Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/187/IYkJ5FCKNtKSqqAO-jf5CgFrRyo.roa
File: IYkJ5FCKNtKSqqAO-jf5CgFrRyo.roa (raw, json)
Hash identifier: iyH8j7lARJGiKTyNhZuxwAzL7RSAxkLDiciZi2qy3S0=
Subject key identifier: 21:89:09:E4:50:8A:36:D2:92:AA:A0:0E:FA:37:F9:0A:01:6B:47:2A
Certificate issuer: /CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
Certificate serial: 185B
Authority key identifier: 2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/IYkJ5FCKNtKSqqAO-jf5CgFrRyo.roa
Signing time: Fri 17 Jan 2025 01:26:29 +0000
ROA not before: Fri 17 Jan 2025 01:26:29 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 398704
IP address blocks: 219.72.160.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6235 (0x185b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
Validity
Not Before: Jan 17 01:26:29 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=218909E4508A36D292AAA00EFA37F90A016B472A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6c:0c:0c:33:5a:9e:c6:da:97:60:90:80:6d:
ce:63:9f:59:78:d2:cf:ff:50:b6:98:72:73:72:76:
75:d6:90:77:01:68:f8:50:e0:44:9b:e6:01:e1:f8:
8f:b9:43:27:7b:23:b9:c9:cf:ef:7b:72:76:f3:85:
13:7d:51:30:03:c0:38:61:db:34:6c:15:1a:a2:fb:
b8:2d:ab:69:2d:b9:19:df:df:9d:cb:f3:40:e8:72:
37:ae:c3:76:73:23:e6:f1:45:5a:e0:30:1d:2d:e8:
e8:31:b7:1f:82:03:32:c2:2c:80:3d:7f:3d:cf:11:
1a:53:46:4c:3d:75:62:9f:ba:c8:b7:05:19:5e:30:
65:92:c3:69:89:70:98:4f:a7:bb:5b:8c:91:ad:e4:
a9:e1:30:5d:dc:76:74:b5:b8:2a:b0:ed:3d:c2:f8:
87:aa:db:f3:ea:f7:8e:49:f2:ca:2c:98:5e:6b:a4:
84:f8:26:5d:a1:dd:20:ee:48:b7:08:1f:e3:aa:83:
ba:bf:9e:c0:b3:57:77:10:d7:7f:27:36:95:04:7c:
32:19:8d:63:14:a3:0d:27:1e:62:5d:02:92:b5:77:
4f:fd:70:95:45:d0:e8:85:08:66:ba:5f:ee:9b:e0:
c9:b5:54:04:d7:a0:c1:48:19:42:02:cb:80:5e:20:
19:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:89:09:E4:50:8A:36:D2:92:AA:A0:0E:FA:37:F9:0A:01:6B:47:2A
X509v3 Authority Key Identifier:
keyid:2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/IYkJ5FCKNtKSqqAO-jf5CgFrRyo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.72.160.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:9e:31:17:dc:bd:a5:27:e3:20:cd:1e:2b:d9:3a:5f:69:3e:
b0:16:23:27:40:0b:b3:a6:e6:63:57:76:35:47:da:0d:12:95:
bb:83:89:91:1b:4e:47:8f:9e:95:f0:18:0b:54:d5:f6:de:02:
fd:5d:1b:1e:37:c6:47:a1:2c:a7:ac:d5:8c:2b:cb:c6:f5:1d:
ee:03:d6:c9:3f:45:39:5f:c7:1c:1d:c3:48:15:47:0a:79:ba:
22:e0:28:db:d2:83:fb:45:56:18:0b:9d:7a:ca:37:0c:4c:1a:
fc:6a:d5:79:c9:37:36:f2:87:21:aa:54:11:d3:67:c1:13:31:
83:2e:ae:b3:4d:d8:e3:fd:fc:ae:eb:19:ec:9c:d8:8d:a3:91:
fe:9d:5e:d3:ff:a4:b0:2d:e2:40:f7:08:36:b8:bc:ad:72:b9:
59:b4:a1:f5:70:c3:33:6a:54:b8:1f:9f:0a:7b:c8:83:9b:25:
2c:d4:f0:ec:e0:04:94:74:c7:1e:86:61:b6:df:a1:a0:33:d9:
79:6e:b2:3b:5f:0d:e1:a1:a7:15:9b:a1:2f:f5:bb:87:7b:70:
83:27:84:06:e6:98:69:ff:17:22:45:f2:d5:f8:21:d2:87:35:
33:37:3a:8e:fb:a8:19:46:2b:a4:15:e4:1e:5a:7e:d2:28:5a:
00:f6:ff:c4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGFswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4
QzFERTE5NDc0MDM1Q0JFQTY3ODA1NEI2RDk0RjVBRkE1MzM2MTAeFw0yNTAxMTcw
MTI2MjlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDIxODkwOUU0NTA4QTM2
RDI5MkFBQTAwRUZBMzdGOTBBMDE2QjQ3MkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmbAwMM1qextqXYJCAbc5jn1l40s//ULaYcnNydnXWkHcBaPhQ
4ESb5gHh+I+5Qyd7I7nJz+97cnbzhRN9UTADwDhh2zRsFRqi+7gtq2ktuRnf353L
80Docjeuw3ZzI+bxRVrgMB0t6Ogxtx+CAzLCLIA9fz3PERpTRkw9dWKfusi3BRle
MGWSw2mJcJhPp7tbjJGt5KnhMF3cdnS1uCqw7T3C+Ieq2/Pq945J8sosmF5rpIT4
Jl2h3SDuSLcIH+Oqg7q/nsCzV3cQ138nNpUEfDIZjWMUow0nHmJdApK1d0/9cJVF
0OiFCGa6X+6b4Mm1VATXoMFIGUICy4BeIBmXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUIYkJ5FCKNtKSqqAO+jf5CgFrRyowHwYDVR0jBBgwFoAULowd4ZR0A1y+pngF
S22U9a+lM2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3
L0xvd2Q0WlIwQTF5LXBuZ0ZTMjJVOWEtbE0yRS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTG93ZDRaUjBBMXktcG5nRlMyMlU5YS1sTTJFLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3L0lZa0o1RkNLTnRLU3Fx
QU8tamY1Q2dGclJ5by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADbSKAwDQYJKoZIhvcNAQELBQADggEBAKieMRfcvaUn4yDNHivZOl9pPrAWIydA
C7Om5mNXdjVH2g0SlbuDiZEbTkePnpXwGAtU1fbeAv1dGx43xkehLKes1Ywry8b1
He4D1sk/RTlfxxwdw0gVRwp5uiLgKNvSg/tFVhgLnXrKNwxMGvxq1XnJNzbyhyGq
VBHTZ8ETMYMurrNN2OP9/K7rGeyc2I2jkf6dXtP/pLAt4kD3CDa4vK1yuVm0ofVw
wzNqVLgfnwp7yIObJSzU8OzgBJR0xx6GYbbfoaAz2XlusjtfDeGhpxWboS/1u4d7
cIMnhAbmmGn/FyJF8tX4IdKHNTM3Oo77qBlGK6QV5B5aftIoWgD2/8Q=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:53 2025 by rpki-client