Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2291/hbtBkv7Ldz4-Uzd8orATr6lvH5c.roa
File: hbtBkv7Ldz4-Uzd8orATr6lvH5c.roa (raw, json)
Hash identifier: Xu3JhRoRGaYJa17fR0G8cWnAkny2NsbMcw9/I5GDiWA=
Subject key identifier: 85:BB:41:92:FE:CB:77:3E:3E:53:37:7C:A2:B0:13:AF:A9:6F:1F:97
Certificate issuer: /CN=E82287BB56FAC8E6753ABDE36B3B6A939CB59A53
Certificate serial: 1779
Authority key identifier: E8:22:87:BB:56:FA:C8:E6:75:3A:BD:E3:6B:3B:6A:93:9C:B5:9A:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6CKHu1b6yOZ1Or3jaztqk5y1mlM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2291/hbtBkv7Ldz4-Uzd8orATr6lvH5c.roa
Signing time: Wed 13 Mar 2024 01:23:20 +0000
ROA not before: Wed 13 Mar 2024 01:23:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 133111
IP address blocks: 42.201.32.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6009 (0x1779)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E82287BB56FAC8E6753ABDE36B3B6A939CB59A53
Validity
Not Before: Mar 13 01:23:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=85BB4192FECB773E3E53377CA2B013AFA96F1F97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:08:3b:97:0f:73:ea:41:26:4c:7a:f1:14:dc:
b4:09:ae:5b:99:68:43:62:62:db:31:79:81:57:80:
69:3a:7e:0a:68:cf:38:bd:17:68:4d:d4:77:36:2b:
91:49:15:0e:46:33:42:de:62:83:35:c2:d0:03:10:
ef:89:cc:02:2f:69:ca:d6:89:75:6e:7d:4c:2c:7b:
95:e0:19:69:81:12:3c:e0:e3:21:0b:eb:cf:ec:8c:
7e:3a:31:6e:22:12:82:9e:c8:44:27:13:41:69:0d:
24:7b:19:4b:44:85:dc:4e:97:f0:fd:71:67:99:52:
b2:cf:f6:e5:12:13:5f:20:86:3a:09:ef:5d:37:a1:
07:41:45:7d:4a:7f:6a:88:5f:96:c0:c1:fc:87:9f:
a3:94:e6:c9:aa:3a:33:89:a1:22:26:88:8c:c8:89:
53:73:8c:e8:78:d9:d1:ce:c7:85:16:06:48:a1:6d:
b0:98:83:1b:c0:4a:89:2f:5a:c6:38:f0:61:bc:f4:
06:c2:13:0b:8d:15:b1:50:90:5a:4c:39:ec:e9:3b:
09:22:c3:73:ae:fc:03:7b:47:1c:3d:0c:44:b4:98:
9f:1e:5f:75:77:ab:c7:4b:ac:e5:ee:cf:03:ee:47:
c7:cb:3d:28:0d:67:62:55:18:52:86:74:67:dc:a3:
6e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:BB:41:92:FE:CB:77:3E:3E:53:37:7C:A2:B0:13:AF:A9:6F:1F:97
X509v3 Authority Key Identifier:
keyid:E8:22:87:BB:56:FA:C8:E6:75:3A:BD:E3:6B:3B:6A:93:9C:B5:9A:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2291/6CKHu1b6yOZ1Or3jaztqk5y1mlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6CKHu1b6yOZ1Or3jaztqk5y1mlM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2291/hbtBkv7Ldz4-Uzd8orATr6lvH5c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
42.201.32.0/19
