Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/22/LW8ZY2UtSYeujZ532V0CQrYeABA.roa
File: LW8ZY2UtSYeujZ532V0CQrYeABA.roa (raw, json)
Hash identifier: F4Bh2cqcnHVRx++IenMMdugPp5fWZpfnO1OTNFONqyY=
Subject key identifier: 2D:6F:19:63:65:2D:49:87:AE:8D:9E:77:D9:5D:02:42:B6:1E:00:10
Certificate issuer: /CN=ECB273B097997C02B4F52E5C1BB4FEFE66797850
Certificate serial: 05
Authority key identifier: EC:B2:73:B0:97:99:7C:02:B4:F5:2E:5C:1B:B4:FE:FE:66:79:78:50
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7LJzsJeZfAK09S5cG7T-_mZ5eFA.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/LW8ZY2UtSYeujZ532V0CQrYeABA.roa
Signing time: Tue 14 Jan 2025 08:18:19 +0000
ROA not before: Tue 14 Jan 2025 08:18:19 +0000
ROA not after: Wed 14 Jan 2026 07:53:29 +0000
asID: 17969
IP address blocks: 117.59.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ECB273B097997C02B4F52E5C1BB4FEFE66797850
Validity
Not Before: Jan 14 08:18:19 2025 GMT
Not After : Jan 14 07:53:29 2026 GMT
Subject: CN=2D6F1963652D4987AE8D9E77D95D0242B61E0010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7c:e1:9e:d7:69:7e:0f:71:4a:82:b3:6c:cb:
99:c6:c8:15:7e:ba:0f:0d:c6:b3:d5:05:80:b4:bf:
94:92:56:50:0f:fd:0f:b7:da:a0:f3:95:6d:06:02:
00:c6:65:0c:61:97:ca:d6:da:fe:09:54:dd:3d:f3:
0b:2d:64:8c:fd:92:be:2b:82:1b:5b:2b:03:f8:be:
de:f6:de:9d:86:32:8a:99:f2:53:60:64:49:40:78:
6d:af:fd:a0:a9:c3:a2:19:df:3e:5e:12:06:ee:d9:
cc:98:5b:45:07:d0:b1:d9:de:88:35:fd:64:3c:e6:
75:4f:b1:d4:8a:1c:a7:68:d3:40:f6:2b:7e:21:6e:
bf:d5:19:40:ad:75:19:d5:53:ac:6f:bf:d3:1e:8b:
d5:b5:25:e6:55:95:f0:ca:26:b9:df:44:00:39:7c:
4e:a1:41:e3:19:e0:dd:3c:65:60:5e:94:1d:73:c8:
b2:0e:5d:c7:cd:3b:16:3a:dd:3d:15:48:b1:78:38:
cf:7b:77:81:aa:33:bd:f5:86:ad:35:59:b9:32:f1:
9d:90:10:6b:f6:b0:53:0d:75:79:f1:d9:a0:fb:f7:
98:a5:f1:62:1a:07:31:65:92:06:2c:9b:2b:28:be:
a5:08:0d:12:b7:a2:e3:3c:5f:33:1d:6a:67:bb:4b:
e0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:6F:19:63:65:2D:49:87:AE:8D:9E:77:D9:5D:02:42:B6:1E:00:10
X509v3 Authority Key Identifier:
keyid:EC:B2:73:B0:97:99:7C:02:B4:F5:2E:5C:1B:B4:FE:FE:66:79:78:50
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/7LJzsJeZfAK09S5cG7T-_mZ5eFA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7LJzsJeZfAK09S5cG7T-_mZ5eFA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/LW8ZY2UtSYeujZ532V0CQrYeABA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
