Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/190/dSfgXR4p_9gvuk0R-z1DH_0beIQ.roa
File: dSfgXR4p_9gvuk0R-z1DH_0beIQ.roa (raw, json)
Hash identifier: Rug/afJ44sf50pFNZEJ7qI/vEjNphvTGB+ltAJVCr3I=
Subject key identifier: 75:27:E0:5D:1E:29:FF:D8:2F:BA:4D:11:FB:3D:43:1F:FD:1B:78:84
Certificate issuer: /CN=E48FED76038496AD2AB1972D13468F4D3D403164
Certificate serial: 122F
Authority key identifier: E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/dSfgXR4p_9gvuk0R-z1DH_0beIQ.roa
Signing time: Fri 17 Jan 2025 01:26:39 +0000
ROA not before: Fri 17 Jan 2025 01:26:39 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24427
IP address blocks: 202.170.216.0/24 maxlen: 32
202.170.217.0/24 maxlen: 32
202.170.218.0/24 maxlen: 32
202.170.219.0/24 maxlen: 32
202.170.220.0/24 maxlen: 32
202.170.221.0/24 maxlen: 32
202.170.222.0/24 maxlen: 32
202.170.223.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4655 (0x122f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E48FED76038496AD2AB1972D13468F4D3D403164
Validity
Not Before: Jan 17 01:26:39 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=7527E05D1E29FFD82FBA4D11FB3D431FFD1B7884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:00:f1:ee:c6:a3:1a:f5:ca:19:13:4c:3e:f3:
86:e4:0a:5c:f9:0f:f2:eb:04:11:33:64:d3:c5:25:
53:98:fb:db:35:ca:f5:98:77:d3:a2:90:8c:7a:7a:
63:2e:1d:b5:f5:9e:de:8e:c4:b7:e4:d6:82:4d:ca:
2f:41:2d:b9:aa:f0:39:6b:96:bb:09:a0:68:f0:3f:
00:d8:39:74:76:4f:de:b0:c8:b1:ff:28:68:13:c4:
bb:27:5a:c4:99:13:34:b5:90:d3:81:74:ff:1a:9a:
09:6b:2c:57:f9:10:7a:38:c6:53:b5:81:b8:e4:11:
c9:9f:e1:dc:09:1d:ff:b0:37:b7:80:99:09:b0:a6:
af:0a:80:73:c7:61:9e:ab:02:aa:16:bc:86:11:33:
58:07:cc:06:e2:af:74:b0:6a:1d:6d:44:aa:f9:65:
95:fe:c8:7a:5b:0e:6c:81:2f:75:53:28:3a:dc:50:
78:29:d8:9f:10:fc:d5:32:8e:e3:ec:bc:7a:48:89:
fb:23:7f:bf:dd:90:ae:53:e6:55:6a:65:ca:b5:04:
36:05:d4:f5:23:f9:2d:45:91:a8:da:d2:f6:67:3f:
f1:b2:69:97:07:92:5d:04:d2:31:ce:85:98:e4:65:
1b:c8:6c:1b:e0:71:6e:cb:05:d5:01:cd:a8:66:80:
16:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:27:E0:5D:1E:29:FF:D8:2F:BA:4D:11:FB:3D:43:1F:FD:1B:78:84
X509v3 Authority Key Identifier:
keyid:E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/dSfgXR4p_9gvuk0R-z1DH_0beIQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.170.216.0/21
Signature Algorithm: sha256WithRSAEncryption
16:a3:6d:5d:cd:f5:36:a4:46:37:c0:ce:55:34:c4:72:30:ca:
48:12:08:8b:88:fe:2e:29:12:cc:47:9c:e9:c4:25:72:7c:ec:
94:87:7f:ff:f2:60:39:fc:c7:e6:91:3a:ca:56:a4:d9:f4:f0:
de:dc:45:6c:28:f4:c6:47:0e:e0:93:f2:32:d8:ba:25:69:17:
0a:d2:ba:9f:0e:65:82:d2:6a:7e:97:9e:db:75:a7:78:d7:d1:
ea:07:75:45:82:71:de:06:e0:f8:4c:c1:38:cb:3d:5a:0b:c6:
5d:aa:1a:47:41:81:2d:b9:99:59:67:b8:3b:41:f0:b3:45:26:
70:58:e7:6f:7a:07:bb:2d:85:76:eb:94:5c:9d:a5:85:ac:de:
84:c1:02:50:d4:0a:c6:73:40:35:9a:1f:45:15:af:16:a4:e6:
ee:04:13:bb:10:0a:eb:14:48:9f:0e:a5:ec:4a:0f:98:d5:a5:
a6:b1:d9:05:66:3b:1f:c7:e1:d8:4d:e9:8e:19:dd:59:1b:19:
b4:c7:49:c7:96:5f:44:f6:70:75:3f:b8:0b:3b:bb:eb:dc:f5:
71:be:68:41:28:bd:01:ea:9e:54:a6:f1:ba:00:1d:e6:51:64:
10:ab:09:61:15:31:eb:97:e8:66:17:1a:e7:63:eb:af:e8:1c:
4a:f5:f3:a6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEi8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTQ4
RkVENzYwMzg0OTZBRDJBQjE5NzJEMTM0NjhGNEQzRDQwMzE2NDAeFw0yNTAxMTcw
MTI2MzlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDc1MjdFMDVEMUUyOUZG
RDgyRkJBNEQxMUZCM0Q0MzFGRkQxQjc4ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJAPHuxqMa9coZE0w+84bkClz5D/LrBBEzZNPFJVOY+9s1yvWY
d9OikIx6emMuHbX1nt6OxLfk1oJNyi9BLbmq8DlrlrsJoGjwPwDYOXR2T96wyLH/
KGgTxLsnWsSZEzS1kNOBdP8amglrLFf5EHo4xlO1gbjkEcmf4dwJHf+wN7eAmQmw
pq8KgHPHYZ6rAqoWvIYRM1gHzAbir3Swah1tRKr5ZZX+yHpbDmyBL3VTKDrcUHgp
2J8Q/NUyjuPsvHpIifsjf7/dkK5T5lVqZcq1BDYF1PUj+S1Fkaja0vZnP/GyaZcH
kl0E0jHOhZjkZRvIbBvgcW7LBdUBzahmgBZjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUdSfgXR4p/9gvuk0R+z1DH/0beIQwHwYDVR0jBBgwFoAU5I/tdgOElq0qsZct
E0aPTT1AMWQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkw
LzVJX3RkZ09FbHEwcXNaY3RFMGFQVFQxQU1XUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNUlfdGRnT0VscTBxc1pjdEUwYVBUVDFBTVdRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkwL2RTZmdYUjRwXzlndnVr
MFItejFESF8wYmVJUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPKqtgwDQYJKoZIhvcNAQELBQADggEBABajbV3N9TakRjfAzlU0xHIwykgSCIuI
/i4pEsxHnOnEJXJ87JSHf//yYDn8x+aROspWpNn08N7cRWwo9MZHDuCT8jLYuiVp
FwrSup8OZYLSan6Xntt1p3jX0eoHdUWCcd4G4PhMwTjLPVoLxl2qGkdBgS25mVln
uDtB8LNFJnBY5296B7sthXbrlFydpYWs3oTBAlDUCsZzQDWaH0UVrxak5u4EE7sQ
CusUSJ8OpexKD5jVpaax2QVmOx/H4dhN6Y4Z3VkbGbTHSceWX0T2cHU/uAs7u+vc
9XG+aEEovQHqnlSm8boAHeZRZBCrCWEVMeuX6GYXGudj66/oHEr186Y=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:34 2025 by rpki-client