Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/uzejoKzTeKDkpAiT_kC3H2af84w.roa
File: uzejoKzTeKDkpAiT_kC3H2af84w.roa (raw, json)
Hash identifier: pxi1SN6x6SJe2L7OxxGf3guFu+VTbediU/lKPs/cm4c=
Subject key identifier: BB:37:A3:A0:AC:D3:78:A0:E4:A4:08:93:FE:40:B7:1F:66:9F:F3:8C
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 201E
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/uzejoKzTeKDkpAiT_kC3H2af84w.roa
Signing time: Fri 17 Jan 2025 01:24:07 +0000
ROA not before: Fri 17 Jan 2025 01:24:07 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 60721
IP address blocks: 223.29.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8222 (0x201e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Jan 17 01:24:07 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=BB37A3A0ACD378A0E4A40893FE40B71F669FF38C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:dd:b4:d4:ac:c9:fc:11:cc:f2:0d:91:0a:32:
dc:fd:c3:02:99:6f:d1:ad:de:20:0f:24:20:cb:1c:
c5:a2:60:97:af:0d:94:85:3a:af:a6:33:3a:53:72:
06:15:df:24:24:3f:61:74:8f:06:3a:7d:d7:6f:46:
75:ad:81:5c:10:d4:c2:68:59:8e:25:6d:86:d9:b2:
cf:1b:d9:c9:cb:cd:48:da:03:6a:b9:62:6c:22:61:
59:02:df:2d:1a:5f:ad:a8:6b:d3:bf:32:f2:99:bb:
be:31:e1:4a:43:a0:a3:5d:45:57:a8:1d:34:94:e8:
08:6c:cb:0c:47:45:97:22:45:6e:1b:d9:37:f3:e1:
20:f7:31:cf:c2:30:83:df:b0:ca:7f:af:c9:57:50:
c4:bb:95:af:82:51:d5:6b:c5:02:6b:ff:ff:2c:ac:
fd:04:3f:11:51:1d:69:d1:d6:23:5b:c1:6f:79:83:
56:2c:2b:7e:3f:fe:c7:46:9f:94:76:f5:da:8c:eb:
ff:6f:d3:0d:b8:c2:ab:c3:27:55:c9:68:21:2e:d2:
bc:32:43:e1:f0:06:5d:8d:68:7a:fa:13:6e:0b:6f:
f1:54:c0:3d:6d:0f:fc:26:83:ae:b9:06:77:f1:83:
14:63:e0:0a:ce:bf:e1:ff:b0:44:49:e2:fc:97:be:
31:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:37:A3:A0:AC:D3:78:A0:E4:A4:08:93:FE:40:B7:1F:66:9F:F3:8C
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/uzejoKzTeKDkpAiT_kC3H2af84w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.253.0/24
Signature Algorithm: sha256WithRSAEncryption
68:f7:d5:31:4e:5e:2e:2c:8a:fa:66:2d:d5:de:3e:ba:25:f5:
30:f1:9f:68:23:a4:49:69:99:52:a5:76:56:0e:05:91:84:29:
b7:18:f2:cc:7a:bc:41:b0:94:eb:b4:8f:a6:97:f7:67:25:73:
06:00:0e:ee:ec:95:80:b9:14:ac:a3:a6:f5:53:b8:b0:49:54:
ad:d4:cc:16:e2:ed:48:0d:18:4a:c6:a3:71:92:4e:06:fc:f3:
27:0b:16:71:42:5b:71:da:8d:31:82:b4:07:c0:d0:a5:98:c6:
ec:1b:e9:93:10:ef:cf:27:3b:66:a9:90:2a:c6:21:84:0c:90:
a5:75:90:4e:17:20:f0:0f:93:83:e8:15:09:55:61:8f:59:01:
83:11:c2:e2:99:ba:4f:ad:bc:e9:60:f5:98:45:06:2b:2e:34:
4d:9f:03:96:58:38:2d:3b:1e:ec:ef:b2:e4:6b:04:2d:3e:e7:
9d:d0:84:91:c8:b4:ed:f9:6d:8e:af:c5:f8:7e:0e:c6:58:ee:
f8:90:bb:97:52:a8:bf:7f:37:ff:12:08:93:29:96:b9:8b:63:
fd:59:6e:d5:d9:1e:77:e7:b1:04:95:52:d6:f5:20:99:bf:c5:
93:ec:92:6f:c5:0d:b5:0c:d2:b4:65:90:0c:92:96:1a:07:8f:
91:95:a5:30
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICIB4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAxMTcw
MTI0MDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJCMzdBM0EwQUNEMzc4
QTBFNEE0MDg5M0ZFNDBCNzFGNjY5RkYzOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB3bTUrMn8EczyDZEKMtz9wwKZb9Gt3iAPJCDLHMWiYJevDZSF
Oq+mMzpTcgYV3yQkP2F0jwY6fddvRnWtgVwQ1MJoWY4lbYbZss8b2cnLzUjaA2q5
YmwiYVkC3y0aX62oa9O/MvKZu74x4UpDoKNdRVeoHTSU6AhsywxHRZciRW4b2Tfz
4SD3Mc/CMIPfsMp/r8lXUMS7la+CUdVrxQJr//8srP0EPxFRHWnR1iNbwW95g1Ys
K34//sdGn5R29dqM6/9v0w24wqvDJ1XJaCEu0rwyQ+HwBl2NaHr6E24Lb/FUwD1t
D/wmg665BnfxgxRj4ArOv+H/sERJ4vyXvjEhAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUuzejoKzTeKDkpAiT/kC3H2af84wwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvdXplam9LelRlS0Rr
cEFpVF9rQzNIMmFmODR3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAN8d/TANBgkqhkiG9w0BAQsFAAOCAQEAaPfVMU5eLiyK+mYt1d4+uiX1MPGf
aCOkSWmZUqV2Vg4FkYQptxjyzHq8QbCU67SPppf3ZyVzBgAO7uyVgLkUrKOm9VO4
sElUrdTMFuLtSA0YSsajcZJOBvzzJwsWcUJbcdqNMYK0B8DQpZjG7BvpkxDvzyc7
ZqmQKsYhhAyQpXWQThcg8A+Tg+gVCVVhj1kBgxHC4pm6T6286WD1mEUGKy40TZ8D
llg4LTse7O+y5GsELT7nndCEkci07fltjq/F+H4Oxlju+JC7l1Kov383/xIIkymW
uYtj/Vlu1dked+exBJVS1vUgmb/Fk+ySb8UNtQzStGWQDJKWGgePkZWlMA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:41 2025 by rpki-client