Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/eOnWlmCuBcB2z-k-1EvXoZmhDzo.roa
File: eOnWlmCuBcB2z-k-1EvXoZmhDzo.roa (raw, json)
Hash identifier: PvsnJd+w8p2xQdrIuCBq16T7Z7QhAuuf+Nw8Pr9uF6A=
Subject key identifier: 78:E9:D6:96:60:AE:05:C0:76:CF:E9:3E:D4:4B:D7:A1:99:A1:0F:3A
Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97
Certificate serial: 1D4D
Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/eOnWlmCuBcB2z-k-1EvXoZmhDzo.roa
Signing time: Wed 26 Mar 2025 02:11:17 +0000
ROA not before: Wed 26 Mar 2025 02:11:17 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4515
IP address blocks: 123.49.241.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7501 (0x1d4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97
Validity
Not Before: Mar 26 02:11:17 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=78E9D69660AE05C076CFE93ED44BD7A199A10F3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:9a:16:4e:ac:61:6f:b8:cc:81:3b:76:43:af:
54:ae:04:2c:44:71:cf:0f:64:63:dc:0c:4f:40:f4:
e6:2d:86:5d:ab:8e:2c:d7:e5:2f:bd:ea:38:a9:e6:
b0:a7:07:b8:5b:3e:c6:2f:96:5c:b8:a6:9e:ed:a4:
63:9e:09:1e:55:d5:61:87:bc:c7:94:9d:fc:35:12:
29:7c:dc:e6:08:5c:4e:f1:4c:fa:00:26:38:e5:9c:
76:13:50:c3:fc:5e:61:df:fb:ef:47:e7:bc:4b:0d:
0a:5e:64:c1:00:6d:9d:3b:21:70:24:30:24:2c:56:
bc:93:0d:2b:90:6b:f3:28:68:aa:a0:bf:6b:1e:80:
77:da:33:6f:64:bc:07:1b:25:74:46:3c:1e:52:54:
12:d2:10:ed:a0:fe:c5:7f:a0:46:81:a5:be:01:04:
07:f4:c5:b4:72:1c:9f:75:e2:9e:11:2f:ef:3a:74:
83:7e:9d:19:d0:ff:3e:4c:c4:89:65:5b:cf:3b:09:
d2:23:11:0d:1b:56:64:c1:76:a5:c3:e3:92:ac:85:
42:93:2a:ab:08:82:ee:b6:10:ab:ab:74:2a:78:4d:
df:00:0c:b4:14:e7:18:78:be:4d:88:04:56:f5:0b:
fe:a1:8f:5c:0b:b5:c3:1e:ac:fe:ca:ce:bb:c7:8f:
5a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E9:D6:96:60:AE:05:C0:76:CF:E9:3E:D4:4B:D7:A1:99:A1:0F:3A
X509v3 Authority Key Identifier:
keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/eOnWlmCuBcB2z-k-1EvXoZmhDzo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.49.241.0/24
Signature Algorithm: sha256WithRSAEncryption
75:0d:4b:bc:db:a8:e2:dc:fc:bb:a2:e1:93:5a:1c:48:40:0a:
21:6c:17:d4:ee:8f:43:44:89:01:a9:8e:16:c6:05:25:23:90:
10:8e:e4:78:52:01:ef:0d:7d:eb:a5:42:d7:10:1b:95:37:8d:
ba:01:78:98:16:a2:c6:f0:e1:da:e0:5f:11:f2:6b:00:dd:6b:
12:71:bd:f5:bf:d4:78:01:b6:4a:f8:00:e8:6a:f0:f2:73:01:
a2:17:dd:0d:b8:6d:e9:c0:06:af:30:a7:c1:87:d1:ec:64:53:
96:8f:86:a8:cd:14:c2:ce:59:ed:72:50:57:14:7d:3c:72:fb:
1f:f4:d0:79:d3:1c:2b:41:c9:a6:f1:8a:40:6d:e2:a0:02:a8:
90:15:32:85:66:42:af:5c:8e:73:cb:f9:86:9f:2f:9f:84:3f:
d4:9b:9d:e8:ac:19:a5:29:09:03:98:19:4a:5d:13:0d:f8:a0:
44:c6:01:29:02:c5:0e:de:ff:63:e9:96:fe:c4:cc:25:f8:29:
8c:cb:62:85:de:e6:38:07:38:28:8f:6c:40:e3:c3:52:4f:9e:
4a:71:15:f8:b1:4c:91:63:e4:4e:f6:3b:95:b1:b1:56:b5:4a:
ed:6f:4c:fa:d2:32:4b:06:3e:0a:2b:91:ad:54:7c:b2:05:72:
5a:16:0c:1d
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHU0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4
ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNTAzMjYw
MjExMTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDc4RTlENjk2NjBBRTA1
QzA3NkNGRTkzRUQ0NEJEN0ExOTlBMTBGM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdmhZOrGFvuMyBO3ZDr1SuBCxEcc8PZGPcDE9A9OYthl2rjizX
5S+96jip5rCnB7hbPsYvlly4pp7tpGOeCR5V1WGHvMeUnfw1Eil83OYIXE7xTPoA
JjjlnHYTUMP8XmHf++9H57xLDQpeZMEAbZ07IXAkMCQsVryTDSuQa/MoaKqgv2se
gHfaM29kvAcbJXRGPB5SVBLSEO2g/sV/oEaBpb4BBAf0xbRyHJ914p4RL+86dIN+
nRnQ/z5MxIllW887CdIjEQ0bVmTBdqXD45KshUKTKqsIgu62EKurdCp4Td8ADLQU
5xh4vk2IBFb1C/6hj1wLtcMerP7KzrvHj1rzAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUeOnWlmCuBcB2z+k+1EvXoZmhDzowHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL
qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy
Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvZU9uV2xtQ3VCY0Iy
ei1rLTFFdlhvWm1oRHpvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAHsx8TANBgkqhkiG9w0BAQsFAAOCAQEAdQ1LvNuo4tz8u6Lhk1ocSEAKIWwX
1O6PQ0SJAamOFsYFJSOQEI7keFIB7w1966VC1xAblTeNugF4mBaixvDh2uBfEfJr
AN1rEnG99b/UeAG2SvgA6Grw8nMBohfdDbht6cAGrzCnwYfR7GRTlo+GqM0Uws5Z
7XJQVxR9PHL7H/TQedMcK0HJpvGKQG3ioAKokBUyhWZCr1yOc8v5hp8vn4Q/1Jud
6KwZpSkJA5gZSl0TDfigRMYBKQLFDt7/Y+mW/sTMJfgpjMtihd7mOAc4KI9sQOPD
Uk+eSnEV+LFMkWPkTvY7lbGxVrVK7W9M+tIySwY+CiuRrVR8sgVyWhYMHQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:20 2025 by rpki-client