Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/242/QAGM4ZiXQlMJQMKI-9UK_DpwdXA.roa
File: QAGM4ZiXQlMJQMKI-9UK_DpwdXA.roa (raw, json)
Hash identifier: J8bOtxSruVmHMIAu/+bpU+rcZetUcK/yPOK2vYbn0Nw=
Subject key identifier: 40:01:8C:E1:98:97:42:53:09:40:C2:88:FB:D5:0A:FC:3A:70:75:70
Certificate issuer: /CN=0A6F972D24078F89088ED110A26DCDF90A9EBCEA
Certificate serial: 1298
Authority key identifier: 0A:6F:97:2D:24:07:8F:89:08:8E:D1:10:A2:6D:CD:F9:0A:9E:BC:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Cm-XLSQHj4kIjtEQom3N-QqevOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/QAGM4ZiXQlMJQMKI-9UK_DpwdXA.roa
Signing time: Fri 17 Jan 2025 01:29:09 +0000
ROA not before: Fri 17 Jan 2025 01:29:09 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 45102
IP address blocks: 59.82.136.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4760 (0x1298)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0A6F972D24078F89088ED110A26DCDF90A9EBCEA
Validity
Not Before: Jan 17 01:29:09 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=40018CE1989742530940C288FBD50AFC3A707570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:00:48:0b:1a:bb:a3:cf:76:3f:a0:60:8a:57:
d1:1d:cc:a8:5a:3f:29:d0:bd:9c:4d:a9:ba:c8:a2:
29:c2:10:4f:1b:ba:e6:d0:0e:9d:84:d7:18:ad:11:
5c:b0:49:e5:c1:23:a0:0e:be:63:45:45:0b:07:2e:
9c:3a:df:49:9c:c7:bb:2f:c4:7b:c4:9a:14:33:92:
14:2c:df:ca:64:85:f8:fa:98:66:a1:47:bd:00:6f:
ee:02:57:62:30:ae:a5:6b:d6:42:ed:30:2c:97:03:
54:12:9d:f9:c5:61:dd:a4:ba:3a:00:d3:03:57:ef:
bd:8a:53:dc:39:13:9b:c0:50:53:df:1f:c9:8b:d1:
16:7c:0f:35:7d:7e:19:5b:b7:cb:b9:96:5b:24:df:
3b:2e:e3:81:33:21:64:a9:97:50:21:a3:7e:07:b1:
4b:cd:eb:79:30:9c:5b:ad:ef:59:29:70:e9:07:5b:
68:d7:86:a6:c5:7f:95:ee:b4:35:d1:be:ec:98:38:
97:9b:e4:f7:2f:57:81:34:bd:bd:6b:7a:8d:9a:42:
e5:ba:92:13:75:b0:a8:e1:9e:9f:94:1f:ea:da:b3:
c1:fb:3e:96:71:79:9e:c2:6c:f8:25:06:24:f7:10:
2d:23:b3:94:b9:19:87:5c:2b:22:b5:fe:69:ce:52:
f6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:01:8C:E1:98:97:42:53:09:40:C2:88:FB:D5:0A:FC:3A:70:75:70
X509v3 Authority Key Identifier:
keyid:0A:6F:97:2D:24:07:8F:89:08:8E:D1:10:A2:6D:CD:F9:0A:9E:BC:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/Cm-XLSQHj4kIjtEQom3N-QqevOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Cm-XLSQHj4kIjtEQom3N-QqevOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/242/QAGM4ZiXQlMJQMKI-9UK_DpwdXA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.82.136.0/21
