Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/sNqux4mN7rIskkyyueIIJWD8CCo.roa
File: sNqux4mN7rIskkyyueIIJWD8CCo.roa (raw, json)
Hash identifier: X34hX4uRqiuSQ58UT5nRUZsFh25H9gSvUfa0fvcp1ZA=
Subject key identifier: B0:DA:AE:C7:89:8D:EE:B2:2C:92:4C:B2:B9:E2:08:25:60:FC:08:2A
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 1216
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/sNqux4mN7rIskkyyueIIJWD8CCo.roa
Signing time: Thu 21 Nov 2024 14:00:17 +0000
ROA not before: Thu 21 Nov 2024 14:00:17 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 57844
IP address blocks: 218.98.86.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4630 (0x1216)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Nov 21 14:00:17 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=B0DAAEC7898DEEB22C924CB2B9E2082560FC082A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c4:38:06:58:68:f2:25:ac:8f:b9:a6:0e:a1:
2f:cc:71:11:0e:47:2d:a0:16:2f:40:40:bd:1b:1e:
25:a2:de:33:cd:95:5c:83:2d:64:ee:a9:ed:e2:c9:
6d:99:cf:9e:44:07:5e:87:61:4a:a8:f6:27:45:4d:
1a:03:04:a7:18:64:85:98:f0:f6:1f:80:17:0c:c4:
4a:47:b3:7a:b7:51:9e:f6:28:63:fb:fc:e1:c1:1d:
d1:bd:1b:78:ba:fe:53:ca:46:df:bb:b8:db:4d:15:
ea:91:e2:44:7e:f0:d1:5a:5d:01:88:46:74:76:25:
22:39:ea:14:b9:36:b5:1b:05:be:b2:c5:51:ec:b5:
f8:fc:0e:12:fb:c4:07:e3:f9:e8:1b:92:bb:0a:39:
db:3b:f4:28:09:44:76:3c:71:04:53:f5:38:86:81:
21:af:05:92:da:0c:a7:6c:eb:88:a6:dd:ae:ff:5d:
ff:c6:b9:73:c4:86:7e:75:c2:ee:ae:2b:74:29:38:
0d:4a:33:cf:6a:04:ab:5d:14:c4:94:7c:76:a7:20:
bf:60:01:32:4a:ea:58:8c:8e:ba:d5:ec:6f:07:88:
c9:7b:0c:64:57:cc:68:c4:9f:4c:77:ad:75:5d:71:
e6:d7:bd:02:90:c3:95:a3:3f:8e:ef:0e:2f:4b:ac:
0a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:DA:AE:C7:89:8D:EE:B2:2C:92:4C:B2:B9:E2:08:25:60:FC:08:2A
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/sNqux4mN7rIskkyyueIIJWD8CCo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.98.86.0/24
Signature Algorithm: sha256WithRSAEncryption
27:0b:dd:8e:72:a8:14:ab:65:c7:c3:b6:c0:db:1f:03:0b:4b:
a3:9f:b3:97:c4:0a:ee:b3:9a:6e:8e:c8:0e:6d:5e:0b:70:dd:
68:43:72:7d:94:64:04:b4:05:97:f5:05:19:68:ad:13:ed:eb:
0a:ac:a3:92:56:02:04:1d:46:30:54:73:a6:30:38:d2:c6:e8:
5d:cf:22:06:42:e3:cf:b1:60:f2:29:85:50:5b:25:95:6b:f6:
99:08:a2:28:09:f4:15:8f:89:29:48:bc:a3:6c:bb:dd:f8:c0:
ca:81:da:4c:fa:22:62:e3:c5:e3:29:38:8c:85:22:ce:ea:ff:
cf:39:2f:c0:1f:33:cc:b9:b4:f3:32:82:d4:a6:ae:2c:81:eb:
7c:9a:9e:61:24:85:9a:a2:d1:f6:68:94:ba:b6:32:98:51:45:
02:56:58:7d:4e:2f:fe:e7:cd:0c:4f:85:60:9d:6a:96:96:fa:
2f:35:94:61:17:04:a8:a1:e0:76:eb:d3:3b:1c:8c:ad:50:4e:
b2:e0:05:b2:ba:8a:45:da:40:c1:ea:cc:0f:7f:06:6e:18:70:
b9:19:63:da:c1:cd:e0:90:55:48:a2:04:04:5c:29:fb:b1:1b:
c8:30:60:32:1b:dd:81:54:e1:cb:62:89:74:cd:05:9d:88:a3:
48:cb:27:87
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEhYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yNDExMjEx
NDAwMTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEIwREFBRUM3ODk4REVF
QjIyQzkyNENCMkI5RTIwODI1NjBGQzA4MkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyxDgGWGjyJayPuaYOoS/McREORy2gFi9AQL0bHiWi3jPNlVyD
LWTuqe3iyW2Zz55EB16HYUqo9idFTRoDBKcYZIWY8PYfgBcMxEpHs3q3UZ72KGP7
/OHBHdG9G3i6/lPKRt+7uNtNFeqR4kR+8NFaXQGIRnR2JSI56hS5NrUbBb6yxVHs
tfj8DhL7xAfj+egbkrsKOds79CgJRHY8cQRT9TiGgSGvBZLaDKds64im3a7/Xf/G
uXPEhn51wu6uK3QpOA1KM89qBKtdFMSUfHanIL9gATJK6liMjrrV7G8HiMl7DGRX
zGjEn0x3rXVdcebXvQKQw5WjP47vDi9LrAqzAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUsNqux4mN7rIskkyyueIIJWD8CCowHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvc05xdXg0bU43cklz
a2t5eXVlSUlKV0Q4Q0NvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANpiVjANBgkqhkiG9w0BAQsFAAOCAQEAJwvdjnKoFKtlx8O2wNsfAwtLo5+z
l8QK7rOabo7IDm1eC3DdaENyfZRkBLQFl/UFGWitE+3rCqyjklYCBB1GMFRzpjA4
0sboXc8iBkLjz7Fg8imFUFsllWv2mQiiKAn0FY+JKUi8o2y73fjAyoHaTPoiYuPF
4yk4jIUizur/zzkvwB8zzLm08zKC1KauLIHrfJqeYSSFmqLR9miUurYymFFFAlZY
fU4v/ufNDE+FYJ1qlpb6LzWUYRcEqKHgduvTOxyMrVBOsuAFsrqKRdpAwerMD38G
bhhwuRlj2sHN4JBVSKIEBFwp+7EbyDBgMhvdgVThy2KJdM0FnYijSMsnhw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:17 2025 by rpki-client