Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/-9NqEbVLtxcMQGDhsFUsirUgR90.roa
File: -9NqEbVLtxcMQGDhsFUsirUgR90.roa (raw, json)
Hash identifier: YAPD8DouMRjl8InJgmqoPXZ+pjhCQ4vLb0TAZBDeTVA=
Subject key identifier: FB:D3:6A:11:B5:4B:B7:17:0C:40:60:E1:B0:55:2C:8A:B5:20:47:DD
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 208B
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/-9NqEbVLtxcMQGDhsFUsirUgR90.roa
Signing time: Sun 02 Feb 2025 19:42:10 +0000
ROA not before: Sun 02 Feb 2025 19:42:10 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 834
IP address blocks: 223.29.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8331 (0x208b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Feb 2 19:42:10 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=FBD36A11B54BB7170C4060E1B0552C8AB52047DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:fd:e5:74:47:fa:db:03:5d:c5:0e:46:2b:a8:
c0:66:4a:6c:70:02:6e:09:30:46:c9:ed:99:b1:fe:
ea:5d:fe:f6:08:c0:92:ea:77:50:98:4a:23:9b:a5:
8d:eb:08:59:4f:ec:02:d4:dc:fb:45:3a:6e:b8:e6:
ca:6d:3f:55:ad:58:eb:02:7c:b4:02:c0:29:c1:fb:
09:5d:12:d0:16:51:2c:8c:60:06:d6:5b:a6:c0:82:
f4:5a:e9:98:29:6a:fc:c2:71:66:50:25:5f:4a:67:
e8:a3:20:35:85:81:e2:60:b3:f0:aa:c6:75:84:0d:
f6:44:96:d4:06:a4:50:ee:ec:12:91:c8:4e:2e:87:
57:4b:88:4f:4b:8d:98:d1:8d:10:60:b1:12:41:00:
28:e9:19:9d:87:41:45:4f:71:70:83:ba:6f:a2:df:
71:32:5f:ad:74:11:ea:06:cf:67:18:fc:8a:f1:d0:
20:d6:63:33:46:50:f3:83:44:11:70:b3:df:b5:f1:
78:de:90:ad:7f:3d:34:cc:5d:7d:7f:50:56:2f:51:
17:22:e8:f2:a4:8e:27:76:a4:ce:85:d9:9a:ef:78:
11:57:78:66:de:3f:26:af:07:d2:fb:dd:dc:8a:a7:
fd:8a:25:20:a4:e8:9a:95:e1:e4:81:4a:0f:07:5f:
19:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D3:6A:11:B5:4B:B7:17:0C:40:60:E1:B0:55:2C:8A:B5:20:47:DD
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/-9NqEbVLtxcMQGDhsFUsirUgR90.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.252.0/24
Signature Algorithm: sha256WithRSAEncryption
31:7b:ad:cb:dd:f5:13:64:8a:4f:ce:09:f9:2a:26:02:e0:4a:
15:c1:c4:79:f9:f0:c8:8e:85:86:0b:61:84:c5:a8:2c:f7:63:
c3:49:1b:64:81:88:04:90:4f:0f:84:3a:ee:ca:4f:5b:99:d3:
f6:3c:c5:8f:df:bc:c0:45:69:85:a3:4f:15:bf:ef:c0:e2:af:
66:64:6b:62:61:fd:b1:49:fc:12:87:10:6a:cb:57:78:77:36:
84:8f:b9:8d:81:ed:df:41:cd:cb:65:bf:a1:c4:41:cb:ab:7f:
b9:3e:f4:84:ea:e6:5b:74:ca:ce:f5:51:fd:77:d5:b6:48:cd:
72:ea:4b:06:93:99:a8:58:83:50:2a:23:2d:2a:9e:c7:5e:bd:
5c:8e:82:30:b1:b4:b0:30:0a:99:b2:4e:46:02:69:95:9d:61:
50:6e:ea:93:11:3c:cf:65:43:a6:fa:e7:2c:d4:a7:04:c3:e7:
92:44:65:df:2e:90:54:b3:fe:3c:c4:4d:2f:d0:11:f7:dd:f1:
0e:52:9f:1c:61:f2:fb:41:51:8a:99:1a:25:a1:20:73:51:fe:
d7:16:24:ee:60:8e:47:8c:49:b2:6b:d9:25:1a:24:d6:f5:05:
af:a0:b8:39:f9:72:24:63:7e:c8:7a:48:04:9c:3b:be:79:cc:
bc:b8:f2:71
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICIIswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAyMDIx
OTQyMTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEZCRDM2QTExQjU0QkI3
MTcwQzQwNjBFMUIwNTUyQzhBQjUyMDQ3REQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0/eV0R/rbA13FDkYrqMBmSmxwAm4JMEbJ7Zmx/upd/vYIwJLq
d1CYSiObpY3rCFlP7ALU3PtFOm645sptP1WtWOsCfLQCwCnB+wldEtAWUSyMYAbW
W6bAgvRa6ZgpavzCcWZQJV9KZ+ijIDWFgeJgs/CqxnWEDfZEltQGpFDu7BKRyE4u
h1dLiE9LjZjRjRBgsRJBACjpGZ2HQUVPcXCDum+i33EyX610EeoGz2cY/Irx0CDW
YzNGUPODRBFws9+18XjekK1/PTTMXX1/UFYvURci6PKkjid2pM6F2ZrveBFXeGbe
PyavB9L73dyKp/2KJSCk6JqV4eSBSg8HXxlLAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU+9NqEbVLtxcMQGDhsFUsirUgR90wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvLTlOcUViVkx0eGNN
UUdEaHNGVXNpclVnUjkwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAN8d/DANBgkqhkiG9w0BAQsFAAOCAQEAMXuty931E2SKT84J+SomAuBKFcHE
efnwyI6FhgthhMWoLPdjw0kbZIGIBJBPD4Q67spPW5nT9jzFj9+8wEVphaNPFb/v
wOKvZmRrYmH9sUn8EocQastXeHc2hI+5jYHt30HNy2W/ocRBy6t/uT70hOrmW3TK
zvVR/XfVtkjNcupLBpOZqFiDUCojLSqex169XI6CMLG0sDAKmbJORgJplZ1hUG7q
kxE8z2VDpvrnLNSnBMPnkkRl3y6QVLP+PMRNL9AR993xDlKfHGHy+0FRipkaJaEg
c1H+1xYk7mCOR4xJsmvZJRok1vUFr6C4OflyJGN+yHpIBJw7vnnMvLjycQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:35:02 2025 by rpki-client