Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/247/X4pYNSPJeXNKBqvcrBnAcLKoIaw.roa
File: X4pYNSPJeXNKBqvcrBnAcLKoIaw.roa (raw, json)
Hash identifier: O0PQ+gk9UDE/Gvwvy0bV4DHIQ7RX9GTWMViTdZfSQCY=
Subject key identifier: 5F:8A:58:35:23:C9:79:73:4A:06:AB:DC:AC:19:C0:70:B2:A8:21:AC
Certificate issuer: /CN=23320A4BAF0AF9313530EC99D3686433703E071F
Certificate serial: 18E4
Authority key identifier: 23:32:0A:4B:AF:0A:F9:31:35:30:EC:99:D3:68:64:33:70:3E:07:1F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IzIKS68K-TE1MOyZ02hkM3A-Bx8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/247/X4pYNSPJeXNKBqvcrBnAcLKoIaw.roa
Signing time: Wed 13 Mar 2024 01:21:49 +0000
ROA not before: Wed 13 Mar 2024 01:21:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 54994
IP address blocks: 203.130.50.0/24 maxlen: 24
203.130.52.0/24 maxlen: 24
203.130.63.0/24 maxlen: 24
220.243.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6372 (0x18e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23320A4BAF0AF9313530EC99D3686433703E071F
Validity
Not Before: Mar 13 01:21:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5F8A583523C979734A06ABDCAC19C070B2A821AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:78:35:89:0c:12:77:f3:16:81:42:d4:25:07:
40:f8:23:23:fb:b5:54:d5:6b:3c:c0:9b:4b:71:71:
d2:0f:7a:45:92:f5:23:d0:cd:82:e6:7c:14:b9:eb:
e4:ec:35:b9:c4:7b:29:f8:c8:9b:4d:91:d8:7e:28:
a3:b4:e1:4e:58:39:86:24:15:3c:df:f0:9a:a3:ac:
76:01:ad:9c:32:32:3a:5c:57:0e:9d:9a:82:01:16:
0f:30:b1:dc:47:dc:42:92:d7:72:e5:58:13:8f:78:
1b:3e:db:e1:30:49:a8:45:5d:3a:cf:fe:d2:1e:c5:
10:5e:b1:17:cc:4d:22:b7:e7:fe:a9:4c:c5:0f:ef:
a8:54:e7:db:9d:4b:da:be:85:75:9b:9e:f0:57:0d:
98:5c:a2:39:8f:37:73:cb:86:1b:70:11:b7:e3:f1:
3a:94:f2:f0:eb:4a:cd:56:a2:59:15:fe:a9:52:f8:
38:9b:26:3a:12:c1:c6:82:c2:c6:a8:68:9f:83:aa:
d6:73:9a:d0:86:21:0a:02:a8:00:03:e8:5c:7f:b6:
38:23:26:ac:5d:c2:f8:07:3d:91:c8:eb:ee:28:4c:
b8:78:c3:75:74:b3:3f:32:17:03:a8:01:a4:1d:59:
02:aa:ac:42:63:bb:8e:b2:76:ee:d7:7f:0d:4b:74:
f3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:8A:58:35:23:C9:79:73:4A:06:AB:DC:AC:19:C0:70:B2:A8:21:AC
X509v3 Authority Key Identifier:
keyid:23:32:0A:4B:AF:0A:F9:31:35:30:EC:99:D3:68:64:33:70:3E:07:1F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/247/IzIKS68K-TE1MOyZ02hkM3A-Bx8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IzIKS68K-TE1MOyZ02hkM3A-Bx8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/247/X4pYNSPJeXNKBqvcrBnAcLKoIaw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.130.50.0/24
