Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/kDW1cRo86YzzeBsDbuuqb0TPbSY.roa
File: kDW1cRo86YzzeBsDbuuqb0TPbSY.roa (raw, json)
Hash identifier: zH0Bb/tnJndPjBUYLdvYRyQIrO9oLPTeV3JZ/lVlA58=
Subject key identifier: 90:35:B5:71:1A:3C:E9:8C:F3:78:1B:03:6E:EB:AA:6F:44:CF:6D:26
Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97
Certificate serial: 1D53
Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/kDW1cRo86YzzeBsDbuuqb0TPbSY.roa
Signing time: Wed 26 Mar 2025 02:11:19 +0000
ROA not before: Wed 26 Mar 2025 02:11:19 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4515
IP address blocks: 123.49.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7507 (0x1d53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97
Validity
Not Before: Mar 26 02:11:19 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=9035B5711A3CE98CF3781B036EEBAA6F44CF6D26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:84:69:55:d4:53:fe:d7:98:88:29:7e:56:fc:
da:36:9d:04:42:4b:03:54:c6:fa:5d:4e:eb:67:be:
ab:06:a9:8b:b1:2a:c7:3c:59:b4:23:56:89:c5:c9:
be:29:a8:89:ed:dc:7a:41:1b:e3:09:d3:0b:7a:b2:
20:e2:08:1c:4d:d7:23:ed:6d:70:81:b1:ad:41:84:
9f:7a:d4:90:34:b4:72:e5:ad:b6:ae:ce:e0:4c:18:
72:5e:73:08:c4:8a:08:c3:e1:cd:a1:8f:62:ab:49:
5d:2b:1b:2c:5f:61:32:91:d4:fd:bd:31:dd:7c:1f:
c3:54:5d:94:6c:16:38:ba:db:0d:6c:20:5c:12:2e:
7c:72:26:1f:02:80:d7:59:13:9f:45:80:f2:6c:d6:
24:7c:9a:4e:f2:a2:7b:f6:eb:5e:60:ff:d0:68:3a:
db:66:58:7e:ea:c5:67:c7:41:84:70:d2:6d:87:31:
3d:70:d6:d1:74:87:ac:01:d8:13:5b:61:1f:ea:85:
52:48:ed:47:be:03:a2:39:2e:b8:5d:73:5d:f4:a5:
80:18:49:4a:93:92:3a:d2:4f:c5:87:22:c3:26:9e:
d3:3f:25:97:d2:36:a2:ee:c4:dd:83:22:f8:ec:9e:
53:fd:5d:72:3d:29:90:86:85:d9:c0:76:61:38:1f:
76:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:35:B5:71:1A:3C:E9:8C:F3:78:1B:03:6E:EB:AA:6F:44:CF:6D:26
X509v3 Authority Key Identifier:
keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/kDW1cRo86YzzeBsDbuuqb0TPbSY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.49.237.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:06:f7:86:24:ac:fd:86:7c:75:ea:8c:0f:a6:3e:92:47:52:
35:90:76:0a:37:fc:79:5c:30:26:e9:fe:68:91:79:f3:0a:a6:
df:81:a6:75:91:27:37:4b:01:e9:b3:9c:0d:ba:56:95:3c:15:
5d:90:57:4a:65:f5:d7:8a:54:e8:7e:88:56:b3:6b:9e:92:9b:
a3:56:06:91:67:f2:f7:a4:57:2c:59:4b:cf:7c:2f:d0:85:6a:
a0:ee:a5:99:65:98:e5:9a:2a:33:72:b9:2c:e7:2f:b4:d0:6f:
2f:60:c7:ff:55:6c:67:c9:8c:6f:bd:d8:d0:aa:5a:df:c7:91:
53:84:a2:e3:53:19:f4:60:dd:aa:04:a1:44:01:dc:b3:42:25:
f6:b2:22:e5:40:c1:3f:04:91:2e:6f:8f:c7:36:de:7b:b6:0d:
cb:e5:1d:d1:c2:ef:b5:61:a1:3c:20:6e:b2:a4:3c:0f:95:35:
07:25:de:cf:de:5e:69:9e:f4:15:4c:ad:5b:74:50:95:e2:6f:
a0:d3:12:64:79:50:19:3f:95:c8:6b:c4:5a:88:ff:4a:a9:d9:
21:81:72:d4:f7:72:ed:05:49:56:8e:2b:60:ef:fe:30:92:32:
43:fc:2a:c9:19:47:d9:87:33:ff:fc:65:37:94:8e:10:ba:d6:
0e:74:dd:a6
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHVMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4
ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNTAzMjYw
MjExMTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDkwMzVCNTcxMUEzQ0U5
OENGMzc4MUIwMzZFRUJBQTZGNDRDRjZEMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbhGlV1FP+15iIKX5W/No2nQRCSwNUxvpdTutnvqsGqYuxKsc8
WbQjVonFyb4pqInt3HpBG+MJ0wt6siDiCBxN1yPtbXCBsa1BhJ961JA0tHLlrbau
zuBMGHJecwjEigjD4c2hj2KrSV0rGyxfYTKR1P29Md18H8NUXZRsFji62w1sIFwS
LnxyJh8CgNdZE59FgPJs1iR8mk7yonv2615g/9BoOttmWH7qxWfHQYRw0m2HMT1w
1tF0h6wB2BNbYR/qhVJI7Ue+A6I5Lrhdc130pYAYSUqTkjrST8WHIsMmntM/JZfS
NqLuxN2DIvjsnlP9XXI9KZCGhdnAdmE4H3alAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUkDW1cRo86YzzeBsDbuuqb0TPbSYwHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL
qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy
Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIva0RXMWNSbzg2WXp6
ZUJzRGJ1dXFiMFRQYlNZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAHsx7TANBgkqhkiG9w0BAQsFAAOCAQEAbAb3hiSs/YZ8deqMD6Y+kkdSNZB2
Cjf8eVwwJun+aJF58wqm34GmdZEnN0sB6bOcDbpWlTwVXZBXSmX114pU6H6IVrNr
npKbo1YGkWfy96RXLFlLz3wv0IVqoO6lmWWY5ZoqM3K5LOcvtNBvL2DH/1VsZ8mM
b73Y0Kpa38eRU4Si41MZ9GDdqgShRAHcs0Il9rIi5UDBPwSRLm+Pxzbee7YNy+Ud
0cLvtWGhPCBusqQ8D5U1ByXez95eaZ70FUytW3RQleJvoNMSZHlQGT+VyGvEWoj/
SqnZIYFy1Pdy7QVJVo4rYO/+MJIyQ/wqyRlH2Ycz//xlN5SOELrWDnTdpg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:26 2025 by rpki-client