Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/192/sp_XY7K5BQY6jBo-0H97ioeGzXU.roa
File: sp_XY7K5BQY6jBo-0H97ioeGzXU.roa (raw, json)
Hash identifier: zEt5fauDwgCZPiZ0CxExZORg8rf4bRihuLQGnWmfUdo=
Subject key identifier: B2:9F:D7:63:B2:B9:05:06:3A:8C:1A:3E:D0:7F:7B:8A:87:86:CD:75
Certificate issuer: /CN=F6D5AF21959B7F9C1B230D725898F111AAA3F9AE
Certificate serial: 15CA
Authority key identifier: F6:D5:AF:21:95:9B:7F:9C:1B:23:0D:72:58:98:F1:11:AA:A3:F9:AE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9tWvIZWbf5wbIw1yWJjxEaqj-a4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/192/sp_XY7K5BQY6jBo-0H97ioeGzXU.roa
Signing time: Wed 13 Mar 2024 01:23:40 +0000
ROA not before: Wed 13 Mar 2024 01:23:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4134
IP address blocks: 202.141.160.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5578 (0x15ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F6D5AF21959B7F9C1B230D725898F111AAA3F9AE
Validity
Not Before: Mar 13 01:23:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B29FD763B2B905063A8C1A3ED07F7B8A8786CD75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:a4:1e:2f:16:0c:83:df:6d:09:0f:b5:bb:40:
8f:19:70:1c:e0:28:ab:ee:be:50:45:31:c0:fa:6a:
ef:c1:eb:bb:2e:58:11:73:12:a4:c8:ca:b0:9d:61:
c1:a6:4a:d8:cf:e8:53:65:28:3a:2b:bd:87:77:db:
3c:6d:e3:91:ca:1c:45:10:e2:fc:dd:5e:83:6c:10:
eb:6c:85:65:17:4b:88:74:0f:d9:bb:a9:69:59:18:
34:c7:eb:e9:6b:be:87:4c:17:91:5e:2e:44:e2:42:
3b:cd:cf:f2:a1:21:d2:f1:42:92:1b:35:c1:4e:de:
5a:d1:b0:28:d0:5e:ad:d1:11:43:ec:90:e8:ab:f4:
ac:3b:19:be:19:54:ff:b8:19:86:c6:e4:06:fa:d9:
44:b0:3d:c4:98:d9:a0:be:6e:91:32:0e:1e:42:cb:
9b:de:ef:3b:de:4e:35:5f:16:8c:ef:49:68:7a:85:
02:ed:ac:97:c0:cb:a3:bd:c9:75:59:e3:37:b3:c3:
5f:4e:9e:99:ef:91:0f:2c:4f:aa:40:93:d3:16:58:
fe:c2:e3:a4:17:c6:27:b5:9f:ad:8f:41:9a:c7:fd:
d1:ae:63:b8:aa:bf:fd:eb:54:6d:9c:a2:97:06:c8:
99:93:e7:76:44:70:0c:2b:23:07:65:5a:5f:f3:1f:
c9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:9F:D7:63:B2:B9:05:06:3A:8C:1A:3E:D0:7F:7B:8A:87:86:CD:75
X509v3 Authority Key Identifier:
keyid:F6:D5:AF:21:95:9B:7F:9C:1B:23:0D:72:58:98:F1:11:AA:A3:F9:AE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/192/9tWvIZWbf5wbIw1yWJjxEaqj-a4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9tWvIZWbf5wbIw1yWJjxEaqj-a4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/192/sp_XY7K5BQY6jBo-0H97ioeGzXU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.141.160.0/20
