Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/vkvnSUCSxZEq-uqTbuQg1WfIoA0.roa
File: vkvnSUCSxZEq-uqTbuQg1WfIoA0.roa (raw, json)
Hash identifier: EiDIvsXVbTOyIyQk1/0E6vY4k1ZqbRhKNSDNFMW+cOA=
Subject key identifier: BE:4B:E7:49:40:92:C5:91:2A:FA:EA:93:6E:E4:20:D5:67:C8:A0:0D
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 1EFA
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/vkvnSUCSxZEq-uqTbuQg1WfIoA0.roa
Signing time: Wed 20 Nov 2024 15:49:57 +0000
ROA not before: Wed 20 Nov 2024 15:49:57 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 398704
IP address blocks: 49.128.4.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7930 (0x1efa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Nov 20 15:49:57 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=BE4BE7494092C5912AFAEA936EE420D567C8A00D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0b:7e:00:1e:2d:32:5a:f7:37:f1:41:15:9c:
12:55:6a:0e:9b:14:18:56:f3:86:f4:63:ff:85:4f:
d8:fc:73:8a:04:d5:a0:1c:12:59:9a:37:dc:cb:18:
5c:30:58:dd:71:ba:54:de:c3:3f:a6:fd:48:f5:f8:
93:c7:09:f8:34:d4:87:4c:90:d0:94:5a:29:d8:9c:
81:6e:13:8c:8c:ab:09:2b:87:40:df:0e:43:22:43:
6b:a5:2c:e1:bf:ba:7a:37:da:4b:31:f6:e4:60:34:
9c:74:21:93:32:e5:92:ba:4e:d2:dd:a6:b7:e0:b8:
2a:f8:77:36:49:e4:ba:9d:44:e0:b9:44:51:fe:f9:
a8:df:49:81:6e:c2:53:b3:6e:19:a2:47:3d:a7:37:
6c:6a:27:60:52:77:13:1d:6b:8e:f2:b1:14:46:48:
58:7d:ea:cd:8f:df:e4:f5:3a:5b:cf:69:3b:a8:ed:
b7:1f:7c:b3:65:9e:3a:42:d2:0b:63:c9:21:3d:95:
34:5b:57:7a:75:c6:e2:47:ea:d3:ba:9c:95:a4:f4:
19:db:6f:12:8a:ff:10:e5:65:73:c2:15:84:e3:13:
27:6b:88:64:12:6e:e2:23:94:a6:55:99:04:cb:83:
c9:3e:ac:2a:c4:84:00:b7:d8:e6:49:36:34:71:b7:
44:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:4B:E7:49:40:92:C5:91:2A:FA:EA:93:6E:E4:20:D5:67:C8:A0:0D
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/vkvnSUCSxZEq-uqTbuQg1WfIoA0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.128.4.0/22
Signature Algorithm: sha256WithRSAEncryption
d6:8d:c5:30:b6:31:55:f8:37:24:e6:44:8d:84:ce:ec:94:c6:
21:2c:58:f4:7c:d2:b1:bf:13:a7:ad:3b:f6:e2:f2:87:44:eb:
e1:e2:b7:f8:95:e6:8c:e0:6f:80:9d:e5:9d:2f:a1:29:20:89:
79:54:6a:56:43:03:a2:f3:e7:75:86:fc:41:97:e4:bf:c2:f2:
06:ee:a8:39:61:d1:b1:ec:07:8a:07:4e:23:b1:a9:ee:5a:aa:
70:05:de:67:93:24:e3:01:68:62:48:78:ef:92:03:51:e6:11:
06:98:76:e2:83:71:61:2a:5b:1f:e4:b1:8d:57:40:f6:f7:55:
fe:c1:11:9d:90:24:5f:97:d5:91:f4:3e:97:79:86:cb:83:5b:
3b:af:ce:91:49:ba:38:a8:34:2d:14:6c:7f:3f:38:73:df:3e:
d8:48:22:dc:9f:13:70:1d:9f:96:a8:90:fc:33:82:0b:80:da:
ff:55:1d:57:13:8e:cd:b7:08:59:46:95:35:2d:9c:d6:1a:6f:
5b:3e:84:c0:72:6a:9d:c9:95:d5:6a:82:8c:46:81:88:e6:f7:
4d:46:f1:54:1a:52:12:bc:5c:b0:ce:f3:16:78:d3:eb:0f:9a:
db:57:08:5e:40:36:26:a1:87:49:2b:8e:47:b1:fb:04:ab:2b:
33:61:b4:58
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHvowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDExMjAx
NTQ5NTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJFNEJFNzQ5NDA5MkM1
OTEyQUZBRUE5MzZFRTQyMEQ1NjdDOEEwMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0C34AHi0yWvc38UEVnBJVag6bFBhW84b0Y/+FT9j8c4oE1aAc
ElmaN9zLGFwwWN1xulTewz+m/Uj1+JPHCfg01IdMkNCUWinYnIFuE4yMqwkrh0Df
DkMiQ2ulLOG/uno32ksx9uRgNJx0IZMy5ZK6TtLdprfguCr4dzZJ5LqdROC5RFH+
+ajfSYFuwlOzbhmiRz2nN2xqJ2BSdxMda47ysRRGSFh96s2P3+T1OlvPaTuo7bcf
fLNlnjpC0gtjySE9lTRbV3p1xuJH6tO6nJWk9BnbbxKK/xDlZXPCFYTjEydriGQS
buIjlKZVmQTLg8k+rCrEhAC32OZJNjRxt0TFAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUvkvnSUCSxZEq+uqTbuQg1WfIoA0wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvdmt2blNVQ1N4WkVx
LXVxVGJ1UWcxV2ZJb0EwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAjGABDANBgkqhkiG9w0BAQsFAAOCAQEA1o3FMLYxVfg3JOZEjYTO7JTGISxY
9HzSsb8Tp6079uLyh0Tr4eK3+JXmjOBvgJ3lnS+hKSCJeVRqVkMDovPndYb8QZfk
v8LyBu6oOWHRsewHigdOI7Gp7lqqcAXeZ5Mk4wFoYkh475IDUeYRBph24oNxYSpb
H+SxjVdA9vdV/sERnZAkX5fVkfQ+l3mGy4NbO6/OkUm6OKg0LRRsfz84c98+2Egi
3J8TcB2flqiQ/DOCC4Da/1UdVxOOzbcIWUaVNS2c1hpvWz6EwHJqncmV1WqCjEaB
iOb3TUbxVBpSErxcsM7zFnjT6w+a21cIXkA2JqGHSSuOR7H7BKsrM2G0WA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:16 2025 by rpki-client