Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/f_hTmu8kp_zGg2aqVknFJuMvbnE.roa
File: f_hTmu8kp_zGg2aqVknFJuMvbnE.roa (raw, json)
Hash identifier: 5bVZ4ZpRFYhc00rYxxPxP83AXo11XM/TioixA6h/bRU=
Subject key identifier: 7F:F8:53:9A:EF:24:A7:FC:C6:83:66:AA:56:49:C5:26:E3:2F:6E:71
Certificate issuer: /CN=CDEF7111DE98BD756D92B34D394DA2D39EFF9B8E
Certificate serial: 12B3
Authority key identifier: CD:EF:71:11:DE:98:BD:75:6D:92:B3:4D:39:4D:A2:D3:9E:FF:9B:8E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/f_hTmu8kp_zGg2aqVknFJuMvbnE.roa
Signing time: Fri 17 Jan 2025 01:26:14 +0000
ROA not before: Fri 17 Jan 2025 01:26:14 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 58593
IP address blocks: 42.159.0.0/16 maxlen: 24
42.159.0.0/18 maxlen: 24
42.159.64.0/18 maxlen: 24
42.159.128.0/18 maxlen: 24
42.159.128.0/24 maxlen: 24
42.159.192.0/18 maxlen: 24
103.9.8.0/22 maxlen: 24
103.9.8.0/23 maxlen: 24
103.9.8.0/24 maxlen: 24
103.9.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4787 (0x12b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CDEF7111DE98BD756D92B34D394DA2D39EFF9B8E
Validity
Not Before: Jan 17 01:26:14 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=7FF8539AEF24A7FCC68366AA5649C526E32F6E71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b2:b4:6f:71:0d:20:78:c5:2b:f3:56:40:a4:
04:91:d5:af:91:73:7f:6d:af:2c:c8:96:c2:f2:8e:
4f:a3:02:b0:6b:44:21:47:de:e8:36:8b:46:3e:7b:
bb:41:54:32:fb:a2:41:9b:5b:fb:ca:2e:c4:40:f5:
e9:ee:88:dc:5d:35:53:ed:8c:3e:52:c0:82:d1:df:
fc:9d:a8:a4:7b:67:69:50:46:77:2e:f0:e7:2e:9b:
9a:a9:e1:f8:07:4d:00:fd:2d:71:4e:b4:90:83:2f:
61:e2:63:2d:2e:05:b9:64:ac:7b:56:04:14:ec:3c:
2f:28:21:d4:fe:04:cd:ca:2a:5d:ef:5b:c6:bd:5c:
ce:c2:20:31:fc:97:95:01:89:bb:90:5b:1b:f6:3d:
26:dd:ef:ca:87:de:1f:9c:f2:a9:84:b0:88:f1:fb:
af:84:1b:a3:87:9a:f2:26:db:0e:14:e7:71:02:c2:
0a:7c:76:24:7a:9e:2f:a2:0d:ca:c9:ee:8d:f3:22:
bd:1b:68:02:d1:e5:ec:ff:18:ef:54:99:6d:38:7a:
be:47:f1:22:99:6e:90:a0:f0:58:c7:26:9d:25:a8:
c5:79:81:5c:a6:52:e9:e6:03:49:7b:da:08:3e:ac:
50:cb:1f:71:40:57:53:24:9e:ce:80:4a:2b:7f:50:
39:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F8:53:9A:EF:24:A7:FC:C6:83:66:AA:56:49:C5:26:E3:2F:6E:71
X509v3 Authority Key Identifier:
keyid:CD:EF:71:11:DE:98:BD:75:6D:92:B3:4D:39:4D:A2:D3:9E:FF:9B:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/ze9xEd6YvXVtkrNNOU2i057_m44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/f_hTmu8kp_zGg2aqVknFJuMvbnE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