Signature Algorithm: sha256WithRSAEncryption
5c:de:8c:35:d1:27:5c:c4:3d:0d:03:ed:fe:50:ea:49:d9:bf:
68:6a:9d:b0:53:2f:9d:ca:f2:2f:28:e3:b3:ef:a8:38:2d:eb:
87:a3:23:01:c3:82:13:49:88:16:fd:9b:74:02:e4:66:5a:62:
00:06:aa:d5:37:bf:9c:d0:af:e7:e3:c5:2d:4e:33:9a:2d:62:
3a:cf:e6:a0:c2:d8:bd:0a:d2:f3:8b:42:a9:da:cd:06:e7:4e:
1a:5c:36:9c:78:b7:28:f9:54:50:a8:19:54:22:d6:7c:43:ca:
6f:e4:0d:33:08:6d:c0:47:3f:6e:96:cb:7e:af:c0:a7:b8:4b:
79:c0:9e:73:81:24:6e:e3:0e:88:4d:0c:6d:f4:31:96:c7:96:
f3:e3:c6:02:c8:3e:9f:42:88:dd:03:50:5b:4f:db:14:c2:d8:
b3:a1:af:0a:91:04:12:05:9c:78:40:84:ff:5e:5f:fe:5a:b1:
3e:1a:00:d1:56:ab:ad:5a:ef:c5:df:6e:6c:35:64:17:1e:a7:
6c:96:87:1a:fb:0f:dc:a1:ae:36:ab:38:53:da:9f:c8:6f:d7:
d6:2e:7c:7a:d4:f8:86:ce:f9:3a:1b:90:13:da:47:4c:14:3d:
9c:c4:00:2f:77:fb:3c:f4:b9:b3:ad:95:90:81:82:98:3f:93:
37:c5:84:e9
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEpgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEE2
Rjk3MkQyNDA3OEY4OTA4OEVEMTEwQTI2RENERjkwQTlFQkNFQTAeFw0yNTAxMTcw
MTI5MDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQwMDE4Q0UxOTg5NzQy
NTMwOTQwQzI4OEZCRDUwQUZDM0E3MDc1NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7AEgLGrujz3Y/oGCKV9EdzKhaPynQvZxNqbrIoinCEE8buubQ
Dp2E1xitEVywSeXBI6AOvmNFRQsHLpw630mcx7svxHvEmhQzkhQs38pkhfj6mGah
R70Ab+4CV2IwrqVr1kLtMCyXA1QSnfnFYd2kujoA0wNX772KU9w5E5vAUFPfH8mL
0RZ8DzV9fhlbt8u5llsk3zsu44EzIWSpl1Aho34HsUvN63kwnFut71kpcOkHW2jX
hqbFf5XutDXRvuyYOJeb5PcvV4E0vb1reo2aQuW6khN1sKjhnp+UH+ras8H7PpZx
eZ7CbPglBiT3EC0js5S5GYdcKyK1/mnOUvYzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUQAGM4ZiXQlMJQMKI+9UK/DpwdXAwHwYDVR0jBBgwFoAUCm+XLSQHj4kIjtEQ
om3N+QqevOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQy
L0NtLVhMU1FIajRrSWp0RVFvbTNOLVFxZXZPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvQ20tWExTUUhqNGtJanRFUW9tM04tUXFldk9vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQyL1FBR000WmlYUWxNSlFN
S0ktOVVLX0Rwd2RYQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAM7UogwDQYJKoZIhvcNAQELBQADggEBAFzejDXRJ1zEPQ0D7f5Q6knZv2hqnbBT
L53K8i8o47PvqDgt64ejIwHDghNJiBb9m3QC5GZaYgAGqtU3v5zQr+fjxS1OM5ot
YjrP5qDC2L0K0vOLQqnazQbnThpcNpx4tyj5VFCoGVQi1nxDym/kDTMIbcBHP26W
y36vwKe4S3nAnnOBJG7jDohNDG30MZbHlvPjxgLIPp9CiN0DUFtP2xTC2LOhrwqR
BBIFnHhAhP9eX/5asT4aANFWq61a78Xfbmw1ZBcep2yWhxr7D9yhrjarOFPan8hv
19YufHrU+IbO+TobkBPaR0wUPZzEAC93+zz0ubOtlZCBgpg/kzfFhOk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:22 2025 by rpki-client