Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/187/q7QU6lU95ixq2YPLRtMk7F1dayQ.roa
File: q7QU6lU95ixq2YPLRtMk7F1dayQ.roa (raw, json)
Hash identifier: N/yLBYFQ2d1CNqgsbqACcC8rdjiEfDBCgR7jvwcGnMg=
Subject key identifier: AB:B4:14:EA:55:3D:E6:2C:6A:D9:83:CB:46:D3:24:EC:5D:5D:6B:24
Certificate issuer: /CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
Certificate serial: 13C0
Authority key identifier: 2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/q7QU6lU95ixq2YPLRtMk7F1dayQ.roa
Signing time: Fri 24 May 2024 02:24:48 +0000
ROA not before: Fri 24 May 2024 02:24:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 18118
IP address blocks: 219.72.160.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5056 (0x13c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
Validity
Not Before: May 24 02:24:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=ABB414EA553DE62C6AD983CB46D324EC5D5D6B24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:26:dc:a5:18:bc:f6:7c:4c:bc:a0:82:27:67:
a0:e7:67:ac:38:76:ab:ea:ab:8b:d3:36:4c:ce:41:
33:7c:e4:3c:ca:ab:3d:e6:eb:1f:93:dd:be:5b:ba:
9f:97:d6:3f:d1:08:2a:13:41:2c:cb:46:c0:0e:a5:
c7:57:28:fa:7c:ac:4d:a6:f2:30:8c:20:fe:ff:d3:
33:54:97:31:f2:0e:26:c5:4c:cb:65:66:fd:33:fb:
1a:ee:c2:43:61:ec:5f:97:7e:f2:4c:38:32:f9:1b:
2e:6e:0f:27:6d:3d:8c:1f:79:63:11:80:02:9d:e1:
db:bd:14:3a:94:6e:44:27:ea:38:a0:a2:86:44:e0:
c4:4d:c8:dd:80:6f:d9:ed:81:38:01:a8:8b:fe:17:
5e:9b:b1:4d:77:47:39:07:52:3f:39:7d:2e:10:f1:
1e:b7:d7:af:20:6f:a0:27:b6:63:cf:35:7b:3e:19:
43:83:26:35:84:de:1a:fa:3b:93:a1:76:72:20:da:
38:8a:b7:ad:eb:a8:94:19:1c:a6:73:71:48:d1:66:
a5:94:cd:d1:ab:6a:fc:3a:67:88:8c:02:3a:c0:9e:
cc:ce:d4:3c:da:9f:86:f7:56:72:00:7a:ea:53:d0:
34:62:21:58:a3:ca:cc:77:f7:37:61:4c:01:9e:03:
4c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B4:14:EA:55:3D:E6:2C:6A:D9:83:CB:46:D3:24:EC:5D:5D:6B:24
X509v3 Authority Key Identifier:
keyid:2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/q7QU6lU95ixq2YPLRtMk7F1dayQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.72.160.0/24
Signature Algorithm: sha256WithRSAEncryption
15:5a:2b:f4:e7:df:7f:78:c8:1f:4e:cb:68:80:9b:47:f0:c7:
a8:24:74:dc:ba:12:45:6d:2d:6f:59:ae:9d:75:d6:16:f2:15:
69:12:9d:a6:28:5e:d0:90:e2:25:ee:08:01:6a:4a:59:57:f3:
d5:2c:04:23:41:f8:eb:fb:bd:8c:81:eb:a9:83:64:4e:fd:c7:
f2:68:a5:58:8e:3d:25:49:a3:a5:25:35:27:0f:11:32:63:38:
b5:f9:85:53:8f:e3:ab:7f:bc:da:3d:81:c6:df:18:0a:33:94:
5a:68:de:3d:89:58:40:9a:42:60:a1:75:6f:37:c8:3e:88:60:
c7:1f:dd:d5:76:0f:a0:55:82:15:d0:72:9b:d4:19:1f:56:19:
c9:1b:d5:86:78:c5:d0:2c:27:fa:81:38:5d:ed:d6:46:d0:41:
e7:41:b1:a3:1f:86:9f:05:90:8b:15:59:f0:aa:dc:97:06:36:
15:12:27:8d:fd:42:32:16:8a:f1:3a:d4:21:d9:a2:c2:1a:67:
59:64:96:00:1a:ca:0b:5f:5b:be:65:d8:b4:07:f7:34:9f:7f:
50:36:05:4a:ca:21:f6:50:57:e4:12:7a:b5:6a:c5:cf:d3:51:
17:72:25:10:58:3b:c7:5c:d8:d5:29:c1:dc:e7:b6:2c:89:db:
da:d9:e6:16
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICE8AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4
QzFERTE5NDc0MDM1Q0JFQTY3ODA1NEI2RDk0RjVBRkE1MzM2MTAeFw0yNDA1MjQw
MjI0NDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFCQjQxNEVBNTUzREU2
MkM2QUQ5ODNDQjQ2RDMyNEVDNUQ1RDZCMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgJtylGLz2fEy8oIInZ6DnZ6w4dqvqq4vTNkzOQTN85DzKqz3m
6x+T3b5bup+X1j/RCCoTQSzLRsAOpcdXKPp8rE2m8jCMIP7/0zNUlzHyDibFTMtl
Zv0z+xruwkNh7F+XfvJMODL5Gy5uDydtPYwfeWMRgAKd4du9FDqUbkQn6jigooZE
4MRNyN2Ab9ntgTgBqIv+F16bsU13RzkHUj85fS4Q8R63168gb6AntmPPNXs+GUOD
JjWE3hr6O5OhdnIg2jiKt63rqJQZHKZzcUjRZqWUzdGravw6Z4iMAjrAnszO1Dza
n4b3VnIAeupT0DRiIVijysx39zdhTAGeA0zVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUq7QU6lU95ixq2YPLRtMk7F1dayQwHwYDVR0jBBgwFoAULowd4ZR0A1y+pngF
S22U9a+lM2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3
L0xvd2Q0WlIwQTF5LXBuZ0ZTMjJVOWEtbE0yRS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTG93ZDRaUjBBMXktcG5nRlMyMlU5YS1sTTJFLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3L3E3UVU2bFU5NWl4cTJZ
UExSdE1rN0YxZGF5US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADbSKAwDQYJKoZIhvcNAQELBQADggEBABVaK/Tn3394yB9Oy2iAm0fwx6gkdNy6
EkVtLW9Zrp111hbyFWkSnaYoXtCQ4iXuCAFqSllX89UsBCNB+Ov7vYyB66mDZE79
x/JopViOPSVJo6UlNScPETJjOLX5hVOP46t/vNo9gcbfGAozlFpo3j2JWECaQmCh
dW83yD6IYMcf3dV2D6BVghXQcpvUGR9WGckb1YZ4xdAsJ/qBOF3t1kbQQedBsaMf
hp8FkIsVWfCq3JcGNhUSJ439QjIWivE61CHZosIaZ1lklgAaygtfW75l2LQH9zSf
f1A2BUrKIfZQV+QSerVqxc/TURdyJRBYO8dc2NUpwdzntiyJ29rZ5hY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:15 2025 by rpki-client