Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/0tIdMYbPh52gcnbONKM9sxEByR4.roa
File: 0tIdMYbPh52gcnbONKM9sxEByR4.roa (raw, json)
Hash identifier: 5KLm0nAa5fOcsr0fbhaiO/JacSV520TVs9rJMJnaPNk=
Subject key identifier: D2:D2:1D:31:86:CF:87:9D:A0:72:76:CE:34:A3:3D:B3:11:01:C9:1E
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 2026
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/0tIdMYbPh52gcnbONKM9sxEByR4.roa
Signing time: Fri 17 Jan 2025 01:24:09 +0000
ROA not before: Fri 17 Jan 2025 01:24:09 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 60721
IP address blocks: 223.29.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8230 (0x2026)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Jan 17 01:24:09 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D2D21D3186CF879DA07276CE34A33DB31101C91E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:28:8f:31:20:2b:26:6d:ba:36:2d:17:c3:c8:
14:71:d7:03:e8:86:af:ca:a1:c6:41:11:81:de:61:
01:53:d5:4a:b6:85:7a:ff:91:26:b3:c1:b8:4b:ef:
10:90:f0:93:8e:66:62:2f:8a:75:1b:b1:50:78:ec:
21:fb:69:79:ec:17:e5:70:f7:9d:68:56:1e:f5:ff:
d6:7f:51:8a:dc:5d:71:0d:f1:e0:88:09:9c:71:67:
28:54:88:e9:68:a8:1d:3a:b2:2d:a0:02:a4:d2:fa:
0d:52:c5:72:34:15:5d:f2:89:01:92:c9:21:b1:20:
86:d9:00:3e:24:71:09:73:41:a5:17:2d:69:13:2c:
1e:5e:ac:7d:72:52:6d:4b:f1:d7:7e:bf:a3:ca:07:
39:9f:3c:dd:fe:b5:7a:6f:85:96:ac:9c:a1:4c:e5:
28:dc:ae:d1:e8:32:4a:f7:c9:48:e4:99:a8:53:26:
5b:67:66:61:7a:b1:6e:5d:ff:dc:a6:01:4c:c9:df:
f8:1c:d3:7f:79:c3:76:b0:d4:77:70:b0:0a:83:0d:
7a:cd:2b:43:9f:ba:0a:bf:32:5f:64:1b:1a:db:08:
5e:6f:00:c3:e8:10:d3:82:4e:5f:31:66:74:aa:50:
71:69:36:65:e6:b5:e0:83:e2:3b:0d:84:37:45:21:
21:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D2:1D:31:86:CF:87:9D:A0:72:76:CE:34:A3:3D:B3:11:01:C9:1E
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/0tIdMYbPh52gcnbONKM9sxEByR4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.254.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:9c:5a:e5:31:52:54:b3:fe:99:e6:ea:46:a9:d9:64:14:48:
76:06:29:1c:17:24:de:22:4e:c4:09:95:d9:15:53:d0:bf:6b:
69:8f:71:2b:a1:ff:51:9f:15:3d:34:e7:7a:25:5d:ed:28:eb:
3c:8e:ef:53:15:98:e9:d0:2d:0c:50:88:bd:eb:89:ca:ca:9d:
a6:4e:6e:12:03:ce:1d:de:53:44:c0:a6:82:e7:65:90:b4:48:
d4:19:0d:f3:27:2b:f7:83:d7:e5:53:75:f9:51:25:90:d2:48:
b4:0e:b6:19:38:04:62:57:c4:e9:32:4e:b8:d9:f0:08:d0:21:
4c:30:69:57:8c:d3:0b:57:56:5e:31:8b:6c:43:ff:28:ac:c0:
8d:40:32:60:80:9b:5b:65:6e:15:44:44:13:d3:7c:a7:9a:91:
c0:2a:d1:88:71:22:bf:09:6f:ae:56:fe:5d:29:1d:23:94:87:
95:dc:ea:85:41:90:71:54:55:e2:d6:f4:13:69:a9:d5:a9:1f:
73:79:e1:18:c3:fe:5b:28:92:4c:92:31:7b:fe:0e:bd:44:fa:
87:cd:5e:f1:0d:af:55:a5:c1:33:67:dc:01:0b:f4:d7:c5:b6:
23:1e:3a:02:9e:c0:80:0d:bb:b7:cc:fb:6c:00:24:34:44:fc:
86:45:e5:15
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICICYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAxMTcw
MTI0MDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQyRDIxRDMxODZDRjg3
OURBMDcyNzZDRTM0QTMzREIzMTEwMUM5MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuKI8xICsmbbo2LRfDyBRx1wPohq/KocZBEYHeYQFT1Uq2hXr/
kSazwbhL7xCQ8JOOZmIvinUbsVB47CH7aXnsF+Vw951oVh71/9Z/UYrcXXEN8eCI
CZxxZyhUiOloqB06si2gAqTS+g1SxXI0FV3yiQGSySGxIIbZAD4kcQlzQaUXLWkT
LB5erH1yUm1L8dd+v6PKBzmfPN3+tXpvhZasnKFM5SjcrtHoMkr3yUjkmahTJltn
ZmF6sW5d/9ymAUzJ3/gc0395w3aw1HdwsAqDDXrNK0Ofugq/Ml9kGxrbCF5vAMPo
ENOCTl8xZnSqUHFpNmXmteCD4jsNhDdFISH/AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU0tIdMYbPh52gcnbONKM9sxEByR4wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvMHRJZE1ZYlBoNTJn
Y25iT05LTTlzeEVCeVI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAN8d/jANBgkqhkiG9w0BAQsFAAOCAQEADpxa5TFSVLP+mebqRqnZZBRIdgYp
HBck3iJOxAmV2RVT0L9raY9xK6H/UZ8VPTTneiVd7SjrPI7vUxWY6dAtDFCIveuJ
ysqdpk5uEgPOHd5TRMCmgudlkLRI1BkN8ycr94PX5VN1+VElkNJItA62GTgEYlfE
6TJOuNnwCNAhTDBpV4zTC1dWXjGLbEP/KKzAjUAyYICbW2VuFUREE9N8p5qRwCrR
iHEivwlvrlb+XSkdI5SHldzqhUGQcVRV4tb0E2mp1akfc3nhGMP+WyiSTJIxe/4O
vUT6h81e8Q2vVaXBM2fcAQv018W2Ix46Ap7AgA27t8z7bAAkNET8hkXlFQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:45:36 2025 by rpki-client