Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/242/DD4NE2o3nWzM1DjDE8YHPbe6DCg.roa
File: DD4NE2o3nWzM1DjDE8YHPbe6DCg.roa (raw, json)
Hash identifier: 6J+PrhQaHylTx+oaD6shsiwJp4cgZ5zsIRZKavwyvOo=
Subject key identifier: 0C:3E:0D:13:6A:37:9D:6C:CC:D4:38:C3:13:C6:07:3D:B7:BA:0C:28
Certificate issuer: /CN=0A6F972D24078F89088ED110A26DCDF90A9EBCEA
Certificate serial: 0CCA
Authority key identifier: 0A:6F:97:2D:24:07:8F:89:08:8E:D1:10:A2:6D:CD:F9:0A:9E:BC:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Cm-XLSQHj4kIjtEQom3N-QqevOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/DD4NE2o3nWzM1DjDE8YHPbe6DCg.roa
Signing time: Fri 22 Mar 2024 03:04:00 +0000
ROA not before: Fri 22 Mar 2024 03:04:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 37963
IP address blocks: 59.82.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3274 (0xcca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0A6F972D24078F89088ED110A26DCDF90A9EBCEA
Validity
Not Before: Mar 22 03:04:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0C3E0D136A379D6CCCD438C313C6073DB7BA0C28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:26:12:d9:a3:31:5a:21:4e:a0:a1:1f:8c:85:
18:b7:fb:66:02:32:3c:ca:4d:c0:e0:0f:da:6b:1d:
35:f8:4f:a8:b6:d3:c8:39:5e:56:d7:f1:3a:c8:5c:
f6:9d:0b:1a:8f:79:5c:19:40:18:bd:10:fb:99:a0:
cb:e7:e1:36:78:7b:14:e2:d6:66:75:c5:15:ab:18:
e1:37:eb:91:6b:0d:39:3f:d5:c3:b2:e7:38:09:1a:
cd:bd:92:64:cb:c5:87:96:82:4f:38:8e:f7:02:e7:
7a:9d:b6:63:58:3a:fb:e6:ee:8e:8f:93:75:28:d4:
0d:20:8a:2f:20:ed:a0:ad:16:77:0d:b7:00:08:98:
c1:63:69:2b:d4:39:d2:a8:a9:a4:05:d1:6b:f7:76:
4e:28:3b:2c:f0:5d:61:10:e4:b4:03:7f:28:a7:f4:
78:cc:db:7f:b7:62:e3:85:47:af:0e:83:1b:13:e9:
73:3d:15:b7:cb:0d:fa:96:61:15:8f:bf:1b:e9:6f:
0b:97:29:0b:82:08:f6:aa:bb:ce:ef:2f:8b:79:5b:
ad:77:b9:71:ab:66:9e:77:43:16:cf:fe:64:9d:47:
9e:b9:b5:ed:2b:f9:5b:40:ce:29:7f:74:f0:2d:e8:
30:94:fc:55:27:ed:91:aa:43:2a:cd:ad:25:54:82:
f9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3E:0D:13:6A:37:9D:6C:CC:D4:38:C3:13:C6:07:3D:B7:BA:0C:28
X509v3 Authority Key Identifier:
keyid:0A:6F:97:2D:24:07:8F:89:08:8E:D1:10:A2:6D:CD:F9:0A:9E:BC:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/Cm-XLSQHj4kIjtEQom3N-QqevOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Cm-XLSQHj4kIjtEQom3N-QqevOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/DD4NE2o3nWzM1DjDE8YHPbe6DCg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.82.136.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:3d:d0:63:56:bd:34:23:1a:21:1e:ee:94:14:48:7b:1d:03:
c1:53:cb:82:7c:fa:45:8b:a9:39:15:7a:2d:1b:30:ff:0e:34:
44:11:c9:7d:4a:c0:f8:70:05:12:c8:79:fc:7e:88:df:cf:9d:
6c:29:62:83:b7:17:fb:ff:2a:40:4d:8b:08:1b:2a:af:43:49:
95:30:95:fd:f6:68:4f:85:89:fb:63:bc:3b:35:ba:d7:f2:fb:
6b:cd:61:e5:5c:ed:ae:fc:52:4e:a5:ac:e6:fb:6a:0b:6d:d1:
1d:03:d3:1f:7f:8f:96:d4:cc:9f:a7:1d:29:07:0a:13:31:da:
ec:61:20:24:ce:a2:47:49:e1:92:23:dc:85:60:cb:f0:4b:65:
6c:d8:47:b0:6e:61:32:8d:0b:6c:a4:49:6b:fe:d2:b1:42:9e:
2d:f9:e6:72:19:08:7b:57:58:d8:21:15:00:a0:06:6b:83:46:
fd:eb:fa:59:5c:30:55:b7:e5:68:f1:ca:3e:63:71:63:62:5c:
ee:ee:97:1c:f1:33:dc:6e:d1:28:fb:93:da:14:a0:07:60:33:
ea:80:c6:0b:f2:1a:d3:b7:e3:1b:14:1d:c8:18:4b:99:f5:24:
0e:e7:58:15:92:d3:16:cc:43:81:05:ca:b2:8c:87:21:0b:22:
ee:b1:28:6b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDMowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEE2
Rjk3MkQyNDA3OEY4OTA4OEVEMTEwQTI2RENERjkwQTlFQkNFQTAeFw0yNDAzMjIw
MzA0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBDM0UwRDEzNkEzNzlE
NkNDQ0Q0MzhDMzEzQzYwNzNEQjdCQTBDMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHJhLZozFaIU6goR+MhRi3+2YCMjzKTcDgD9prHTX4T6i208g5
XlbX8TrIXPadCxqPeVwZQBi9EPuZoMvn4TZ4exTi1mZ1xRWrGOE365FrDTk/1cOy
5zgJGs29kmTLxYeWgk84jvcC53qdtmNYOvvm7o6Pk3Uo1A0gii8g7aCtFncNtwAI
mMFjaSvUOdKoqaQF0Wv3dk4oOyzwXWEQ5LQDfyin9HjM23+3YuOFR68OgxsT6XM9
FbfLDfqWYRWPvxvpbwuXKQuCCPaqu87vL4t5W613uXGrZp53QxbP/mSdR565te0r
+VtAzil/dPAt6DCU/FUn7ZGqQyrNrSVUgvlNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUDD4NE2o3nWzM1DjDE8YHPbe6DCgwHwYDVR0jBBgwFoAUCm+XLSQHj4kIjtEQ
om3N+QqevOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQy
L0NtLVhMU1FIajRrSWp0RVFvbTNOLVFxZXZPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvQ20tWExTUUhqNGtJanRFUW9tM04tUXFldk9vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQyL0RENE5FMm8zbld6TTFE
akRFOFlIUGJlNkRDZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAM7UogwDQYJKoZIhvcNAQELBQADggEBAIo90GNWvTQjGiEe7pQUSHsdA8FTy4J8
+kWLqTkVei0bMP8ONEQRyX1KwPhwBRLIefx+iN/PnWwpYoO3F/v/KkBNiwgbKq9D
SZUwlf32aE+FiftjvDs1utfy+2vNYeVc7a78Uk6lrOb7agtt0R0D0x9/j5bUzJ+n
HSkHChMx2uxhICTOokdJ4ZIj3IVgy/BLZWzYR7BuYTKNC2ykSWv+0rFCni355nIZ
CHtXWNghFQCgBmuDRv3r+llcMFW35Wjxyj5jcWNiXO7ulxzxM9xu0Sj7k9oUoAdg
M+qAxgvyGtO34xsUHcgYS5n1JA7nWBWS0xbMQ4EFyrKMhyELIu6xKGs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:24:37 2025 by rpki-client