117.59.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:50:86:5e:98:1e:7c:7b:8b:0e:3f:fb:21:ec:34:a2:d6:3a:
70:52:72:ee:65:70:97:7b:2c:7d:54:b4:f8:37:48:de:2f:cc:
bb:c5:57:6a:9e:dd:61:8f:23:10:e1:16:32:72:4c:47:8e:6f:
44:14:fb:2b:2a:86:42:67:b0:1b:a3:38:49:e0:d3:e7:a3:52:
09:10:83:53:9f:58:08:26:1b:e3:c9:5a:07:3b:b7:3e:25:cb:
bb:4e:17:5f:a1:74:70:8f:90:5f:d5:73:df:70:1e:30:8b:c5:
c5:9b:e6:c6:6b:6d:13:74:52:04:d1:7b:6f:35:ce:d3:a1:3f:
66:98:2f:00:11:1b:19:ba:95:4b:c9:0b:d9:75:48:96:e3:13:
c5:49:1d:16:1f:81:e2:64:f9:7b:3a:1c:91:46:16:68:ec:86:
82:97:af:c4:3b:ce:b7:31:3b:e5:cc:14:28:35:bb:6b:58:92:
b9:c6:62:5b:b7:12:f6:1d:78:6a:74:dd:ec:3e:32:98:83:2a:
03:3c:b5:9a:a7:9b:ba:da:99:3e:1b:4c:ef:b4:a6:3b:f3:16:
9e:a9:7c:b2:e2:98:0c:77:5e:cb:dc:36:3c:31:c7:7e:d3:bb:
65:17:2a:ff:ac:d4:09:63:dd:d5:7e:e1:33:89:83:30:f5:e9:
d4:4d:92:61
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFQ0Iy
NzNCMDk3OTk3QzAyQjRGNTJFNUMxQkI0RkVGRTY2Nzk3ODUwMB4XDTI1MDExNDA4
MTgxOVoXDTI2MDExNDA3NTMyOVowMzExMC8GA1UEAxMoMkQ2RjE5NjM2NTJENDk4
N0FFOEQ5RTc3RDk1RDAyNDJCNjFFMDAxMDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMp84Z7XaX4PcUqCs2zLmcbIFX66Dw3Gs9UFgLS/lJJWUA/9D7fa
oPOVbQYCAMZlDGGXytba/glU3T3zCy1kjP2SviuCG1srA/i+3vbenYYyipnyU2Bk
SUB4ba/9oKnDohnfPl4SBu7ZzJhbRQfQsdneiDX9ZDzmdU+x1Iocp2jTQPYrfiFu
v9UZQK11GdVTrG+/0x6L1bUl5lWV8Momud9EADl8TqFB4xng3TxlYF6UHXPIsg5d
x807FjrdPRVIsXg4z3t3gaozvfWGrTVZuTLxnZAQa/awUw11efHZoPv3mKXxYhoH
MWWSBiybKyi+pQgNErei4zxfMx1qZ7tL4EECAwEAAaOCAe4wggHqMB0GA1UdDgQW
BBQtbxljZS1Jh66NnnfZXQJCth4AEDAfBgNVHSMEGDAWgBTssnOwl5l8ArT1Llwb
tP7+Znl4UDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yMi83
TEp6c0plWmZBSzA5UzVjRzdULV9tWjVlRkEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwLzdMSnpzSmVaZkFLMDlTNWNHN1QtX21aNWVGQS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIyL0xXOFpZMlV0U1lldWpaNTMy
VjBDUXJZZUFCQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j
bi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwB1
OzANBgkqhkiG9w0BAQsFAAOCAQEANVCGXpgefHuLDj/7Iew0otY6cFJy7mVwl3ss
fVS0+DdI3i/Mu8VXap7dYY8jEOEWMnJMR45vRBT7KyqGQmewG6M4SeDT56NSCRCD
U59YCCYb48laBzu3PiXLu04XX6F0cI+QX9Vz33AeMIvFxZvmxmttE3RSBNF7bzXO
06E/ZpgvABEbGbqVS8kL2XVIluMTxUkdFh+B4mT5ezockUYWaOyGgpevxDvOtzE7
5cwUKDW7a1iSucZiW7cS9h14anTd7D4ymIMqAzy1mqebutqZPhtM77SmO/MWnql8
suKYDHdey9w2PDHHftO7ZRcq/6zUCWPd1X7hM4mDMPXp1E2SYQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:35:09 2025 by rpki-client