Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/hUyzgsu-MLt_wnJAg7jq3tBFPw0.roa
File: hUyzgsu-MLt_wnJAg7jq3tBFPw0.roa (raw, json)
Hash identifier: YRnReESDHG211zx5Qqf3fEYYkTDLrwtATQow7KBdXy8=
Subject key identifier: 85:4C:B3:82:CB:BE:30:BB:7F:C2:72:40:83:B8:EA:DE:D0:45:3F:0D
Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97
Certificate serial: 1941
Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/hUyzgsu-MLt_wnJAg7jq3tBFPw0.roa
Signing time: Fri 30 Aug 2024 10:55:13 +0000
ROA not before: Fri 30 Aug 2024 10:55:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 63641
IP address blocks: 123.49.237.0/24 maxlen: 24
123.49.242.0/24 maxlen: 24
123.49.245.0/24 maxlen: 24
123.49.246.0/24 maxlen: 24
123.49.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6465 (0x1941)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97
Validity
Not Before: Aug 30 10:55:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=854CB382CBBE30BB7FC2724083B8EADED0453F0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:18:39:74:4b:0b:41:1e:75:8c:3f:14:08:6e:
3b:47:f9:4e:b4:2e:3d:90:04:da:d4:f5:a1:ba:d1:
cb:12:38:8c:57:86:d2:40:ef:59:0a:a6:de:d9:7b:
d4:db:12:26:e9:d5:56:36:ea:e0:92:16:fa:bc:37:
b8:ee:99:bd:e3:17:f7:1c:b3:d7:5d:f8:05:45:4a:
58:51:35:91:46:ce:6b:e5:8f:ce:40:83:24:ec:f4:
bc:fc:61:6c:da:12:8e:0e:f5:a6:18:54:d4:b4:08:
ff:f5:7c:2a:97:f8:73:9b:91:88:fc:d2:1d:6b:32:
37:e5:52:28:0d:48:38:f5:79:fe:93:15:97:ff:e2:
ab:3b:84:27:08:e1:22:cc:7c:7e:66:5b:08:e0:99:
07:4f:fa:d4:47:75:07:5d:4a:59:c4:c7:c7:16:6e:
da:9e:54:02:4f:0b:7e:a8:6c:67:5a:ef:a0:15:93:
98:e9:7f:aa:53:3a:0f:3f:0a:d5:36:ba:51:b4:8a:
f3:ad:2d:4e:f8:ed:6e:8f:b1:bc:56:0b:8b:85:7e:
c9:55:01:2f:e0:80:5b:15:03:23:0e:dd:bf:57:7d:
90:56:a7:18:be:7b:cd:a8:30:b9:6b:63:45:d4:29:
2b:a7:ab:6e:0b:bc:05:6a:78:9d:0b:e2:59:80:49:
c3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:4C:B3:82:CB:BE:30:BB:7F:C2:72:40:83:B8:EA:DE:D0:45:3F:0D
X509v3 Authority Key Identifier:
keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/hUyzgsu-MLt_wnJAg7jq3tBFPw0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.49.237.0/24
123.49.242.0/24
123.49.245.0-123.49.247.255
Signature Algorithm: sha256WithRSAEncryption
a6:5d:63:19:fc:52:be:8d:d7:e7:c9:58:95:06:e6:96:b0:84:
4a:f7:75:f0:a3:4d:4f:e2:ca:b8:2e:d8:01:af:9b:d0:dd:97:
32:87:0b:cd:00:f0:c2:c0:8c:7a:40:81:e0:86:17:3d:3e:a4:
97:6a:63:5b:b2:ec:73:c6:e1:1a:0c:cb:82:a1:3f:11:30:55:
97:72:47:34:3e:c4:51:82:aa:e0:85:75:dd:2d:4a:6b:66:9c:
51:32:58:c6:dc:f8:07:eb:83:ba:28:07:67:c7:7e:48:9e:22:
b1:7d:51:67:c9:7b:5a:3e:f0:82:cb:78:ef:82:96:c9:06:85:
6e:d4:28:cc:0d:fe:47:2f:a9:e9:13:89:34:1b:f1:a7:3a:e4:
a6:39:58:2a:22:ba:d1:e8:a2:46:2e:51:57:01:c3:31:1e:76:
0b:04:ef:e0:49:e1:4e:26:a9:2e:6f:cd:73:d1:b3:c1:1c:c1:
05:e1:34:52:8e:d8:89:c8:80:00:0e:47:23:20:ad:8a:11:86:
ff:ac:03:43:3b:9f:18:75:2b:9b:69:f4:21:1c:82:74:cc:38:
ca:e8:e0:ac:c3:12:44:71:c7:72:88:24:6c:88:9b:82:bd:0a:
d7:0b:ef:90:e8:87:ee:b0:c5:56:06:3f:bb:54:cc:48:9f:97:
49:8e:01:4c
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgICGUEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4
ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNDA4MzAx
MDU1MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg1NENCMzgyQ0JCRTMw
QkI3RkMyNzI0MDgzQjhFQURFRDA0NTNGMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGGDl0SwtBHnWMPxQIbjtH+U60Lj2QBNrU9aG60csSOIxXhtJA
71kKpt7Ze9TbEibp1VY26uCSFvq8N7jumb3jF/ccs9dd+AVFSlhRNZFGzmvlj85A
gyTs9Lz8YWzaEo4O9aYYVNS0CP/1fCqX+HObkYj80h1rMjflUigNSDj1ef6TFZf/
4qs7hCcI4SLMfH5mWwjgmQdP+tRHdQddSlnEx8cWbtqeVAJPC36obGda76AVk5jp
f6pTOg8/CtU2ulG0ivOtLU747W6PsbxWC4uFfslVAS/ggFsVAyMO3b9XfZBWpxi+
e82oMLlrY0XUKSunq24LvAVqeJ0L4lmAScNXAgMBAAGjggIHMIICAzAdBgNVHQ4E
FgQUhUyzgsu+MLt/wnJAg7jq3tBFPw0wHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL
qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy
Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvaFV5emdzdS1NTHRf
d25KQWc3anEzdEJGUHcwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEw
GgMEAHsx7QMEAHsx8jAMAwQAezH1AwQDezHwMA0GCSqGSIb3DQEBCwUAA4IBAQCm
XWMZ/FK+jdfnyViVBuaWsIRK93Xwo01P4sq4LtgBr5vQ3ZcyhwvNAPDCwIx6QIHg
hhc9PqSXamNbsuxzxuEaDMuCoT8RMFWXckc0PsRRgqrghXXdLUprZpxRMljG3PgH
64O6KAdnx35IniKxfVFnyXtaPvCCy3jvgpbJBoVu1CjMDf5HL6npE4k0G/GnOuSm
OVgqIrrR6KJGLlFXAcMxHnYLBO/gSeFOJqkub81z0bPBHMEF4TRSjtiJyIAADkcj
IK2KEYb/rANDO58YdSubafQhHIJ0zDjK6OCswxJEccdyiCRsiJuCvQrXC++Q6Ifu
sMVWBj+7VMxIn5dJjgFM
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:26 2025 by rpki-client