Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2154/TlMIClXWOImmRKz7dKhP6P-hd8A.roa
File: TlMIClXWOImmRKz7dKhP6P-hd8A.roa (raw, json)
Hash identifier: olSFdKVgUsINueki9JfGzPOe1bnDm1eGlkkPfK2zg7M=
Subject key identifier: 4E:53:08:0A:55:D6:38:89:A6:44:AC:FB:74:A8:4F:E8:FF:A1:77:C0
Certificate issuer: /CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2
Certificate serial: 0190
Authority key identifier: E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/TlMIClXWOImmRKz7dKhP6P-hd8A.roa
Signing time: Tue 08 Oct 2024 10:02:33 +0000
ROA not before: Tue 08 Oct 2024 10:02:33 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 63631
IP address blocks: 119.161.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 400 (0x190)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E502DE2C6086A66284B80CDB7B5AC0C12CC3F3C2
Validity
Not Before: Oct 8 10:02:33 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=4E53080A55D63889A644ACFB74A84FE8FFA177C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:2d:13:a2:18:0d:3c:be:aa:59:e6:62:69:05:
29:6e:a9:fa:6e:49:0d:1a:8f:f3:da:4a:80:1f:a5:
a3:be:57:e8:d3:48:ad:68:c4:cb:18:96:4e:d3:21:
a0:c8:49:2c:a3:6c:86:75:e8:da:74:8e:45:1c:de:
24:89:27:2f:58:1d:7f:d8:0f:71:42:7c:10:dd:bb:
28:c1:7d:3a:59:2f:50:4b:2f:ac:5d:c8:e3:f1:2c:
df:27:4e:4a:02:de:df:51:01:03:88:1c:0b:c9:81:
1f:ff:29:0b:b0:c2:18:bf:2b:a5:8e:55:dd:92:eb:
2b:fd:c7:64:f5:b6:1c:8c:49:65:e9:54:5f:3f:14:
a0:49:f4:87:3f:68:ce:76:df:9d:37:87:6e:ba:4b:
f8:1b:0b:cb:1c:49:97:f9:f4:50:6e:b7:76:db:05:
72:44:f4:8d:fe:db:7c:1c:d0:2f:af:25:cf:23:34:
07:96:4a:db:6d:f1:8a:1e:83:db:a9:de:15:ee:fa:
b3:50:ee:b9:0e:5f:49:71:64:24:35:26:c3:d5:5a:
d2:27:33:7e:33:bb:06:2a:07:5d:a4:43:18:7e:71:
cc:c1:b6:03:44:66:31:7e:c3:9b:95:7e:5e:bc:9c:
9a:cc:5a:07:06:c5:3b:e1:59:8c:60:5c:27:57:53:
fc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:53:08:0A:55:D6:38:89:A6:44:AC:FB:74:A8:4F:E8:FF:A1:77:C0
X509v3 Authority Key Identifier:
keyid:E5:02:DE:2C:60:86:A6:62:84:B8:0C:DB:7B:5A:C0:C1:2C:C3:F3:C2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/5QLeLGCGpmKEuAzbe1rAwSzD88I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5QLeLGCGpmKEuAzbe1rAwSzD88I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2154/TlMIClXWOImmRKz7dKhP6P-hd8A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.161.138.0/24
Signature Algorithm: sha256WithRSAEncryption
92:f0:2b:6b:b5:5d:3f:b6:d8:7e:c1:01:2d:b4:96:8c:b8:57:
cd:69:37:dc:c9:95:eb:e0:8c:90:59:9f:67:32:6b:63:5c:d7:
b1:e9:73:46:03:2e:48:7f:f0:31:03:df:99:d6:c6:11:e6:15:
87:d8:a7:f3:88:21:9a:54:7a:35:74:1f:9d:07:87:b2:dc:22:
41:da:b7:85:fa:9d:93:1e:95:f9:e5:53:ab:b8:f9:22:f9:29:
a8:f5:1e:3c:aa:e5:3b:35:e8:93:ef:c3:ce:e9:fb:ea:a9:6e:
d9:8b:dc:16:f4:46:78:03:01:a6:e3:29:5a:b2:cb:86:f5:cc:
9d:7d:5b:ce:79:ec:ca:a3:61:33:2e:42:ed:87:04:b0:e3:b0:
ba:cb:5f:6e:74:16:9e:4b:6f:55:53:83:f7:bb:3a:ca:14:26:
eb:68:bc:0f:62:f7:d7:09:c5:4f:7c:62:5d:92:06:1b:7b:fb:
f9:f9:a5:37:d4:6f:a4:16:a8:20:f3:b2:80:06:eb:8e:72:0b:
11:b5:cb:1c:19:83:56:b9:ee:44:4f:d4:2d:14:ca:ff:37:84:
e6:2e:34:ba:48:10:ed:97:86:47:fb:5b:c7:ad:4a:ce:b6:5c:
3b:e2:ec:22:1f:c9:f2:02:15:fe:72:7d:c8:a4:f1:c9:41:ea:
c4:72:de:07
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICAZAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTUw
MkRFMkM2MDg2QTY2Mjg0QjgwQ0RCN0I1QUMwQzEyQ0MzRjNDMjAeFw0yNDEwMDgx
MDAyMzNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRFNTMwODBBNTVENjM4
ODlBNjQ0QUNGQjc0QTg0RkU4RkZBMTc3QzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzLROiGA08vqpZ5mJpBSluqfpuSQ0aj/PaSoAfpaO+V+jTSK1o
xMsYlk7TIaDISSyjbIZ16Np0jkUc3iSJJy9YHX/YD3FCfBDduyjBfTpZL1BLL6xd
yOPxLN8nTkoC3t9RAQOIHAvJgR//KQuwwhi/K6WOVd2S6yv9x2T1thyMSWXpVF8/
FKBJ9Ic/aM523503h266S/gbC8scSZf59FBut3bbBXJE9I3+23wc0C+vJc8jNAeW
Sttt8Yoeg9up3hXu+rNQ7rkOX0lxZCQ1JsPVWtInM34zuwYqB12kQxh+cczBtgNE
ZjF+w5uVfl68nJrMWgcGxTvhWYxgXCdXU/xXAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUTlMIClXWOImmRKz7dKhP6P+hd8AwHwYDVR0jBBgwFoAU5QLeLGCGpmKEuAzb
e1rAwSzD88IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjE1
NC81UUxlTEdDR3BtS0V1QXpiZTFyQXdTekQ4OEkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzVRTGVMR0NHcG1LRXVBemJlMXJBd1N6RDg4SS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxNTQvVGxNSUNsWFdPSW1t
Ukt6N2RLaFA2UC1oZDhBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAHehijANBgkqhkiG9w0BAQsFAAOCAQEAkvAra7VdP7bYfsEBLbSWjLhXzWk3
3MmV6+CMkFmfZzJrY1zXselzRgMuSH/wMQPfmdbGEeYVh9in84ghmlR6NXQfnQeH
stwiQdq3hfqdkx6V+eVTq7j5IvkpqPUePKrlOzXok+/Dzun76qlu2YvcFvRGeAMB
puMpWrLLhvXMnX1bznnsyqNhMy5C7YcEsOOwustfbnQWnktvVVOD97s6yhQm62i8
D2L31wnFT3xiXZIGG3v7+fmlN9RvpBaoIPOygAbrjnILEbXLHBmDVrnuRE/ULRTK
/zeE5i40ukgQ7ZeGR/tbx61KzrZcO+LsIh/J8gIV/nJ9yKTxyUHqxHLeBw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:25:15 2025 by rpki-client