Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1211/w1kAirxqgOm5vHz5Bi6BT549YJI.roa
File: w1kAirxqgOm5vHz5Bi6BT549YJI.roa (raw, json)
Hash identifier: nmBCzxSnYZI1RueieUTmxBLuXFlTbxpaZ7jDfOsEyyA=
Subject key identifier: C3:59:00:8A:BC:6A:80:E9:B9:BC:7C:F9:06:2E:81:4F:9E:3D:60:92
Certificate issuer: /CN=183D882201945BE13993B4C6DAC954F8EE426C97
Certificate serial: 0D16
Authority key identifier: 18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/w1kAirxqgOm5vHz5Bi6BT549YJI.roa
Signing time: Tue 24 Sep 2024 00:17:43 +0000
ROA not before: Tue 24 Sep 2024 00:17:43 +0000
ROA not after: Sat 20 Sep 2025 07:41:26 +0000
asID: 63701
IP address blocks: 45.116.208.0/22 maxlen: 24
45.123.128.0/22 maxlen: 24
103.57.12.0/22 maxlen: 24
103.63.244.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3350 (0xd16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=183D882201945BE13993B4C6DAC954F8EE426C97
Validity
Not Before: Sep 24 00:17:43 2024 GMT
Not After : Sep 20 07:41:26 2025 GMT
Subject: CN=C359008ABC6A80E9B9BC7CF9062E814F9E3D6092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:65:99:66:4f:c5:0f:ee:94:80:3d:3f:8b:14:
ce:28:79:8d:b3:4f:76:52:1d:e3:e9:32:00:2e:68:
ca:8a:df:50:b4:83:31:51:52:13:63:c8:7a:bf:a4:
ec:db:9a:19:95:a2:d6:f4:72:16:e6:7e:49:51:6b:
8c:59:a5:62:56:56:5a:2c:3e:69:98:49:c4:cc:5c:
05:69:66:5a:21:1f:27:8e:df:1a:b4:8b:32:1e:75:
f3:e6:57:a9:d4:78:cc:82:c5:ea:de:45:f7:f2:af:
7a:20:81:78:8e:ab:75:76:00:ff:94:e0:62:9f:6a:
5f:61:51:f1:82:14:a9:dc:a4:8a:8a:fb:3f:6b:fd:
75:92:3d:3d:24:10:0c:21:41:9f:cf:68:73:46:1d:
be:23:b4:4d:d9:c8:e1:fa:32:f0:6c:26:93:c7:45:
2c:23:82:63:7f:ec:1b:d1:43:9a:15:72:9d:c0:98:
5b:15:47:80:03:99:45:a5:47:4b:9e:4b:db:c2:12:
d7:7c:9d:34:30:f9:98:4a:84:dc:d1:94:9a:93:2b:
9a:46:ac:39:fa:29:90:af:80:7f:75:01:fe:67:7a:
11:67:7c:4d:fc:28:a0:4f:a4:0d:21:de:e5:f1:f8:
cb:9b:f5:28:84:d8:2c:6e:3e:94:c2:8b:a7:34:b7:
87:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:59:00:8A:BC:6A:80:E9:B9:BC:7C:F9:06:2E:81:4F:9E:3D:60:92
X509v3 Authority Key Identifier:
keyid:18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/w1kAirxqgOm5vHz5Bi6BT549YJI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.116.208.0/22
45.123.128.0/22
103.57.12.0/22
103.63.244.0/22
Signature Algorithm: sha256WithRSAEncryption
06:56:93:f1:2a:6a:02:e5:37:09:44:3f:b8:15:e8:95:cf:1e:
