
uv694wSoVQ576YKNkBF5eJN3ZHJ3RVViA+nbxzLQl5uwfVGQR3VLCaeVnff0rbW2
Q1oM5C97reJ2dpF8s1+3umiTokHqrl5PaEd+JXnQ8UVFCJGKK3ZvWUhM7MvSqUv4
fYkwuCx32bhmC/x23RDt3ZwO0uV4mpVMBoTY+ceckjIsLkPc8toRplVlAFGvLMCC
3oxbaKb36WSCzcQXAfgwERb6SaAuNN5cOWCnBoGKdCjbKiFzCgFPnjKndA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:02:16 2025 by rpki-client