42.159.0.0/16
103.9.8.0/22
Signature Algorithm: sha256WithRSAEncryption
65:3a:fe:7e:b6:80:fd:65:b3:db:de:3f:2e:5e:6a:4c:75:b5:
b7:24:57:57:48:bc:f4:ba:a2:e9:42:e0:f1:ff:4d:2e:2b:36:
b0:d1:2c:50:bd:e1:2a:fa:1c:4f:37:0e:f5:61:2a:3d:9f:43:
b5:c1:46:42:ac:75:40:b8:e7:cd:af:04:f1:0b:5f:5f:1e:a1:
bc:33:3b:56:0a:8b:ad:fb:70:97:7b:e1:fa:9d:d6:17:fd:14:
68:38:07:8b:4d:d2:3f:da:b3:b9:c4:8e:23:a3:60:ca:70:21:
66:8f:f6:f1:75:f3:89:df:11:75:ab:67:1a:06:67:18:dd:70:
33:2b:f2:9a:ba:c6:c3:97:e3:70:28:4d:cb:ce:cf:5e:49:7f:
ed:4d:f0:05:e3:0f:97:0c:f0:6b:89:6b:0f:2f:27:08:26:64:
36:b1:ad:cf:85:6a:6c:a4:05:ac:02:50:26:47:d7:7b:1b:a0:
50:71:6e:61:b4:54:3e:a6:69:d8:09:bc:5d:96:c1:08:ee:3b:
4c:41:e8:57:a5:12:bf:e3:d4:be:06:e1:43:b6:ba:6a:45:5d:
f0:51:11:35:33:47:ec:cd:ae:1d:2c:3b:75:53:b7:91:c2:f9:
d9:c5:ec:38:bc:6f:9c:b3:13:70:6d:b1:72:13:84:11:b5:2f:
0c:a6:97:6c
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgICErMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0RF
RjcxMTFERTk4QkQ3NTZEOTJCMzREMzk0REEyRDM5RUZGOUI4RTAeFw0yNTAxMTcw
MTI2MTRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDdGRjg1MzlBRUYyNEE3
RkNDNjgzNjZBQTU2NDlDNTI2RTMyRjZFNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzsrRvcQ0geMUr81ZApASR1a+Rc39tryzIlsLyjk+jArBrRCFH
3ug2i0Y+e7tBVDL7okGbW/vKLsRA9enuiNxdNVPtjD5SwILR3/ydqKR7Z2lQRncu
8Ocum5qp4fgHTQD9LXFOtJCDL2HiYy0uBblkrHtWBBTsPC8oIdT+BM3KKl3vW8a9
XM7CIDH8l5UBibuQWxv2PSbd78qH3h+c8qmEsIjx+6+EG6OHmvIm2w4U53ECwgp8
diR6ni+iDcrJ7o3zIr0baALR5ez/GO9UmW04er5H8SKZbpCg8FjHJp0lqMV5gVym
UunmA0l72gg+rFDLH3FAV1Mkns6ASit/UDknAgMBAAGjggH4MIIB9DAdBgNVHQ4E
FgQUf/hTmu8kp/zGg2aqVknFJuMvbnEwHwYDVR0jBBgwFoAUze9xEd6YvXVtkrNN
OU2i057/m44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy
MC96ZTl4RWQ2WXZYVnRrck5OT1UyaTA1N19tNDQuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3plOXhFZDZZdlhWdGtyTk5PVTJpMDU3X200NC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvZl9oVG11OGtwX3pH
ZzJhcVZrbkZKdU12Ym5FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAkBggrBgEFBQcBBwEB/wQVMBMwEQQCAAEw
CwMDACqfAwQCZwkIMA0GCSqGSIb3DQEBCwUAA4IBAQBlOv5+toD9ZbPb3j8uXmpM
dbW3JFdXSLz0uqLpQuDx/00uKzaw0SxQveEq+hxPNw71YSo9n0O1wUZCrHVAuOfN
rwTxC19fHqG8MztWCout+3CXe+H6ndYX/RRoOAeLTdI/2rO5xI4jo2DKcCFmj/bx
dfOJ3xF1q2caBmcY3XAzK/KausbDl+NwKE3Lzs9eSX/tTfAF4w+XDPBriWsPLycI
JmQ2sa3PhWpspAWsAlAmR9d7G6BQcW5htFQ+pmnYCbxdlsEI7jtMQehXpRK/49S+
BuFDtrpqRV3wURE1M0fsza4dLDt1U7eRwvnZxew4vG+csxNwbbFyE4QRtS8Mppds
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:35:04 2025 by rpki-client