Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1630/p4NdksDiCY31k6x-lrJZdHrDyIs.roa
File: p4NdksDiCY31k6x-lrJZdHrDyIs.roa (raw, json)
Hash identifier: 1Gt4x4TRC2WlKuqrik2KaqorMtbTmxXQngWbLJW6fZs=
Subject key identifier: A7:83:5D:92:C0:E2:09:8D:F5:93:AC:7E:96:B2:59:74:7A:C3:C8:8B
Certificate issuer: /CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A
Certificate serial: 1BCE
Authority key identifier: 4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/p4NdksDiCY31k6x-lrJZdHrDyIs.roa
Signing time: Fri 17 Jan 2025 01:27:05 +0000
ROA not before: Fri 17 Jan 2025 01:27:05 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 23650
IP address blocks: 27.0.204.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7118 (0x1bce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A
Validity
Not Before: Jan 17 01:27:05 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=A7835D92C0E2098DF593AC7E96B259747AC3C88B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c0:10:cd:48:eb:ad:b4:35:68:4f:47:39:73:
bc:d1:1a:9e:a9:46:5c:24:a5:9f:61:bc:83:4f:b8:
fa:80:42:1b:f8:20:49:a9:38:3a:32:3a:80:d2:bc:
c7:46:76:19:77:76:d9:7b:a2:5c:5c:21:8d:47:40:
fa:0f:56:17:43:db:4f:5f:4b:52:38:c9:8e:d6:aa:
39:72:91:c2:73:28:f4:b8:95:96:90:18:c3:ff:4a:
a9:ce:6b:cf:94:5e:05:29:5f:1f:d3:0b:17:cb:b9:
b1:1a:3e:8a:cd:f1:b1:09:19:68:1f:bb:f7:28:89:
48:f6:8a:26:fc:b5:63:e4:d3:5c:6f:71:36:31:66:
6b:5f:d0:f9:1e:6c:54:c0:3f:44:45:b8:10:1f:77:
cd:b4:0d:75:30:d0:15:f8:39:da:8a:7a:45:46:2b:
ab:b4:11:0d:5e:35:94:7d:9b:fe:db:c2:a3:b7:cd:
80:2f:52:3d:bc:ad:56:c8:ae:cd:37:8a:43:72:1b:
59:05:2a:47:1a:e2:53:3e:16:bc:75:e0:ce:fe:f0:
8f:36:49:6f:4e:60:a2:7e:c5:c8:91:c8:a0:34:77:
e2:03:25:a2:23:e6:11:27:d5:f6:4e:db:dd:27:c8:
30:41:54:5c:44:32:c1:98:ab:fe:bc:9b:43:43:bc:
c9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:83:5D:92:C0:E2:09:8D:F5:93:AC:7E:96:B2:59:74:7A:C3:C8:8B
X509v3 Authority Key Identifier:
keyid:4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/p4NdksDiCY31k6x-lrJZdHrDyIs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.204.0/22
Signature Algorithm: sha256WithRSAEncryption
69:94:03:16:da:96:d2:a3:3d:68:b9:47:27:3c:95:c8:5d:ba:
46:d0:f3:63:59:82:25:c5:6e:b5:d0:f5:aa:e5:81:62:c0:ed:
bb:2a:21:f2:b8:52:7f:6f:a1:06:a6:eb:19:1a:17:15:e0:16:
86:8b:92:6f:6f:ad:1d:97:3f:a9:4d:88:ad:a8:67:70:51:c2:
46:85:8b:5f:fe:77:24:26:3f:16:19:c3:9c:ec:a3:6f:4e:37:
70:26:01:ec:37:14:0f:56:b3:ec:a5:7b:4a:39:93:8d:21:aa:
28:70:b7:d9:0e:8e:05:b7:c4:6a:f2:3a:1e:61:87:d8:09:75:
10:f3:e2:97:12:47:db:ea:13:98:20:aa:a4:ae:f4:77:d5:a8:
b9:6a:be:98:0d:b9:2a:9b:3f:41:6c:57:ab:1e:14:99:a2:2c:
47:9c:92:93:4e:ba:7a:7d:f2:69:72:5a:f3:04:d1:6a:1c:75:
96:f0:df:3f:2d:e5:2d:ab:94:b2:30:70:6c:8a:7e:6c:00:f8:
8c:f5:7b:d3:72:1c:8f:7f:aa:ad:ec:23:f5:c6:b4:b5:5b:a4:
a2:4d:cd:5a:3f:bc:70:9a:79:dc:06:4b:c6:3f:84:67:49:48:
e3:8e:35:f5:37:31:f3:f1:a9:b0:32:44:8b:95:91:ea:a9:1c:
e6:e3:21:5c
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICG84wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEMx
RkI1NTNGRjIzMzEyQ0Q5QzI1REUxREE3MjA0OEYwNjQ4M0M1QTAeFw0yNTAxMTcw
MTI3MDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEE3ODM1RDkyQzBFMjA5
OERGNTkzQUM3RTk2QjI1OTc0N0FDM0M4OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8wBDNSOuttDVoT0c5c7zRGp6pRlwkpZ9hvINPuPqAQhv4IEmp
ODoyOoDSvMdGdhl3dtl7olxcIY1HQPoPVhdD209fS1I4yY7WqjlykcJzKPS4lZaQ
GMP/SqnOa8+UXgUpXx/TCxfLubEaPorN8bEJGWgfu/coiUj2iib8tWPk01xvcTYx
Zmtf0PkebFTAP0RFuBAfd820DXUw0BX4OdqKekVGK6u0EQ1eNZR9m/7bwqO3zYAv
Uj28rVbIrs03ikNyG1kFKkca4lM+Frx14M7+8I82SW9OYKJ+xciRyKA0d+IDJaIj
5hEn1fZO290nyDBBVFxEMsGYq/68m0NDvMmrAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUp4NdksDiCY31k6x+lrJZdHrDyIswHwYDVR0jBBgwFoAUTB+1U/8jMSzZwl3h
2nIEjwZIPFowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTYz
MC9UQi0xVV84ak1Telp3bDNoMm5JRWp3WklQRm8uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1RCLTFVXzhqTVN6WndsM2gybklFandaSVBGby5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2MzAvcDROZGtzRGlDWTMx
azZ4LWxySlpkSHJEeUlzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAhsAzDANBgkqhkiG9w0BAQsFAAOCAQEAaZQDFtqW0qM9aLlHJzyVyF26RtDz
Y1mCJcVutdD1quWBYsDtuyoh8rhSf2+hBqbrGRoXFeAWhouSb2+tHZc/qU2Irahn
cFHCRoWLX/53JCY/FhnDnOyjb043cCYB7DcUD1az7KV7SjmTjSGqKHC32Q6OBbfE
avI6HmGH2Al1EPPilxJH2+oTmCCqpK70d9WouWq+mA25Kps/QWxXqx4UmaIsR5yS
k066en3yaXJa8wTRahx1lvDfPy3lLauUsjBwbIp+bAD4jPV703Icj3+qrewj9ca0
tVukok3NWj+8cJp53AZLxj+EZ0lI44419Tcx8/GpsDJEi5WR6qkc5uMhXA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:20 2025 by rpki-client