Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/b_xJrKXfr9iR-P1PshZUFr11DEI.roa
File: b_xJrKXfr9iR-P1PshZUFr11DEI.roa (raw, json)
Hash identifier: KEtj9jXlsW8crqkjMlm5YVVy0ObCZcEDc+GqHIOmI/M=
Subject key identifier: 6F:FC:49:AC:A5:DF:AF:D8:91:F8:FD:4F:B2:16:54:16:BD:75:0C:42
Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Certificate serial: 1BCD
Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/b_xJrKXfr9iR-P1PshZUFr11DEI.roa
Signing time: Fri 17 Jan 2025 01:27:36 +0000
ROA not before: Fri 17 Jan 2025 01:27:36 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139021
IP address blocks: 218.247.88.0/21 maxlen: 21
219.234.16.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7117 (0x1bcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Validity
Not Before: Jan 17 01:27:36 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=6FFC49ACA5DFAFD891F8FD4FB2165416BD750C42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:83:cf:7b:7e:0c:bd:9d:fb:35:5c:b4:92:f5:
27:8e:a0:bc:b1:3b:62:7d:c0:02:2e:3e:d6:d3:ac:
01:bf:7c:af:de:73:a6:25:15:8c:bb:a5:f2:2d:93:
08:9b:83:11:43:31:91:cd:16:67:3e:9e:5e:19:f8:
74:1e:f2:32:ab:d6:c9:23:34:90:ac:02:3d:8e:22:
9f:2b:8d:8e:91:50:14:3c:a7:9a:f3:51:47:da:09:
4f:03:36:15:b0:1c:29:c7:71:33:fc:f6:5a:65:87:
71:d3:b3:7e:8e:9f:2b:71:ff:58:40:fe:f5:f9:a9:
e5:2f:26:ed:a7:a0:89:47:25:41:5a:78:71:f9:c0:
23:c7:03:e4:06:4c:21:30:d3:19:15:95:79:db:9e:
70:80:6b:25:6f:0c:29:aa:4f:5a:42:be:19:77:bc:
3a:fd:9e:c5:ac:ad:5c:5e:20:f2:b7:c8:10:b5:9a:
f2:7d:64:e5:01:49:66:3e:67:b8:14:06:c4:a5:10:
d5:31:d6:40:67:07:96:79:5b:d9:1e:97:a7:21:42:
17:0b:eb:2b:59:30:90:43:b3:8c:21:a4:82:0a:e7:
a4:42:f5:d4:4e:e8:9c:1e:9c:12:0d:2c:98:5a:30:
26:cf:45:16:64:14:7d:bc:db:39:ab:99:83:c8:c1:
0b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:FC:49:AC:A5:DF:AF:D8:91:F8:FD:4F:B2:16:54:16:BD:75:0C:42
X509v3 Authority Key Identifier:
keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/b_xJrKXfr9iR-P1PshZUFr11DEI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.247.88.0/21
219.234.16.0/21
Signature Algorithm: sha256WithRSAEncryption
e0:c4:d0:ec:e8:33:28:1c:a0:c5:9e:9e:0f:8b:b0:14:e4:bd:
cd:05:0d:54:5f:76:60:01:4f:a9:4c:84:f2:93:fe:a7:19:f5:
2c:55:40:90:4a:72:7c:bb:31:50:7f:85:5e:c1:61:f9:ca:d6:
bd:ad:ed:00:be:ed:2c:df:6b:1f:34:e4:81:c9:df:d9:61:7b:
ca:a6:dd:b7:af:35:80:ed:b8:e8:af:a8:6e:a5:b6:07:ef:eb:
94:15:a9:2e:18:ff:9f:46:dd:3d:de:4c:9b:9d:6c:9b:d6:1f:
79:93:d4:f1:78:4c:95:85:54:ce:5b:67:dd:f1:8d:6c:9a:39:
59:94:be:22:90:39:2d:f6:72:90:3b:83:5b:e3:ed:1c:6b:5b:
b8:13:34:6a:b8:d7:7d:cb:34:50:18:ac:76:94:f2:a1:54:8e:
a3:7f:12:55:fd:04:ff:f1:8e:59:44:72:16:7e:f4:37:2d:ec:
71:cb:c7:1b:26:3d:33:6c:59:2a:8c:df:5d:3e:59:d5:96:d6:
ca:31:ea:66:43:99:fd:1f:81:ab:45:83:bd:62:ea:10:a2:d2:
f8:3b:71:8d:81:ea:45:f5:f1:37:0f:45:ec:5e:36:3f:79:51:
aa:f2:e8:20:f9:63:7e:01:b0:7f:c3:d7:18:ba:83:9f:26:92:
9e:14:e6:5d
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICG80wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz
QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNTAxMTcw
MTI3MzZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDZGRkM0OUFDQTVERkFG
RDg5MUY4RkQ0RkIyMTY1NDE2QkQ3NTBDNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUg897fgy9nfs1XLSS9SeOoLyxO2J9wAIuPtbTrAG/fK/ec6Yl
FYy7pfItkwibgxFDMZHNFmc+nl4Z+HQe8jKr1skjNJCsAj2OIp8rjY6RUBQ8p5rz
UUfaCU8DNhWwHCnHcTP89lplh3HTs36Onytx/1hA/vX5qeUvJu2noIlHJUFaeHH5
wCPHA+QGTCEw0xkVlXnbnnCAayVvDCmqT1pCvhl3vDr9nsWsrVxeIPK3yBC1mvJ9
ZOUBSWY+Z7gUBsSlENUx1kBnB5Z5W9kel6chQhcL6ytZMJBDs4whpIIK56RC9dRO
6JwenBINLJhaMCbPRRZkFH282zmrmYPIwQt/AgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUb/xJrKXfr9iR+P1PshZUFr11DEIwHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A
r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4
OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvYl94SnJLWGZyOWlS
LVAxUHNoWlVGcjExREVJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEA9r3WAMEA9vqEDANBgkqhkiG9w0BAQsFAAOCAQEA4MTQ7OgzKBygxZ6eD4uw
FOS9zQUNVF92YAFPqUyE8pP+pxn1LFVAkEpyfLsxUH+FXsFh+crWva3tAL7tLN9r
HzTkgcnf2WF7yqbdt681gO246K+obqW2B+/rlBWpLhj/n0bdPd5Mm51sm9YfeZPU
8XhMlYVUzltn3fGNbJo5WZS+IpA5LfZykDuDW+PtHGtbuBM0arjXfcs0UBisdpTy
oVSOo38SVf0E//GOWURyFn70Ny3sccvHGyY9M2xZKozfXT5Z1ZbWyjHqZkOZ/R+B
q0WDvWLqEKLS+DtxjYHqRfXxNw9F7F42P3lRqvLoIPljfgGwf8PXGLqDnyaSnhTm
XQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:27:33 2025 by rpki-client