Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/zIkyvYCG3xltDU6QordYYLqh4z0.roa
File: zIkyvYCG3xltDU6QordYYLqh4z0.roa (raw, json)
Hash identifier: cN5JanPEHEZFoNiw34OnU87vXF/zaAl/ToJRqZKqfaA=
Subject key identifier: CC:89:32:BD:80:86:DF:19:6D:0D:4E:90:A2:B7:58:60:BA:A1:E3:3D
Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Certificate serial: 1731
Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/zIkyvYCG3xltDU6QordYYLqh4z0.roa
Signing time: Fri 24 May 2024 02:25:28 +0000
ROA not before: Fri 24 May 2024 02:25:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139021
IP address blocks: 218.247.80.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5937 (0x1731)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Validity
Not Before: May 24 02:25:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CC8932BD8086DF196D0D4E90A2B75860BAA1E33D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a9:71:6d:ba:cb:c0:73:23:1c:24:5f:b6:17:
14:6b:e1:64:26:9b:da:0b:04:b1:78:7f:53:e5:5d:
01:12:d7:38:3e:ec:ec:49:89:e7:27:be:e9:98:20:
e8:2a:70:19:8d:7b:3e:70:9c:b5:34:3b:6c:d8:cf:
0d:33:89:62:d5:81:2b:17:33:9c:8a:d4:e0:dc:ce:
30:24:31:d5:70:22:95:d0:fb:ea:80:84:bd:cb:30:
aa:b4:2c:50:16:4e:e6:80:23:32:c4:f7:cc:4f:53:
21:6a:81:92:d2:c9:51:bb:3c:9e:2c:13:f2:fc:3a:
b6:69:8e:94:75:6c:7e:27:a7:9a:cd:4d:0e:97:70:
e4:35:76:6b:42:9d:a6:e3:29:38:1c:ae:de:fd:5c:
d5:f1:87:10:7b:9d:c3:8d:85:c2:04:a3:00:a1:5d:
f8:4e:01:02:b5:f0:5e:40:02:1b:bf:2a:fc:3f:56:
c1:c0:29:49:fc:16:ae:4b:ca:d2:be:2d:db:0e:e9:
fd:56:64:71:cc:94:63:68:7a:3a:5d:28:fc:88:84:
83:1c:7f:b6:a9:48:40:bf:f4:af:aa:93:0e:74:8a:
e3:a8:4f:71:f4:14:13:06:7e:af:7c:f5:fd:ff:39:
f4:e9:32:6c:09:96:aa:72:9e:c1:df:1d:c4:dc:a5:
0b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:89:32:BD:80:86:DF:19:6D:0D:4E:90:A2:B7:58:60:BA:A1:E3:3D
X509v3 Authority Key Identifier:
keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/zIkyvYCG3xltDU6QordYYLqh4z0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.247.80.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:5f:27:63:15:c6:3e:a4:6c:30:23:bd:bd:6a:16:b2:29:ae:
5e:31:79:d0:6b:f6:25:b5:57:75:53:5f:ce:31:8e:a2:99:a2:
6f:f5:bf:9a:fe:28:69:75:a8:28:30:94:66:17:26:c5:01:3c:
71:7e:33:a0:83:4a:cb:02:8c:99:f2:1e:c9:17:1b:f9:33:bd:
70:ff:d7:93:f2:2f:0b:d3:60:25:87:16:ab:06:0e:82:45:4c:
b2:e9:34:56:37:dc:74:be:53:0f:8e:68:ae:af:02:8f:3a:f4:
40:dc:0c:19:94:83:86:4e:3c:55:f3:cd:c8:9f:c3:c5:9f:f6:
de:e3:36:98:d2:07:d9:09:cc:a5:5a:f1:41:27:09:e7:af:cd:
47:e0:d6:9b:16:41:ee:a3:8e:0a:4a:9e:9b:d6:88:97:29:6b:
0a:e7:17:f8:a6:00:dd:37:72:48:27:1d:f1:c5:d6:5f:71:63:
94:53:9d:8d:32:4d:16:e6:c7:35:89:4f:51:96:4b:82:3e:81:
13:f5:78:17:48:ac:cf:da:ae:cd:81:de:4d:ea:f1:93:f7:bb:
32:33:83:52:98:c5:0f:08:51:4a:ae:a3:11:55:ba:fa:60:8b:
bc:96:0d:5f:0c:94:3b:32:c8:e2:7f:02:c2:79:85:cf:d8:27:
e8:e7:64:1e
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFzEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz
QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNDA1MjQw
MjI1MjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENDODkzMkJEODA4NkRG
MTk2RDBENEU5MEEyQjc1ODYwQkFBMUUzM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1qXFtusvAcyMcJF+2FxRr4WQmm9oLBLF4f1PlXQES1zg+7OxJ
iecnvumYIOgqcBmNez5wnLU0O2zYzw0ziWLVgSsXM5yK1ODczjAkMdVwIpXQ++qA
hL3LMKq0LFAWTuaAIzLE98xPUyFqgZLSyVG7PJ4sE/L8OrZpjpR1bH4np5rNTQ6X
cOQ1dmtCnabjKTgcrt79XNXxhxB7ncONhcIEowChXfhOAQK18F5AAhu/Kvw/VsHA
KUn8Fq5LytK+LdsO6f1WZHHMlGNoejpdKPyIhIMcf7apSEC/9K+qkw50iuOoT3H0
FBMGfq989f3/OfTpMmwJlqpynsHfHcTcpQunAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUzIkyvYCG3xltDU6QordYYLqh4z0wHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A
r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4
OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkveklreXZZQ0czeGx0
RFU2UW9yZFlZTHFoNHowLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAtr3UDANBgkqhkiG9w0BAQsFAAOCAQEAXV8nYxXGPqRsMCO9vWoWsimuXjF5
0Gv2JbVXdVNfzjGOopmib/W/mv4oaXWoKDCUZhcmxQE8cX4zoINKywKMmfIeyRcb
+TO9cP/Xk/IvC9NgJYcWqwYOgkVMsuk0VjfcdL5TD45orq8Cjzr0QNwMGZSDhk48
VfPNyJ/DxZ/23uM2mNIH2QnMpVrxQScJ56/NR+DWmxZB7qOOCkqem9aIlylrCucX
+KYA3TdySCcd8cXWX3FjlFOdjTJNFubHNYlPUZZLgj6BE/V4F0isz9quzYHeTerx
k/e7MjODUpjFDwhRSq6jEVW6+mCLvJYNXwyUOzLI4n8CwnmFz9gn6OdkHg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:11:14 2025 by rpki-client