Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/F-PLBkUJrhrV-KBJeTXlAo3uFIQ.roa
File: F-PLBkUJrhrV-KBJeTXlAo3uFIQ.roa (raw, json)
Hash identifier: G0OcVUn1H6U6vze7iL2fHDtXQLPXmGQGcExdKogT03k=
Subject key identifier: 17:E3:CB:06:45:09:AE:1A:D5:F8:A0:49:79:35:E5:02:8D:EE:14:84
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 208C
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/F-PLBkUJrhrV-KBJeTXlAo3uFIQ.roa
Signing time: Sun 02 Feb 2025 19:42:10 +0000
ROA not before: Sun 02 Feb 2025 19:42:10 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 834
IP address blocks: 223.29.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8332 (0x208c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Feb 2 19:42:10 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=17E3CB064509AE1AD5F8A0497935E5028DEE1484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:02:10:1e:37:b0:b4:a6:5a:da:10:f4:77:33:
b5:d8:46:6e:ac:62:95:ae:52:f8:9d:a2:a7:be:ec:
87:47:ec:ec:02:b7:79:1f:91:b9:57:65:18:21:93:
5e:7b:1b:2a:c4:5d:09:22:34:37:b3:9e:19:9b:a5:
b1:7c:e4:ce:22:b2:f9:0a:ad:62:55:a6:a2:0b:06:
b9:31:0c:e6:86:77:a4:ea:90:db:a2:32:c5:a7:9c:
56:f2:32:33:0e:0c:53:4d:fc:e8:4f:f0:72:21:2f:
f7:81:9f:1c:aa:bf:3d:d4:9a:a2:c2:c2:ec:94:b6:
40:2a:bd:f0:2e:2b:5f:13:b2:93:f2:b5:52:27:42:
04:1a:f1:e6:6e:35:c1:59:c4:4d:85:15:28:c6:32:
d7:ea:49:68:9a:23:06:d1:e4:1e:02:bd:60:15:dd:
8c:39:ce:47:41:18:80:44:61:7c:54:06:6a:b3:9e:
59:88:ee:8b:a7:8c:cf:2f:ef:b9:9b:d9:d5:92:0d:
51:ce:ed:04:9a:25:d7:33:54:8a:ca:75:c1:d1:06:
d5:5c:bf:b2:a1:48:56:da:25:4a:6e:eb:02:0c:3f:
dd:f6:ec:3e:ca:2e:66:3b:cc:97:36:66:9c:9b:30:
17:4e:9f:ff:34:c4:bf:c9:97:70:ef:66:41:95:b7:
f4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E3:CB:06:45:09:AE:1A:D5:F8:A0:49:79:35:E5:02:8D:EE:14:84
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/F-PLBkUJrhrV-KBJeTXlAo3uFIQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.255.0/24
Signature Algorithm: sha256WithRSAEncryption
07:0f:9f:ee:81:e7:9e:9d:e2:05:5d:45:df:d4:dd:dc:83:51:
00:9c:29:de:c2:dd:43:d6:27:e8:96:01:2e:25:5d:a5:e9:8e:
fe:43:82:09:01:08:4d:57:87:69:27:6f:68:96:27:9c:7b:45:
1e:6f:44:29:2f:d1:2e:68:b6:8e:c8:2c:52:37:e3:72:b4:82:
5f:05:fe:6c:67:f5:4f:c6:3a:4d:6a:2b:a7:12:69:81:7e:99:
f4:dd:ee:f0:d9:03:38:6b:f5:9b:f6:3a:50:d5:23:26:22:ed:
a3:ca:4d:37:91:d0:fc:3a:fd:da:d3:3c:2b:37:d1:06:6c:92:
87:12:d7:b8:ab:8f:68:0f:fb:7e:16:76:bd:90:4a:be:fb:1c:
32:e3:07:7f:d9:27:2c:25:b9:33:77:be:78:7c:be:ea:48:db:
16:af:7f:f7:ea:90:1e:44:20:4b:50:67:07:72:1e:d6:90:f7:
cf:8b:53:f1:43:0e:f2:61:5c:b9:59:a1:53:d2:67:80:d2:55:
9d:a4:90:f3:da:4e:2a:f2:ca:9c:e3:7f:98:13:e6:99:c5:23:
8c:c4:f7:ce:80:0f:8d:aa:10:4a:3a:d8:cb:d5:7b:42:80:a0:
64:cf:11:ca:53:29:5d:91:b3:46:8a:57:1d:61:57:c9:77:d0:
19:d2:68:fb
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICIIwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAyMDIx
OTQyMTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDE3RTNDQjA2NDUwOUFF
MUFENUY4QTA0OTc5MzVFNTAyOERFRTE0ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBAhAeN7C0plraEPR3M7XYRm6sYpWuUvidoqe+7IdH7OwCt3kf
kblXZRghk157GyrEXQkiNDeznhmbpbF85M4isvkKrWJVpqILBrkxDOaGd6TqkNui
MsWnnFbyMjMODFNN/OhP8HIhL/eBnxyqvz3UmqLCwuyUtkAqvfAuK18TspPytVIn
QgQa8eZuNcFZxE2FFSjGMtfqSWiaIwbR5B4CvWAV3Yw5zkdBGIBEYXxUBmqznlmI
7ounjM8v77mb2dWSDVHO7QSaJdczVIrKdcHRBtVcv7KhSFbaJUpu6wIMP9327D7K
LmY7zJc2ZpybMBdOn/80xL/Jl3DvZkGVt/SlAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUF+PLBkUJrhrV+KBJeTXlAo3uFIQwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvRi1QTEJrVUpyaHJW
LUtCSmVUWGxBbzN1RklRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAN8d/zANBgkqhkiG9w0BAQsFAAOCAQEABw+f7oHnnp3iBV1F39Td3INRAJwp
3sLdQ9Yn6JYBLiVdpemO/kOCCQEITVeHaSdvaJYnnHtFHm9EKS/RLmi2jsgsUjfj
crSCXwX+bGf1T8Y6TWorpxJpgX6Z9N3u8NkDOGv1m/Y6UNUjJiLto8pNN5HQ/Dr9
2tM8KzfRBmyShxLXuKuPaA/7fhZ2vZBKvvscMuMHf9knLCW5M3e+eHy+6kjbFq9/
9+qQHkQgS1BnB3Ie1pD3z4tT8UMO8mFcuVmhU9JngNJVnaSQ89pOKvLKnON/mBPm
mcUjjMT3zoAPjaoQSjrYy9V7QoCgZM8RylMpXZGzRopXHWFXyXfQGdJo+w==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:21:50 2025 by rpki-client