Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/YagmWP9qZTxTshc0aAvZ1iXd50c.roa
File: YagmWP9qZTxTshc0aAvZ1iXd50c.roa (raw, json)
Hash identifier: AWSW6ObYz8OysEvpbv5f1zgE8nJtM23YWPzHYRKxck0=
Subject key identifier: 61:A8:26:58:FF:6A:65:3C:53:B2:17:34:68:0B:D9:D6:25:DD:E7:47
Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97
Certificate serial: 1940
Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/YagmWP9qZTxTshc0aAvZ1iXd50c.roa
Signing time: Fri 30 Aug 2024 10:55:13 +0000
ROA not before: Fri 30 Aug 2024 10:55:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4515
IP address blocks: 123.49.237.0/24 maxlen: 24
123.49.242.0/24 maxlen: 24
123.49.246.0/24 maxlen: 24
123.49.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6464 (0x1940)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97
Validity
Not Before: Aug 30 10:55:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=61A82658FF6A653C53B21734680BD9D625DDE747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ef:13:c0:89:7d:ab:0c:6c:6a:6d:a4:b1:6a:
1e:d5:c9:15:1a:ec:06:b6:a6:88:97:60:1d:7f:56:
f4:ad:09:22:6c:a7:e9:71:c0:a9:74:10:42:03:a7:
fd:98:47:c0:70:86:11:60:e0:57:39:e2:5e:04:21:
6b:74:11:62:25:e6:ed:67:82:1e:80:ad:b5:30:4f:
86:0c:52:90:26:37:b7:c3:19:6c:a3:54:88:af:c6:
02:b3:12:18:ce:88:0f:99:47:7c:34:50:ae:4c:c5:
3d:97:68:07:82:82:84:bf:ab:06:21:55:60:a5:eb:
a8:5d:74:5f:85:c8:0c:44:53:72:3a:3b:2c:4f:7f:
30:e3:56:72:4d:6d:fc:31:94:43:99:84:ae:1d:01:
94:06:c9:6b:1e:cf:e9:20:cc:e5:41:9b:36:ae:2d:
82:de:5f:8d:9f:77:da:54:87:f7:c7:e1:24:09:62:
3d:68:10:f3:1b:44:24:19:56:43:cc:82:b1:a0:ba:
50:02:d0:14:8d:e6:7b:fb:18:15:1c:e6:73:1d:a3:
ee:38:a4:98:44:08:0c:dc:f8:93:52:bd:e8:b6:ed:
44:9c:4b:5d:e5:c3:82:a6:5a:a5:6e:e5:19:52:1b:
13:7a:64:d7:4e:ec:c2:a3:97:f5:e3:28:18:58:0f:
c2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A8:26:58:FF:6A:65:3C:53:B2:17:34:68:0B:D9:D6:25:DD:E7:47
X509v3 Authority Key Identifier:
keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/YagmWP9qZTxTshc0aAvZ1iXd50c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.49.237.0/24
123.49.242.0/24
123.49.246.0/23
Signature Algorithm: sha256WithRSAEncryption
97:2c:e5:17:03:fe:04:2d:45:86:0f:62:ed:ba:50:b6:d9:f1:
4f:a6:e5:d2:cb:fa:ed:4b:73:db:c0:0a:eb:37:11:49:03:12:
5e:49:e3:95:2a:f6:cc:71:5e:61:38:76:6d:97:8f:fd:e2:1a:
6a:99:fc:ed:1b:48:70:a3:d0:fa:ef:2f:b0:13:fa:a6:9f:6f:
28:33:d5:b5:73:70:22:c2:b3:0b:e0:35:fa:df:21:39:0b:a4:
0b:87:c6:70:90:51:ef:41:25:b6:df:cc:de:15:fe:2f:a1:92:
8b:1d:c0:45:fe:93:3d:d1:73:a6:f6:91:d5:9c:09:36:6c:51:
51:8d:a8:d5:a1:77:5d:d6:2e:f7:13:03:72:a1:6b:70:fb:47:
a4:f1:22:80:e8:1e:7d:44:5b:fa:98:1d:be:49:0f:dc:b9:a9:
7a:55:6f:21:34:df:83:72:82:ec:a6:1b:eb:b6:9c:ea:b3:3d:
d5:9d:21:35:a4:bb:af:fa:f4:68:59:01:ec:23:57:e9:d5:d9:
3e:74:16:a5:a0:10:a4:be:52:43:25:81:bb:97:6c:b3:75:24:
d2:a3:b3:d6:e8:45:bb:c6:84:fa:94:03:52:df:31:3e:d9:07:
5a:14:e8:d7:12:b4:ce:aa:ca:79:7a:3f:14:db:7c:42:e6:ed:
26:75:e9:a7
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgICGUAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4
ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNDA4MzAx
MDU1MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxQTgyNjU4RkY2QTY1
M0M1M0IyMTczNDY4MEJEOUQ2MjVEREU3NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCj7xPAiX2rDGxqbaSxah7VyRUa7Aa2poiXYB1/VvStCSJsp+lx
wKl0EEIDp/2YR8BwhhFg4Fc54l4EIWt0EWIl5u1ngh6ArbUwT4YMUpAmN7fDGWyj
VIivxgKzEhjOiA+ZR3w0UK5MxT2XaAeCgoS/qwYhVWCl66hddF+FyAxEU3I6OyxP
fzDjVnJNbfwxlEOZhK4dAZQGyWsez+kgzOVBmzauLYLeX42fd9pUh/fH4SQJYj1o
EPMbRCQZVkPMgrGgulAC0BSN5nv7GBUc5nMdo+44pJhECAzc+JNSvei27UScS13l
w4KmWqVu5RlSGxN6ZNdO7MKjl/XjKBhYD8JJAgMBAAGjggH/MIIB+zAdBgNVHQ4E
FgQUYagmWP9qZTxTshc0aAvZ1iXd50cwHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL
qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy
Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvWWFnbVdQOXFaVHhU
c2hjMGFBdloxaVhkNTBjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEw
EgMEAHsx7QMEAHsx8gMEAXsx9jANBgkqhkiG9w0BAQsFAAOCAQEAlyzlFwP+BC1F
hg9i7bpQttnxT6bl0sv67Utz28AK6zcRSQMSXknjlSr2zHFeYTh2bZeP/eIaapn8
7RtIcKPQ+u8vsBP6pp9vKDPVtXNwIsKzC+A1+t8hOQukC4fGcJBR70Eltt/M3hX+
L6GSix3ARf6TPdFzpvaR1ZwJNmxRUY2o1aF3XdYu9xMDcqFrcPtHpPEigOgefURb
+pgdvkkP3LmpelVvITTfg3KC7KYb67ac6rM91Z0hNaS7r/r0aFkB7CNX6dXZPnQW
paAQpL5SQyWBu5dss3Uk0qOz1uhFu8aE+pQDUt8xPtkHWhTo1xK0zqrKeXo/FNt8
QubtJnXppw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:43 2025 by rpki-client