ff:85:2d:44:e2:cf:fe:10:72:db:7d:c0:e8:bd:83:67:80:d1:
a0:b5:1f:f1:bb:51:c0:90:ad:c5:65:9c:a9:38:03:1b:ad:f4:
62:2b:e2:ed:e7:2d:32:02:7f:f8:f0:c9:d8:b3:b1:69:42:ec:
51:13:29:6f:e8:cd:1b:d4:33:5a:0e:67:49:be:c4:7d:c3:89:
c3:db:17:57:73:b8:ba:70:3d:07:09:a8:56:09:7b:0e:7e:99:
de:75:f8:30:e3:7e:50:72:42:e7:59:fc:ce:0f:2c:8d:b1:5d:
4a:00:e0:46:0e:ce:86:e9:70:0b:0f:5d:ee:2b:17:a0:10:e6:
08:1e:7f:90:ee:4f:b4:e5:92:e4:72:6e:66:d7:ba:4c:66:74:
c4:7f:16:a0:97:0a:a6:7c:9c:49:4d:fd:e4:b1:0d:89:be:da:
63:3c:74:7e:81:6a:ed:d1:90:ef:20:57:3c:ae:51:6d:16:44:
83:06:2f:5d:e6:14:f7:fa:f0:18:78:83:e4:2d:68:be:51:9e:
9d:fc:c4:4a:24:17:7b:66:02:5b:77:bf:0f:06:65:7e:b8:00:
64:31:59:ce:86:be:f1:96:66:57:5c:7d:ac:0e:61:fe:c4:d7:
d4:94:c3:d7
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgICDRYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTgz
RDg4MjIwMTk0NUJFMTM5OTNCNEM2REFDOTU0RjhFRTQyNkM5NzAeFw0yNDA5MjQw
MDE3NDNaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKEMzNTkwMDhBQkM2QTgw
RTlCOUJDN0NGOTA2MkU4MTRGOUUzRDYwOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMZZlmT8UP7pSAPT+LFM4oeY2zT3ZSHePpMgAuaMqK31C0gzFR
UhNjyHq/pOzbmhmVotb0chbmfklRa4xZpWJWVlosPmmYScTMXAVpZlohHyeO3xq0
izIedfPmV6nUeMyCxereRffyr3oggXiOq3V2AP+U4GKfal9hUfGCFKncpIqK+z9r
/XWSPT0kEAwhQZ/PaHNGHb4jtE3ZyOH6MvBsJpPHRSwjgmN/7BvRQ5oVcp3AmFsV
R4ADmUWlR0ueS9vCEtd8nTQw+ZhKhNzRlJqTK5pGrDn6KZCvgH91Af5nehFnfE38
KKBPpA0h3uXx+Mub9SiE2CxuPpTCi6c0t4fjAgMBAAGjggIFMIICATAdBgNVHQ4E
FgQUw1kAirxqgOm5vHz5Bi6BT549YJIwHwYDVR0jBBgwFoAUGD2IIgGUW+E5k7TG
2slU+O5CbJcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx
MS9HRDJJSWdHVVctRTVrN1RHMnNsVS1PNUNiSmMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0dEMklJZ0dVVy1FNWs3VEcyc2xVLU81Q2JKYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTEvdzFrQWlyeHFnT201
dkh6NUJpNkJUNTQ5WUpJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEw
GAMEAi100AMEAi17gAMEAmc5DAMEAmc/9DANBgkqhkiG9w0BAQsFAAOCAQEABlaT
8SpqAuU3CUQ/uBXolc8e/4UtROLP/hBy233A6L2DZ4DRoLUf8btRwJCtxWWcqTgD
G630Yivi7ectMgJ/+PDJ2LOxaULsURMpb+jNG9QzWg5nSb7EfcOJw9sXV3O4unA9
BwmoVgl7Dn6Z3nX4MON+UHJC51n8zg8sjbFdSgDgRg7OhulwCw9d7isXoBDmCB5/
kO5PtOWS5HJuZte6TGZ0xH8WoJcKpnycSU395LENib7aYzx0foFq7dGQ7yBXPK5R
bRZEgwYvXeYU9/rwGHiD5C1ovlGenfzESiQXe2YCW3e/DwZlfrgAZDFZzoa+8ZZm
V1x9rA5h/sTX1JTD1w==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:14 2025 by rpki-client