Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/D0J-1r5lk-k5ZvkNZIikszbyhSw.roa
File: D0J-1r5lk-k5ZvkNZIikszbyhSw.roa (raw, json)
Hash identifier: uRqkRY0g1oFsgqrRnvxsqo830Onb5xeMrHm44j4vsMw=
Subject key identifier: 0F:42:7E:D6:BE:65:93:E9:39:66:F9:0D:64:88:A4:B3:36:F2:85:2C
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 1348
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/D0J-1r5lk-k5ZvkNZIikszbyhSw.roa
Signing time: Thu 22 May 2025 09:04:45 +0000
ROA not before: Thu 22 May 2025 09:04:45 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 55990
IP address blocks: 101.245.42.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4936 (0x1348)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: May 22 09:04:45 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=0F427ED6BE6593E93966F90D6488A4B336F2852C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c2:7b:e9:ee:2e:ba:a5:db:c4:29:75:10:4a:
a0:d3:8c:4a:14:e5:1f:99:a2:21:f5:37:c6:ed:ca:
68:84:88:1c:fe:f6:46:e3:b8:11:5f:92:6a:d1:08:
99:02:9f:8f:bc:18:e1:09:87:58:37:4e:88:c9:9c:
17:93:e5:52:bd:c9:48:24:76:fc:3f:5e:77:fd:4d:
b9:a0:df:84:bf:8d:69:ac:9b:32:53:f8:59:08:4b:
5f:43:7b:e2:7c:2f:48:cc:74:67:5e:72:d9:19:74:
83:c8:7d:8e:dc:4a:7b:3c:69:ee:7b:7a:2d:dd:f5:
26:e0:b8:11:af:a3:fc:5e:f5:39:36:a1:83:09:0b:
b8:99:64:b3:2a:16:09:28:2b:d0:d8:53:f9:ea:d3:
b3:b4:4d:76:e5:ec:5c:09:4c:eb:14:47:63:ad:70:
a7:b4:b6:75:f6:cf:b5:9d:0a:8f:cb:35:4f:4a:6a:
8f:cb:7d:1a:62:3f:e6:ac:7f:b3:c9:cd:04:16:d0:
8c:98:b0:4e:73:b5:9e:db:8a:bd:fc:e6:8b:2c:c0:
f7:55:7e:9d:4e:cd:ed:50:20:eb:a6:34:23:69:ab:
7c:c4:c7:6d:74:1a:ad:0f:be:a0:ce:37:78:ce:d0:
78:9b:56:57:de:4d:26:5b:8b:55:da:d4:78:19:e5:
ff:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:42:7E:D6:BE:65:93:E9:39:66:F9:0D:64:88:A4:B3:36:F2:85:2C
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/D0J-1r5lk-k5ZvkNZIikszbyhSw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.245.42.0/23
Signature Algorithm: sha256WithRSAEncryption
78:3b:5c:f8:33:16:34:12:d9:f2:24:92:af:ce:c6:44:d9:89:
5f:ce:d4:d5:f0:27:04:85:5f:e3:b5:0e:b4:e7:60:2e:83:ed:
b3:a8:8a:84:bf:5d:45:14:29:ee:86:b5:62:e1:98:21:99:57:
92:1c:25:94:3f:4e:6b:60:c7:fb:29:6d:17:75:38:d2:7e:12:
0f:9e:b8:30:af:eb:c5:9d:d9:22:fc:6c:76:7b:89:e5:93:f0:
03:4f:c8:e3:ac:e4:0b:53:0a:67:2a:8b:15:e7:ad:39:60:92:
47:16:2f:c5:73:67:49:51:93:0b:2c:79:9f:b8:b0:70:77:19:
ac:6d:9d:5a:bc:4c:98:b7:c5:9b:50:d9:26:ea:87:74:79:9c:
94:09:be:d2:87:9c:7b:ec:7a:bb:33:16:a7:89:84:02:57:21:
84:b8:da:6a:b1:b9:7f:8e:34:8f:89:ce:de:f4:2e:d8:f5:87:
18:96:6d:4d:78:81:a3:89:d0:cb:74:50:da:bd:38:81:9d:c0:
f1:db:0b:03:74:f9:dd:8d:79:ab:05:37:50:44:80:2e:f4:37:
5a:4e:20:73:5c:89:8d:cc:10:73:f0:8e:0b:bd:2b:6b:c1:0b:
5f:b3:26:0b:6d:b1:e6:b9:a3:a9:e1:2b:eb:28:7d:c0:d3:d3:
93:bf:fe:0f
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICE0gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA1MjIw
OTA0NDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBGNDI3RUQ2QkU2NTkz
RTkzOTY2RjkwRDY0ODhBNEIzMzZGMjg1MkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmwnvp7i66pdvEKXUQSqDTjEoU5R+ZoiH1N8btymiEiBz+9kbj
uBFfkmrRCJkCn4+8GOEJh1g3TojJnBeT5VK9yUgkdvw/Xnf9Tbmg34S/jWmsmzJT
+FkIS19De+J8L0jMdGdectkZdIPIfY7cSns8ae57ei3d9SbguBGvo/xe9Tk2oYMJ
C7iZZLMqFgkoK9DYU/nq07O0TXbl7FwJTOsUR2OtcKe0tnX2z7WdCo/LNU9Kao/L
fRpiP+asf7PJzQQW0IyYsE5ztZ7bir385osswPdVfp1Oze1QIOumNCNpq3zEx210
Gq0PvqDON3jO0HibVlfeTSZbi1Xa1HgZ5f+FAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUD0J+1r5lk+k5ZvkNZIikszbyhSwwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvRDBKLTFyNWxrLWs1
WnZrTlpJaWtzemJ5aFN3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWX1KjANBgkqhkiG9w0BAQsFAAOCAQEAeDtc+DMWNBLZ8iSSr87GRNmJX87U
1fAnBIVf47UOtOdgLoPts6iKhL9dRRQp7oa1YuGYIZlXkhwllD9Oa2DH+yltF3U4
0n4SD564MK/rxZ3ZIvxsdnuJ5ZPwA0/I46zkC1MKZyqLFeetOWCSRxYvxXNnSVGT
Cyx5n7iwcHcZrG2dWrxMmLfFm1DZJuqHdHmclAm+0oece+x6uzMWp4mEAlchhLja
arG5f440j4nO3vQu2PWHGJZtTXiBo4nQy3RQ2r04gZ3A8dsLA3T53Y15qwU3UESA
LvQ3Wk4gc1yJjcwQc/COC70ra8ELX7MmC22x5rmjqeEr6yh9wNPTk7/+Dw==
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:31:40 2025 by rpki-client