Signature Algorithm: sha256WithRSAEncryption
97:e6:91:d4:e3:90:fa:b4:23:18:02:e0:db:bf:d3:d3:4a:57:
ce:7f:1d:2e:68:b3:3a:e9:64:aa:82:92:b8:27:11:0b:aa:19:
e1:fd:ac:2b:18:67:fe:fe:06:39:25:56:78:b6:c7:50:ca:b6:
f3:ea:f7:dd:09:78:08:26:4b:1f:01:28:e6:30:15:b4:62:5d:
d8:c1:ab:85:eb:87:64:e9:c0:eb:ab:7d:7c:c5:7c:d3:3b:c7:
0b:61:4c:32:93:b0:bb:f7:aa:7b:59:73:34:55:4b:f7:f1:16:
13:ff:12:33:da:09:f6:0e:6f:75:66:a9:f5:4a:cf:02:34:70:
8f:56:72:0b:17:e7:d6:82:a9:89:f0:a5:a3:9c:28:d2:46:42:
2d:bb:c4:38:74:c7:84:e1:0c:22:1e:a4:3a:89:01:c4:9b:91:
e7:6c:4f:ea:81:50:55:c9:85:f4:04:7b:09:cf:df:fc:a0:b2:
5b:07:ce:4c:3c:07:40:32:3c:7b:9d:84:76:3e:0c:a5:b5:f9:
86:e6:4f:96:1b:6b:c5:f9:57:b4:a9:5a:83:1d:45:f9:4c:ab:
21:ac:8f:84:49:db:21:52:b5:42:31:87:a4:be:78:7e:d6:30:
d9:00:f7:f0:95:07:10:99:79:55:47:61:ca:fc:a9:aa:8d:ad:
21:47:c8:4b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFcowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjZE
NUFGMjE5NTlCN0Y5QzFCMjMwRDcyNTg5OEYxMTFBQUEzRjlBRTAeFw0yNDAzMTMw
MTIzNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIyOUZENzYzQjJCOTA1
MDYzQThDMUEzRUQwN0Y3QjhBODc4NkNENzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzpB4vFgyD320JD7W7QI8ZcBzgKKvuvlBFMcD6au/B67suWBFz
EqTIyrCdYcGmStjP6FNlKDorvYd32zxt45HKHEUQ4vzdXoNsEOtshWUXS4h0D9m7
qWlZGDTH6+lrvodMF5FeLkTiQjvNz/KhIdLxQpIbNcFO3lrRsCjQXq3REUPskOir
9Kw7Gb4ZVP+4GYbG5Ab62USwPcSY2aC+bpEyDh5Cy5ve7zveTjVfFozvSWh6hQLt
rJfAy6O9yXVZ4zezw19OnpnvkQ8sT6pAk9MWWP7C46QXxie1n62PQZrH/dGuY7iq
v/3rVG2copcGyJmT53ZEcAwrIwdlWl/zH8kVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsp/XY7K5BQY6jBo+0H97ioeGzXUwHwYDVR0jBBgwFoAU9tWvIZWbf5wbIw1y
WJjxEaqj+a4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTky
Lzl0V3ZJWldiZjV3Ykl3MXlXSmp4RWFxai1hNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvOXRXdklaV2JmNXdiSXcxeVdKanhFYXFqLWE0LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkyL3NwX1hZN0s1QlFZNmpC
by0wSDk3aW9lR3pYVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BATKjaAwDQYJKoZIhvcNAQELBQADggEBAJfmkdTjkPq0IxgC4Nu/09NKV85/HS5o
szrpZKqCkrgnEQuqGeH9rCsYZ/7+BjklVni2x1DKtvPq990JeAgmSx8BKOYwFbRi
XdjBq4Xrh2TpwOurfXzFfNM7xwthTDKTsLv3qntZczRVS/fxFhP/EjPaCfYOb3Vm
qfVKzwI0cI9WcgsX59aCqYnwpaOcKNJGQi27xDh0x4ThDCIepDqJAcSbkedsT+qB
UFXJhfQEewnP3/ygslsHzkw8B0AyPHudhHY+DKW1+YbmT5Yba8X5V7SpWoMdRflM
qyGsj4RJ2yFStUIxh6S+eH7WMNkA9/CVBxCZeVVHYcr8qaqNrSFHyEs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:42 2025 by rpki-client