Signature Algorithm: sha256WithRSAEncryption
b9:38:c8:f7:04:f5:ad:35:df:40:b4:4e:03:36:ec:2c:a4:17:
11:34:5c:0e:1e:af:b7:c2:b8:54:d8:c1:d8:32:c3:23:8f:f2:
2f:46:cd:47:45:9f:92:f1:bd:da:11:2f:7e:24:78:58:7e:01:
8d:61:a5:ff:fd:b6:1f:9e:74:9e:fa:ed:f2:ff:9d:20:96:4b:
63:d8:c0:e4:52:fc:d2:39:85:92:48:86:b2:9f:c3:ad:93:25:
25:56:4f:42:cb:ae:c8:b4:05:0b:01:ef:ed:f8:58:69:15:4b:
df:ff:d6:48:7e:5d:91:45:6a:12:21:5e:33:05:04:0a:41:e8:
23:ea:49:ff:de:27:98:5b:54:dd:03:cf:7d:85:3f:91:81:92:
0c:ee:1f:62:a3:f5:f3:5c:e1:8b:20:fa:e0:3c:52:f4:ed:3a:
9f:b6:8f:01:0e:3c:d0:c2:00:11:c9:68:18:c4:06:4d:28:7a:
5a:1c:3a:3f:9f:73:92:d8:f1:0c:77:91:be:d5:bd:98:5a:49:
86:27:ad:1a:e7:c9:a7:ce:b1:2d:05:07:25:2e:14:1d:ce:46:
55:a8:03:dc:ff:af:7b:9f:93:f8:97:53:48:6a:32:16:fa:80:
a4:2a:48:f9:0e:43:39:74:e5:2b:02:65:cd:54:b2:8f:43:6a:
1a:dd:96:c4
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICF3kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTgy
Mjg3QkI1NkZBQzhFNjc1M0FCREUzNkIzQjZBOTM5Q0I1OUE1MzAeFw0yNDAzMTMw
MTIzMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg1QkI0MTkyRkVDQjc3
M0UzRTUzMzc3Q0EyQjAxM0FGQTk2RjFGOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD5CDuXD3PqQSZMevEU3LQJrluZaENiYtsxeYFXgGk6fgpozzi9
F2hN1Hc2K5FJFQ5GM0LeYoM1wtADEO+JzAIvacrWiXVufUwse5XgGWmBEjzg4yEL
68/sjH46MW4iEoKeyEQnE0FpDSR7GUtEhdxOl/D9cWeZUrLP9uUSE18ghjoJ7103
oQdBRX1Kf2qIX5bAwfyHn6OU5smqOjOJoSImiIzIiVNzjOh42dHOx4UWBkihbbCY
gxvASokvWsY48GG89AbCEwuNFbFQkFpMOezpOwkiw3Ou/AN7Rxw9DES0mJ8eX3V3
q8dLrOXuzwPuR8fLPSgNZ2JVGFKGdGfco26NAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUhbtBkv7Ldz4+Uzd8orATr6lvH5cwHwYDVR0jBBgwFoAU6CKHu1b6yOZ1Or3j
aztqk5y1mlMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjI5
MS82Q0tIdTFiNnlPWjFPcjNqYXp0cWs1eTFtbE0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzZDS0h1MWI2eU9aMU9yM2phenRxazV5MW1sTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIyOTEvaGJ0Qmt2N0xkejQt
VXpkOG9yQVRyNmx2SDVjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBSrJIDANBgkqhkiG9w0BAQsFAAOCAQEAuTjI9wT1rTXfQLROAzbsLKQXETRc
Dh6vt8K4VNjB2DLDI4/yL0bNR0WfkvG92hEvfiR4WH4BjWGl//22H550nvrt8v+d
IJZLY9jA5FL80jmFkkiGsp/DrZMlJVZPQsuuyLQFCwHv7fhYaRVL3//WSH5dkUVq
EiFeMwUECkHoI+pJ/94nmFtU3QPPfYU/kYGSDO4fYqP181zhiyD64DxS9O06n7aP
AQ480MIAEcloGMQGTSh6Whw6P59zktjxDHeRvtW9mFpJhietGufJp86xLQUHJS4U
Hc5GVagD3P+ve5+T+JdTSGoyFvqApCpI+Q5DOXTlKwJlzVSyj0NqGt2WxA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:13:09 2025 by rpki-client