Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/7hLQo2jX9sCx4Fq0JltJVYxjOow.roa
File: 7hLQo2jX9sCx4Fq0JltJVYxjOow.roa (raw, json)
Hash identifier: nMwzMYWulxDRuoPlh6XOhLF1yaoXwBU9a7MPEggAXU0=
Subject key identifier: EE:12:D0:A3:68:D7:F6:C0:B1:E0:5A:B4:26:5B:49:55:8C:63:3A:8C
Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32
Certificate serial: 15EA
Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7hLQo2jX9sCx4Fq0JltJVYxjOow.roa
Signing time: Wed 13 Mar 2024 01:22:27 +0000
ROA not before: Wed 13 Mar 2024 01:22:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4837
IP address blocks: 118.184.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5610 (0x15ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32
Validity
Not Before: Mar 13 01:22:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EE12D0A368D7F6C0B1E05AB4265B49558C633A8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:19:c3:49:8c:8e:40:4d:0f:c0:36:76:87:ee:
60:a2:e2:cd:7e:6e:2b:09:d8:f8:03:56:5e:b6:dc:
1d:1f:30:3e:0f:3b:01:22:ff:0f:b8:52:99:5b:d9:
c2:30:30:fd:fa:ba:57:67:b7:33:1d:d5:e1:5f:2b:
9f:88:02:f0:15:b8:61:01:cd:31:37:48:e3:8c:31:
d6:21:03:77:16:c2:d2:73:8a:d6:6c:44:7f:6a:8b:
10:ed:7b:5d:8d:91:82:b6:91:b9:ac:99:31:10:d5:
2e:5f:c3:17:2a:fc:bd:f9:f7:f8:c2:22:e5:d8:57:
6f:8c:56:35:6d:38:11:ba:75:af:f7:93:d4:64:e4:
0f:79:57:7a:3a:be:80:02:55:9d:65:32:c1:5b:65:
a5:e0:48:19:70:55:4e:19:d3:ff:90:d4:0d:f7:be:
f2:ba:e6:7b:34:06:dc:7f:f0:49:c3:06:1d:5e:c8:
17:72:88:5a:15:50:6d:e2:77:69:61:83:bd:66:f2:
7e:0e:2d:fb:bb:83:76:35:d6:f2:96:51:25:6d:94:
c1:a2:76:08:3c:77:cb:5a:3d:f8:67:65:5d:b7:de:
d1:56:48:41:17:ed:e1:62:86:e8:02:9c:8e:3c:c4:
23:48:2d:d9:8d:b7:c7:c5:88:dd:da:89:6e:24:0e:
e7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:12:D0:A3:68:D7:F6:C0:B1:E0:5A:B4:26:5B:49:55:8C:63:3A:8C
X509v3 Authority Key Identifier:
keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7hLQo2jX9sCx4Fq0JltJVYxjOow.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.184.128.0/17
Signature Algorithm: sha256WithRSAEncryption
a0:aa:58:4f:be:90:b4:60:d0:f9:db:53:56:22:78:56:75:dd:
9d:3b:40:1f:8f:c9:07:da:05:88:e5:cf:cb:60:b9:3a:73:3e:
fe:ff:02:b8:49:24:7a:92:c5:7f:c9:dc:f5:b0:32:ff:62:e2:
e5:7f:60:8d:2b:43:d3:43:20:87:64:02:88:56:a9:72:55:95:
a8:00:da:bd:6f:d0:d4:ca:2e:32:62:8c:86:f6:de:0d:59:9f:
3b:6c:08:12:b0:20:1a:22:ee:40:44:8e:e3:76:81:13:eb:c5:
0d:76:ce:19:81:86:4b:b3:c4:8f:ad:48:4b:ee:7e:9b:dd:fc:
43:32:be:7c:39:80:b2:b1:30:ed:fe:28:73:ab:c9:f9:e2:4e:
bb:ce:ec:1e:52:33:88:a9:dc:78:fe:54:25:cd:81:1c:d3:63:
f4:49:da:2d:47:f0:ba:32:9b:67:2a:26:0e:6f:39:6b:2e:9b:
9b:78:72:a9:ab:a0:b5:1b:1a:6f:75:34:54:18:62:89:ab:7d:
56:76:44:60:cc:18:79:ef:14:e5:68:6b:22:44:93:9a:2f:b2:
46:9b:f8:65:6c:e7:b1:3f:a9:58:17:1d:a8:5f:ef:3a:45:73:
9a:c2:70:f1:e8:17:8a:fb:34:32:3e:96:7c:a2:be:c3:87:7f:
92:a3:f8:f3
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFeowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx
MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNDAzMTMw
MTIyMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVFMTJEMEEzNjhEN0Y2
QzBCMUUwNUFCNDI2NUI0OTU1OEM2MzNBOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8GcNJjI5ATQ/ANnaH7mCi4s1+bisJ2PgDVl623B0fMD4POwEi
/w+4Uplb2cIwMP36uldntzMd1eFfK5+IAvAVuGEBzTE3SOOMMdYhA3cWwtJzitZs
RH9qixDte12NkYK2kbmsmTEQ1S5fwxcq/L359/jCIuXYV2+MVjVtOBG6da/3k9Rk
5A95V3o6voACVZ1lMsFbZaXgSBlwVU4Z0/+Q1A33vvK65ns0Btx/8EnDBh1eyBdy
iFoVUG3id2lhg71m8n4OLfu7g3Y11vKWUSVtlMGidgg8d8taPfhnZV233tFWSEEX
7eFihugCnI48xCNILdmNt8fFiN3aiW4kDuehAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU7hLQo2jX9sCx4Fq0JltJVYxjOowwHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ
+wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy
OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvN2hMUW8yalg5c0N4
NEZxMEpsdEpWWXhqT293LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEB3a4gDANBgkqhkiG9w0BAQsFAAOCAQEAoKpYT76QtGDQ+dtTViJ4VnXdnTtA
H4/JB9oFiOXPy2C5OnM+/v8CuEkkepLFf8nc9bAy/2Li5X9gjStD00Mgh2QCiFap
clWVqADavW/Q1MouMmKMhvbeDVmfO2wIErAgGiLuQESO43aBE+vFDXbOGYGGS7PE
j61IS+5+m938QzK+fDmAsrEw7f4oc6vJ+eJOu87sHlIziKnceP5UJc2BHNNj9Ena
LUfwujKbZyomDm85ay6bm3hyqaugtRsab3U0VBhiiat9VnZEYMwYee8U5WhrIkST
mi+yRpv4ZWznsT+pWBcdqF/vOkVzmsJw8egXivs0Mj6WfKK+w4d/kqP48w==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:05 2025 by rpki-client