Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/192/VH8awNGkt8Q8uZAvg8-izyTVHLM.roa
File: VH8awNGkt8Q8uZAvg8-izyTVHLM.roa (raw, json)
Hash identifier: sQc5umNmOnO0GLJxj1aR5vLHHvrzmr9tngeVXjSsjcc=
Subject key identifier: 54:7F:1A:C0:D1:A4:B7:C4:3C:B9:90:2F:83:CF:A2:CF:24:D5:1C:B3
Certificate issuer: /CN=F6D5AF21959B7F9C1B230D725898F111AAA3F9AE
Certificate serial: 15C9
Authority key identifier: F6:D5:AF:21:95:9B:7F:9C:1B:23:0D:72:58:98:F1:11:AA:A3:F9:AE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9tWvIZWbf5wbIw1yWJjxEaqj-a4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/192/VH8awNGkt8Q8uZAvg8-izyTVHLM.roa
Signing time: Wed 13 Mar 2024 01:23:40 +0000
ROA not before: Wed 13 Mar 2024 01:23:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 9808
IP address blocks: 121.255.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5577 (0x15c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F6D5AF21959B7F9C1B230D725898F111AAA3F9AE
Validity
Not Before: Mar 13 01:23:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=547F1AC0D1A4B7C43CB9902F83CFA2CF24D51CB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c9:08:fd:a1:81:88:07:4f:de:f6:53:50:15:
86:ef:25:0b:a6:89:4e:7f:0b:3b:ed:c9:e1:05:37:
24:c1:23:1d:20:28:a5:24:49:56:c6:03:f1:32:e5:
9d:d9:12:9a:e0:0f:b3:97:4f:a5:a4:82:0f:6a:19:
92:dd:23:e3:33:9e:3a:4a:27:97:d2:bf:30:36:45:
66:40:b3:cc:73:6e:fb:20:8d:67:60:da:46:f4:6a:
1a:fc:f2:06:a4:80:b4:10:e8:98:d0:2e:8a:77:19:
3e:1a:02:d5:4f:83:79:fd:02:88:39:c7:58:dd:f6:
2c:f9:a3:b2:1b:1d:27:5c:2b:59:0f:3c:96:7b:95:
b4:f4:fe:eb:03:ef:54:87:b9:5d:b0:ab:0e:4f:e2:
8a:9c:c3:bc:34:bb:be:22:46:eb:b8:b6:ec:07:e3:
aa:3c:15:19:c1:48:3a:ab:f0:b9:ea:5e:51:b3:80:
64:73:12:2e:b5:98:96:0f:a9:11:af:98:eb:4e:24:
01:dd:3a:6f:b0:4a:72:bd:98:0e:d6:ce:f7:29:7d:
69:2a:c5:3f:e1:b3:fc:84:2c:17:fe:e7:11:69:6f:
9b:a9:71:f1:0f:7a:ec:c4:a8:77:86:53:df:34:d7:
3e:09:15:57:93:cb:06:32:5a:78:86:87:64:e4:71:
d2:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:7F:1A:C0:D1:A4:B7:C4:3C:B9:90:2F:83:CF:A2:CF:24:D5:1C:B3
X509v3 Authority Key Identifier:
keyid:F6:D5:AF:21:95:9B:7F:9C:1B:23:0D:72:58:98:F1:11:AA:A3:F9:AE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/192/9tWvIZWbf5wbIw1yWJjxEaqj-a4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9tWvIZWbf5wbIw1yWJjxEaqj-a4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/192/VH8awNGkt8Q8uZAvg8-izyTVHLM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:5e:35:b0:c7:d6:e6:de:d8:9b:85:3f:79:f0:55:2d:15:ba:
cc:b5:f1:d1:0d:f7:c6:b9:6d:cc:41:08:48:38:98:57:81:45:
e6:95:0b:6c:4a:41:29:58:fe:86:29:b3:aa:d0:1d:12:8f:6f:
93:fc:66:d3:4b:78:f6:7c:84:66:8c:29:74:91:d4:51:50:86:
d9:6c:3d:cf:36:48:73:b5:54:0e:5d:77:41:44:c8:aa:c9:7d:
6d:cd:1b:b1:a2:80:d0:88:c1:63:2a:98:a0:4c:f8:a7:b5:41:
db:c1:ec:2e:a8:27:cd:35:cd:ba:90:20:e7:6c:be:4b:f3:76:
8d:c6:a0:a6:da:24:44:77:e3:19:33:a3:28:29:59:ff:d0:9b:
40:2a:23:ca:98:26:e8:5e:41:65:b3:c4:b3:a5:8b:b2:5c:a6:
1f:4b:37:8b:e7:8a:73:32:a0:ff:79:fe:b7:44:d1:7a:dc:95:
ed:9d:1d:f7:60:52:98:ba:6b:ec:11:ad:f2:7e:d8:31:8e:92:
78:cc:16:3b:86:62:1c:5d:aa:af:0e:3d:97:cf:55:2f:13:95:
de:2e:58:5a:9c:e9:cc:d4:48:4d:c9:fa:87:65:3f:10:e4:bc:
99:98:4e:21:8b:64:cc:8b:a7:22:2c:04:86:24:ca:a1:74:2f:
3c:45:08:c2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjZE
NUFGMjE5NTlCN0Y5QzFCMjMwRDcyNTg5OEYxMTFBQUEzRjlBRTAeFw0yNDAzMTMw
MTIzNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU0N0YxQUMwRDFBNEI3
QzQzQ0I5OTAyRjgzQ0ZBMkNGMjRENTFDQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeyQj9oYGIB0/e9lNQFYbvJQumiU5/CzvtyeEFNyTBIx0gKKUk
SVbGA/Ey5Z3ZEprgD7OXT6Wkgg9qGZLdI+MznjpKJ5fSvzA2RWZAs8xzbvsgjWdg
2kb0ahr88gakgLQQ6JjQLop3GT4aAtVPg3n9Aog5x1jd9iz5o7IbHSdcK1kPPJZ7
lbT0/usD71SHuV2wqw5P4oqcw7w0u74iRuu4tuwH46o8FRnBSDqr8LnqXlGzgGRz
Ei61mJYPqRGvmOtOJAHdOm+wSnK9mA7WzvcpfWkqxT/hs/yELBf+5xFpb5upcfEP
euzEqHeGU9801z4JFVeTywYyWniGh2TkcdLFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUVH8awNGkt8Q8uZAvg8+izyTVHLMwHwYDVR0jBBgwFoAU9tWvIZWbf5wbIw1y
WJjxEaqj+a4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTky
Lzl0V3ZJWldiZjV3Ykl3MXlXSmp4RWFxai1hNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvOXRXdklaV2JmNXdiSXcxeVdKanhFYXFqLWE0LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkyL1ZIOGF3TkdrdDhROHVa
QXZnOC1penlUVkhMTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwB5/zANBgkqhkiG9w0BAQsFAAOCAQEAZl41sMfW5t7Ym4U/efBVLRW6zLXx0Q33
xrltzEEISDiYV4FF5pULbEpBKVj+himzqtAdEo9vk/xm00t49nyEZowpdJHUUVCG
2Ww9zzZIc7VUDl13QUTIqsl9bc0bsaKA0IjBYyqYoEz4p7VB28HsLqgnzTXNupAg
52y+S/N2jcagptokRHfjGTOjKClZ/9CbQCojypgm6F5BZbPEs6WLslymH0s3i+eK
czKg/3n+t0TRetyV7Z0d92BSmLpr7BGt8n7YMY6SeMwWO4ZiHF2qrw49l89VLxOV
3i5YWpzpzNRITcn6h2U/EOS8mZhOIYtkzIunIiwEhiTKoXQvPEUIwg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:44:57 2025 by rpki-client