203.130.52.0/24
203.130.63.0/24
220.243.248.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:ab:89:de:a4:38:ae:03:06:52:dc:c6:10:a6:85:03:55:7d:
79:4a:5d:16:63:5d:73:37:77:06:87:4d:47:e1:8c:20:ec:a3:
68:48:3a:78:24:50:a2:ff:78:73:e2:0d:66:fc:d3:d2:42:d8:
82:a6:e3:4c:3e:27:d4:56:59:46:b9:f5:dc:94:31:81:b4:80:
ba:7e:04:db:68:54:0a:6d:82:61:f5:a4:48:de:65:c3:1d:2f:
6c:97:e9:fc:6d:14:76:4b:57:22:5d:00:78:b3:ba:15:5f:e7:
b9:dd:c7:ce:d3:54:78:7c:3e:71:af:b7:35:4d:e0:52:e3:0b:
ae:5b:90:fa:2d:41:71:e4:e1:f9:87:74:cf:37:00:26:fc:6a:
4e:a2:1a:35:d9:ba:14:63:dc:1e:68:d6:26:3e:ec:a3:1d:9c:
64:b3:d6:a9:14:a9:83:11:2d:ce:21:98:f6:7b:7b:39:b7:bb:
81:7f:16:90:86:a4:cd:0e:a3:25:f0:c6:94:bd:40:3d:c5:9f:
4d:40:02:f7:d4:8e:09:60:57:fa:a3:f1:53:bf:ba:7c:59:2a:
2e:4a:18:b2:10:17:d4:70:ab:b6:2b:ad:30:14:3f:31:67:8b:
64:2c:b1:1d:f0:0d:fb:8d:a0:7d:29:8a:5f:ef:0d:ed:a0:ec:
da:af:3d:7f
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgICGOQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjMz
MjBBNEJBRjBBRjkzMTM1MzBFQzk5RDM2ODY0MzM3MDNFMDcxRjAeFw0yNDAzMTMw
MTIxNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVGOEE1ODM1MjNDOTc5
NzM0QTA2QUJEQ0FDMTlDMDcwQjJBODIxQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCReDWJDBJ38xaBQtQlB0D4IyP7tVTVazzAm0txcdIPekWS9SPQ
zYLmfBS56+TsNbnEeyn4yJtNkdh+KKO04U5YOYYkFTzf8JqjrHYBrZwyMjpcVw6d
moIBFg8wsdxH3EKS13LlWBOPeBs+2+EwSahFXTrP/tIexRBesRfMTSK35/6pTMUP
76hU59udS9q+hXWbnvBXDZhcojmPN3PLhhtwEbfj8TqU8vDrSs1WolkV/qlS+Dib
JjoSwcaCwsaoaJ+DqtZzmtCGIQoCqAAD6Fx/tjgjJqxdwvgHPZHI6+4oTLh4w3V0
sz8yFwOoAaQdWQKqrEJju46ydu7Xfw1LdPN3AgMBAAGjggIDMIIB/zAdBgNVHQ4E
FgQUX4pYNSPJeXNKBqvcrBnAcLKoIawwHwYDVR0jBBgwFoAUIzIKS68K+TE1MOyZ
02hkM3A+Bx8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQ3
L0l6SUtTNjhLLVRFMU1PeVowMmhrTTNBLUJ4OC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvSXpJS1M2OEstVEUxTU95WjAyaGtNM0EtQng4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjQ3L1g0cFlOU1BKZVhOS0Jx
dmNyQm5BY0xLb0lhdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgD
BADLgjIDBADLgjQDBADLgj8DBADc8/gwDQYJKoZIhvcNAQELBQADggEBAKmrid6k
OK4DBlLcxhCmhQNVfXlKXRZjXXM3dwaHTUfhjCDso2hIOngkUKL/eHPiDWb809JC
2IKm40w+J9RWWUa59dyUMYG0gLp+BNtoVAptgmH1pEjeZcMdL2yX6fxtFHZLVyJd
AHizuhVf57ndx87TVHh8PnGvtzVN4FLjC65bkPotQXHk4fmHdM83ACb8ak6iGjXZ
uhRj3B5o1iY+7KMdnGSz1qkUqYMRLc4hmPZ7ezm3u4F/FpCGpM0OoyXwxpS9QD3F
n01AAvfUjglgV/qj8VO/unxZKi5KGLIQF9Rwq7YrrTAUPzFni2QssR3wDfuNoH0p
il/vDe2g7NqvPX8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:25 2025 by rpki-client