Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/n_fbJzcBeone-VCh6IJkLgJw3EE.roa
File: n_fbJzcBeone-VCh6IJkLgJw3EE.roa (raw, json)
Hash identifier: bjY0FSjeG6Q2w9vrLDF+3orzuQJRmNxrodxNW24XpDg=
Subject key identifier: 9F:F7:DB:27:37:01:7A:89:DE:F9:50:A1:E8:82:64:2E:02:70:DC:41
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 1E76
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/n_fbJzcBeone-VCh6IJkLgJw3EE.roa
Signing time: Wed 13 Mar 2024 01:21:35 +0000
ROA not before: Wed 13 Mar 2024 01:21:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 134762
IP address blocks: 43.226.32.0/20 maxlen: 22
43.226.72.0/22 maxlen: 22
43.227.64.0/22 maxlen: 22
103.45.172.0/22 maxlen: 22
103.45.248.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7798 (0x1e76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: Mar 13 01:21:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9FF7DB2737017A89DEF950A1E882642E0270DC41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cb:86:94:a9:29:6e:13:58:f3:ea:ae:fc:e6:
b6:dd:bc:cf:cb:f0:a0:d3:7f:08:24:0c:2e:08:da:
94:22:04:7b:e7:52:5a:42:f0:36:e3:12:f4:9c:56:
45:d6:a9:37:52:d7:c1:99:33:40:f9:74:5c:4c:cc:
cf:84:60:91:03:04:03:06:09:42:8d:5e:30:8a:af:
02:c8:9c:d2:11:ad:14:6a:74:0d:db:54:74:73:d1:
c7:87:ae:02:20:5c:bb:9e:dc:c3:a3:0a:d0:bc:9c:
fe:8c:d1:ea:f8:cd:97:76:1c:1c:8f:5d:6a:0e:f6:
35:5e:79:62:a2:52:d4:e1:50:cc:b8:d7:d8:af:43:
86:10:4d:55:71:f0:ed:e4:c3:7a:05:e7:7d:7d:5f:
f3:33:dc:ea:b0:bf:3b:71:14:7c:af:d0:42:b6:04:
8b:de:29:80:ac:08:53:44:71:e8:a9:b0:cf:88:50:
b6:56:e8:82:5c:9d:c6:33:1e:38:21:3c:fd:74:a5:
31:fe:8c:54:03:41:79:c9:e5:6d:77:05:8b:10:2c:
f0:e8:d3:35:d5:9f:52:0f:44:32:85:a2:84:bc:83:
79:cc:ac:ae:87:bf:d9:1a:f2:e0:86:a3:e4:cd:62:
e1:c8:af:cc:95:95:0f:4d:91:2e:1c:9e:13:af:83:
1a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F7:DB:27:37:01:7A:89:DE:F9:50:A1:E8:82:64:2E:02:70:DC:41
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/n_fbJzcBeone-VCh6IJkLgJw3EE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.32.0/20
43.226.72.0/22
43.227.64.0/22
103.45.172.0/22
103.45.248.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:6d:7a:bd:5c:79:ce:87:16:fc:2a:26:7d:c5:dc:fa:aa:70:
68:f8:ea:2e:01:ec:ce:6d:fc:81:8f:93:a2:0e:40:2f:1c:02:
38:03:9e:24:7c:47:36:d3:d0:57:7b:55:f9:a2:d9:07:cf:58:
71:74:c5:b0:bd:f1:89:42:2b:d4:bd:d5:c4:9e:00:7c:54:37:
84:a5:fb:f8:08:0f:8d:e3:06:50:fc:10:2e:ed:ac:17:cb:63:
ad:7c:7c:8b:5a:83:e2:66:b6:5f:bd:1d:19:fb:94:df:3f:02:
de:fd:48:d7:3e:40:f9:c8:ed:61:66:f3:6f:b3:5a:e4:97:3a:
49:53:02:68:e8:0f:f4:9c:5f:7a:ff:cf:77:3d:1f:24:c0:01:
0f:b8:cc:e9:b4:2f:76:97:1b:9f:48:24:6c:3a:d6:93:e3:11:
5e:16:f8:db:68:f1:0a:b0:c8:e3:7b:be:5b:89:dc:d5:27:12:
cd:66:b0:e4:bd:52:21:85:b3:07:34:b2:81:1e:f5:d1:c2:ce:
70:b7:7b:ff:ee:8a:6f:a1:dd:85:1e:58:09:50:5c:f3:03:75:
7f:08:5f:b7:2f:6c:e6:e4:88:63:2c:40:d6:77:fe:93:d1:cf:
38:ea:18:d0:06:4b:5f:bf:22:67:06:52:db:fd:d7:ab:1b:83:
57:54:55:51
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgICHnYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNDAzMTMw
MTIxMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlGRjdEQjI3MzcwMTdB
ODlERUY5NTBBMUU4ODI2NDJFMDI3MERDNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4y4aUqSluE1jz6q785rbdvM/L8KDTfwgkDC4I2pQiBHvnUlpC
8DbjEvScVkXWqTdS18GZM0D5dFxMzM+EYJEDBAMGCUKNXjCKrwLInNIRrRRqdA3b
VHRz0ceHrgIgXLue3MOjCtC8nP6M0er4zZd2HByPXWoO9jVeeWKiUtThUMy419iv
Q4YQTVVx8O3kw3oF5319X/Mz3OqwvztxFHyv0EK2BIveKYCsCFNEceipsM+IULZW
6IJcncYzHjghPP10pTH+jFQDQXnJ5W13BYsQLPDo0zXVn1IPRDKFooS8g3nMrK6H
v9ka8uCGo+TNYuHIr8yVlQ9NkS4cnhOvgxp5AgMBAAGjggILMIICBzAdBgNVHQ4E
FgQUn/fbJzcBeone+VCh6IJkLgJw3EEwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvbl9mYkp6Y0Jlb25l
LVZDaDZJSmtMZ0p3M0VFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEw
HgMEBCviIAMEAiviSAMEAivjQAMEAmctrAMEAmct+DANBgkqhkiG9w0BAQsFAAOC
AQEALW16vVx5zocW/ComfcXc+qpwaPjqLgHszm38gY+Tog5ALxwCOAOeJHxHNtPQ
V3tV+aLZB89YcXTFsL3xiUIr1L3VxJ4AfFQ3hKX7+AgPjeMGUPwQLu2sF8tjrXx8
i1qD4ma2X70dGfuU3z8C3v1I1z5A+cjtYWbzb7Na5Jc6SVMCaOgP9Jxfev/Pdz0f
JMABD7jM6bQvdpcbn0gkbDrWk+MRXhb422jxCrDI43u+W4nc1ScSzWaw5L1SIYWz
BzSygR710cLOcLd7/+6Kb6HdhR5YCVBc8wN1fwhfty9s5uSIYyxA1nf+k9HPOOoY
0AZLX78iZwZS2/3XqxuDV1RVUQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:45 2025 by rpki-client