Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/_02AP_Ab-_jw9IDmIAqp2qDpjJs.roa
File: _02AP_Ab-_jw9IDmIAqp2qDpjJs.roa (raw, json)
Hash identifier: ZhDrB4oZVidoAiqetv4zpFhA9Kovxdk7zueVEXl3w/o=
Subject key identifier: FF:4D:80:3F:F0:1B:FB:F8:F0:F4:80:E6:20:0A:A9:DA:A0:E9:8C:9B
Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Certificate serial: 172E
Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/_02AP_Ab-_jw9IDmIAqp2qDpjJs.roa
Signing time: Fri 24 May 2024 02:25:27 +0000
ROA not before: Fri 24 May 2024 02:25:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139021
IP address blocks: 218.247.88.0/21 maxlen: 21
219.234.16.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5934 (0x172e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Validity
Not Before: May 24 02:25:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FF4D803FF01BFBF8F0F480E6200AA9DAA0E98C9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d5:0c:72:ff:4e:d0:11:26:e6:aa:4e:30:0a:
c1:8d:9b:b3:14:fc:11:01:c8:38:48:19:7e:d5:28:
97:64:e5:f2:be:c3:9a:73:79:19:bb:9e:0b:90:53:
90:ee:1a:96:1c:de:f2:7a:b4:2b:0c:c6:70:15:d5:
be:c0:1b:5c:19:1b:cf:19:0d:14:b8:63:e8:bc:e0:
8d:3d:db:7f:dd:96:7f:7d:7c:9e:be:a6:45:75:c0:
47:62:ac:9f:cf:96:ce:8d:7c:46:79:b3:91:f4:54:
89:11:18:85:12:c4:2a:d2:f7:85:28:42:21:1b:63:
a2:bd:7b:d7:b1:a5:1b:da:28:81:fa:a7:b1:f8:5d:
0d:58:56:ca:bb:de:4f:1e:fc:d5:b1:e9:85:3d:14:
5c:29:b6:02:a1:2e:ba:4a:b7:3d:13:b1:0e:31:65:
ce:02:99:e2:fc:3f:d9:71:25:88:2c:40:31:57:08:
05:49:ab:bd:41:e5:a8:e5:77:fe:51:ff:ae:2f:f4:
00:96:5b:4b:6e:76:b4:6c:02:39:be:43:01:9c:2c:
1d:e6:c9:c2:5c:1f:95:df:48:79:84:3f:ae:14:72:
02:b0:2d:ea:2b:6a:f0:12:93:f1:46:b5:8b:8e:f9:
c1:89:d7:33:56:62:b9:d9:b2:f7:e8:2e:7b:ed:38:
8c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:4D:80:3F:F0:1B:FB:F8:F0:F4:80:E6:20:0A:A9:DA:A0:E9:8C:9B
X509v3 Authority Key Identifier:
keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/_02AP_Ab-_jw9IDmIAqp2qDpjJs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.247.88.0/21
219.234.16.0/21
Signature Algorithm: sha256WithRSAEncryption
17:a4:32:a4:21:e4:ea:52:e6:ec:da:dc:f0:30:46:51:f3:7d:
01:c3:da:8c:1c:f4:09:2a:3d:5d:f9:4d:7f:18:58:66:06:fa:
96:01:e9:bd:1e:7d:28:44:47:f7:16:1f:67:3e:e9:12:f6:8f:
3c:3e:ad:a3:3b:70:75:cc:46:ec:15:45:d2:d7:52:9c:af:05:
c5:55:63:1d:7f:0d:41:50:14:6e:d4:6c:57:72:10:69:f2:f9:
fe:6c:4f:d3:22:d9:10:e0:85:e0:44:6b:91:69:32:9f:73:b5:
71:40:46:05:b7:3c:21:20:a4:17:ff:1c:c4:1a:c3:8b:05:08:
53:74:30:e7:26:d1:ef:5a:6a:4d:87:de:8e:c5:41:9d:3f:22:
df:6e:9e:ee:c6:28:8c:ee:f2:cd:36:38:0c:d1:70:73:6f:07:
8a:80:6b:51:d8:da:0e:88:6d:69:7b:07:d8:de:e6:d7:c8:1a:
e0:5a:75:90:15:94:68:01:9b:90:b5:af:c8:2e:70:02:6a:86:
cc:03:49:64:76:7b:8a:90:8f:ae:5b:0e:a8:0e:b9:a9:f7:83:
18:a0:c0:a2:e2:1b:be:0d:98:f9:06:77:a7:0d:25:e1:1c:34:
f6:9e:58:06:35:ab:64:1d:08:e8:da:08:fb:e4:7c:8f:a2:d3:
d9:0f:eb:21
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICFy4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz
QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNDA1MjQw
MjI1MjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZGNEQ4MDNGRjAxQkZC
RjhGMEY0ODBFNjIwMEFBOURBQTBFOThDOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDW1Qxy/07QESbmqk4wCsGNm7MU/BEByDhIGX7VKJdk5fK+w5pz
eRm7nguQU5DuGpYc3vJ6tCsMxnAV1b7AG1wZG88ZDRS4Y+i84I0923/dln99fJ6+
pkV1wEdirJ/Pls6NfEZ5s5H0VIkRGIUSxCrS94UoQiEbY6K9e9expRvaKIH6p7H4
XQ1YVsq73k8e/NWx6YU9FFwptgKhLrpKtz0TsQ4xZc4CmeL8P9lxJYgsQDFXCAVJ
q71B5ajld/5R/64v9ACWW0tudrRsAjm+QwGcLB3mycJcH5XfSHmEP64UcgKwLeor
avASk/FGtYuO+cGJ1zNWYrnZsvfoLnvtOIybAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQU/02AP/Ab+/jw9IDmIAqp2qDpjJswHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A
r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4
OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvXzAyQVBfQWItX2p3
OUlEbUlBcXAycURwakpzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEA9r3WAMEA9vqEDANBgkqhkiG9w0BAQsFAAOCAQEAF6QypCHk6lLm7Nrc8DBG
UfN9AcPajBz0CSo9XflNfxhYZgb6lgHpvR59KERH9xYfZz7pEvaPPD6toztwdcxG
7BVF0tdSnK8FxVVjHX8NQVAUbtRsV3IQafL5/mxP0yLZEOCF4ERrkWkyn3O1cUBG
Bbc8ISCkF/8cxBrDiwUIU3Qw5ybR71pqTYfejsVBnT8i326e7sYojO7yzTY4DNFw
c28HioBrUdjaDohtaXsH2N7m18ga4Fp1kBWUaAGbkLWvyC5wAmqGzANJZHZ7ipCP
rlsOqA65qfeDGKDAouIbvg2Y+QZ3pw0l4Rw09p5YBjWrZB0I6NoI++R8j6LT2Q/r
IQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:19:15 2025 by rpki-client