Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1630/rXMoNLLLAnZyD1TpwcPuof38jjg.roa
File: rXMoNLLLAnZyD1TpwcPuof38jjg.roa (raw, json)
Hash identifier: Lxygh2Pl6+fWCjsenFceeqSSE2AlOa68HD+ZzEAuUlQ=
Subject key identifier: AD:73:28:34:B2:CB:02:76:72:0F:54:E9:C1:C3:EE:A1:FD:FC:8E:38
Certificate issuer: /CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A
Certificate serial: 15D4
Authority key identifier: 4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/rXMoNLLLAnZyD1TpwcPuof38jjg.roa
Signing time: Wed 13 Mar 2024 01:22:17 +0000
ROA not before: Wed 13 Mar 2024 01:22:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 63679
IP address blocks: 27.0.204.0/22 maxlen: 24
27.0.207.0/24 maxlen: 24
103.208.48.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5588 (0x15d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A
Validity
Not Before: Mar 13 01:22:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AD732834B2CB0276720F54E9C1C3EEA1FDFC8E38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8a:05:31:7d:30:89:2e:00:d1:62:f6:4f:7a:
5b:83:f3:f1:ce:29:c7:b9:18:98:c9:82:88:15:90:
a0:fd:fa:a6:fd:e9:a4:16:c8:85:31:e5:af:0d:c7:
48:80:f8:fb:f1:83:11:67:24:1b:0d:05:e7:b1:95:
e3:76:24:c5:85:91:47:8e:c4:4a:5b:12:86:a8:9f:
fd:58:d9:d7:12:44:c6:19:8e:72:b4:65:c3:e7:0a:
86:c2:e3:5b:eb:2a:ae:f3:53:f5:fd:e1:bd:90:5c:
71:e7:50:13:7a:32:3c:d4:a8:fc:bc:3b:81:88:04:
fa:39:44:2e:87:85:f5:1c:04:b2:a3:4a:4d:83:08:
d9:2b:d2:d4:a7:8c:bd:f3:19:de:3d:f0:bb:fb:fd:
72:37:02:e7:9c:80:6f:4c:27:a1:91:1f:10:05:e4:
cd:a1:47:3a:cc:aa:8a:cb:c3:f8:38:33:08:1e:70:
69:98:c1:28:50:40:cd:a0:8c:16:63:0b:9f:53:33:
f7:ed:db:ee:57:84:82:23:2d:26:9f:0f:b5:5c:f9:
3f:8d:11:03:5a:d1:3d:58:20:2a:58:d3:f3:7e:70:
0d:fd:05:71:1e:13:6d:28:b2:48:c5:74:3e:ad:b3:
0d:89:56:88:89:e7:dc:1b:d4:c6:fb:40:3f:66:48:
9c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:73:28:34:B2:CB:02:76:72:0F:54:E9:C1:C3:EE:A1:FD:FC:8E:38
X509v3 Authority Key Identifier:
keyid:4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/rXMoNLLLAnZyD1TpwcPuof38jjg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.204.0/22
103.208.48.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:5e:f6:91:be:49:ec:7c:d4:08:d1:d5:bf:3f:ec:9c:3f:46:
a4:97:98:5c:2a:f1:c4:fb:4c:22:b5:ce:91:f8:be:59:e3:62:
7c:e7:f4:5c:5f:19:5e:f0:a8:e6:ed:d9:9b:23:fc:74:12:d7:
a9:a0:c9:14:30:93:8a:f2:26:8b:09:34:f4:e4:73:b7:1b:26:
58:4e:f7:09:4a:67:5e:0d:0c:95:cf:00:4d:9e:ba:ed:fe:97:
b7:52:3f:13:d0:73:31:f2:01:eb:10:62:0d:e3:aa:da:94:17:
94:3f:4e:30:df:55:4b:9e:a5:42:af:89:c1:f4:ed:37:11:80:
0c:7a:90:aa:d5:e6:16:e4:25:44:7d:f1:a7:9a:69:97:b1:ca:
84:df:d5:56:04:1d:bc:79:87:ae:b8:10:b8:ef:ee:56:62:03:
2f:1b:81:4e:fa:37:7c:26:51:e7:e9:7b:09:cc:b2:94:ed:1d:
7a:82:9b:50:61:23:7a:62:c6:d5:3d:af:83:15:9c:eb:ac:2f:
19:45:71:c5:e1:cd:0b:53:a5:6a:ab:24:0f:9b:13:93:92:db:
90:bb:95:d5:43:68:4b:9c:09:fe:87:41:3c:c4:77:f8:92:11:
72:a3:69:fa:f6:93:54:d8:79:e0:5a:0f:56:eb:41:f6:3e:3b:
0f:ee:53:36
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICFdQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEMx
RkI1NTNGRjIzMzEyQ0Q5QzI1REUxREE3MjA0OEYwNjQ4M0M1QTAeFw0yNDAzMTMw
MTIyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFENzMyODM0QjJDQjAy
NzY3MjBGNTRFOUMxQzNFRUExRkRGQzhFMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjigUxfTCJLgDRYvZPeluD8/HOKce5GJjJgogVkKD9+qb96aQW
yIUx5a8Nx0iA+PvxgxFnJBsNBeexleN2JMWFkUeOxEpbEoaon/1Y2dcSRMYZjnK0
ZcPnCobC41vrKq7zU/X94b2QXHHnUBN6MjzUqPy8O4GIBPo5RC6HhfUcBLKjSk2D
CNkr0tSnjL3zGd498Lv7/XI3AuecgG9MJ6GRHxAF5M2hRzrMqorLw/g4MwgecGmY
wShQQM2gjBZjC59TM/ft2+5XhIIjLSafD7Vc+T+NEQNa0T1YICpY0/N+cA39BXEe
E20oskjFdD6tsw2JVoiJ59wb1Mb7QD9mSJyFAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUrXMoNLLLAnZyD1TpwcPuof38jjgwHwYDVR0jBBgwFoAUTB+1U/8jMSzZwl3h
2nIEjwZIPFowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTYz
MC9UQi0xVV84ak1Telp3bDNoMm5JRWp3WklQRm8uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1RCLTFVXzhqTVN6WndsM2gybklFandaSVBGby5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2MzAvclhNb05MTExBblp5
RDFUcHdjUHVvZjM4ampnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAhsAzAMEAmfQMDANBgkqhkiG9w0BAQsFAAOCAQEAnV72kb5J7HzUCNHVvz/s
nD9GpJeYXCrxxPtMIrXOkfi+WeNifOf0XF8ZXvCo5u3ZmyP8dBLXqaDJFDCTivIm
iwk09ORztxsmWE73CUpnXg0Mlc8ATZ667f6Xt1I/E9BzMfIB6xBiDeOq2pQXlD9O
MN9VS56lQq+JwfTtNxGADHqQqtXmFuQlRH3xp5ppl7HKhN/VVgQdvHmHrrgQuO/u
VmIDLxuBTvo3fCZR5+l7CcyylO0deoKbUGEjemLG1T2vgxWc66wvGUVxxeHNC1Ol
aqskD5sTk5LbkLuV1UNoS5wJ/odBPMR3+JIRcqNp+vaTVNh54FoPVutB9j47D+5T
Ng==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:25:28 2025 by rpki-client