Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/mZkAPHdXZ-Qpx6W3QVdNOcORU4Q.roa
File: mZkAPHdXZ-Qpx6W3QVdNOcORU4Q.roa (raw, json)
Hash identifier: ZrV5FxRpsNBaGLPWFJ+QI6PJmDbtFrnbmpx2Vsv5BBk=
Subject key identifier: 99:99:00:3C:77:57:67:E4:29:C7:A5:B7:41:57:4D:39:C3:91:53:84
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 134C
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/mZkAPHdXZ-Qpx6W3QVdNOcORU4Q.roa
Signing time: Thu 22 May 2025 09:04:47 +0000
ROA not before: Thu 22 May 2025 09:04:47 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 55990
IP address blocks: 101.245.56.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4940 (0x134c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: May 22 09:04:47 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=9999003C775767E429C7A5B741574D39C3915384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ef:90:24:24:47:1f:80:10:7d:3e:e8:5c:c2:
93:e6:ef:54:38:d1:e5:5a:c9:31:69:31:6a:d8:0f:
f8:29:4e:d0:7c:fb:b8:47:e3:b8:1f:de:70:33:74:
c0:f6:fb:17:45:c9:b0:56:10:4c:65:4e:7f:a9:ec:
49:0a:af:4f:03:40:86:75:c6:0f:9b:42:45:33:d6:
51:95:27:cd:7f:bf:0b:a2:0a:ed:2d:62:9b:d9:e4:
1d:da:56:63:08:47:da:d1:a4:a7:dd:72:4a:b9:ad:
57:b8:0c:55:5c:31:29:22:1e:f4:1e:42:85:b4:fa:
6b:00:45:eb:90:9d:08:62:32:92:2b:6e:13:8a:d9:
79:bc:9c:98:61:18:ee:da:09:90:60:c2:1b:53:8b:
e9:6e:c7:46:d2:5f:6c:68:36:92:b5:c5:14:bc:6a:
9c:3c:0e:75:2c:ef:1d:42:9f:c3:7d:ad:58:2a:f1:
4c:ac:50:84:f2:20:24:8d:9b:4f:38:cb:dc:43:51:
9b:1a:36:00:c9:8f:a2:e9:d1:f9:4e:ce:d0:f4:ca:
eb:1e:d6:f0:5a:7e:fc:b1:f0:3c:ab:c8:18:99:3d:
8e:25:97:20:eb:5f:a2:d9:7c:26:c1:6c:8c:f8:24:
96:bd:70:e9:74:53:97:c7:00:18:20:88:f7:e9:42:
75:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:99:00:3C:77:57:67:E4:29:C7:A5:B7:41:57:4D:39:C3:91:53:84
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/mZkAPHdXZ-Qpx6W3QVdNOcORU4Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.245.56.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:9d:e5:9f:79:ca:d6:b9:a0:47:d1:0e:a6:2a:55:26:53:40:
99:b3:8a:7e:e7:4f:d0:08:c8:09:7e:81:57:e4:9a:98:c6:72:
a2:e3:e6:85:17:28:95:a6:19:0b:c9:94:7a:8f:e0:be:49:66:
6f:3c:d2:3e:ef:5d:a2:aa:60:b5:16:67:f6:8e:1d:6f:1b:16:
24:51:4a:7e:69:c3:57:c1:9d:db:23:3c:d0:92:7f:2d:99:1e:
24:33:d5:85:01:48:8a:ee:e6:55:1d:cd:9b:f9:15:8f:41:e1:
77:e8:44:fb:dc:d9:82:b7:a4:63:94:2b:b3:c8:dd:81:35:cf:
24:1d:23:16:d5:ca:ce:da:20:3f:6f:1f:c4:87:b7:88:95:d4:
3d:b9:71:f1:50:b4:f7:b5:b2:c8:46:68:4c:4b:3b:14:fb:d7:
bd:15:89:05:da:f1:09:a4:07:26:f7:2c:90:45:87:94:f0:e4:
54:57:34:01:c3:b9:2f:12:90:61:d3:81:05:32:22:6b:67:6e:
cc:a8:54:3f:c2:23:63:46:a0:7c:a9:21:96:a7:42:e4:17:b2:
b4:3e:e7:2d:1b:36:e9:fa:6e:f0:a5:7b:90:76:fb:7f:8a:48:
da:36:e5:c7:7d:8e:94:3d:b4:46:0e:bd:4e:c2:61:f9:90:b7:
db:5e:99:41
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICE0wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA1MjIw
OTA0NDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDk5OTkwMDNDNzc1NzY3
RTQyOUM3QTVCNzQxNTc0RDM5QzM5MTUzODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI75AkJEcfgBB9PuhcwpPm71Q40eVayTFpMWrYD/gpTtB8+7hH
47gf3nAzdMD2+xdFybBWEExlTn+p7EkKr08DQIZ1xg+bQkUz1lGVJ81/vwuiCu0t
YpvZ5B3aVmMIR9rRpKfdckq5rVe4DFVcMSkiHvQeQoW0+msAReuQnQhiMpIrbhOK
2Xm8nJhhGO7aCZBgwhtTi+lux0bSX2xoNpK1xRS8apw8DnUs7x1Cn8N9rVgq8Uys
UITyICSNm084y9xDUZsaNgDJj6Lp0flOztD0yuse1vBafvyx8DyryBiZPY4llyDr
X6LZfCbBbIz4JJa9cOl0U5fHABggiPfpQnX1AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUmZkAPHdXZ+Qpx6W3QVdNOcORU4QwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvbVprQVBIZFhaLVFw
eDZXM1FWZE5PY09SVTRRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmX1ODANBgkqhkiG9w0BAQsFAAOCAQEAqZ3ln3nK1rmgR9EOpipVJlNAmbOK
fudP0AjICX6BV+SamMZyouPmhRcolaYZC8mUeo/gvklmbzzSPu9doqpgtRZn9o4d
bxsWJFFKfmnDV8Gd2yM80JJ/LZkeJDPVhQFIiu7mVR3Nm/kVj0Hhd+hE+9zZgrek
Y5Qrs8jdgTXPJB0jFtXKztogP28fxIe3iJXUPblx8VC097WyyEZoTEs7FPvXvRWJ
BdrxCaQHJvcskEWHlPDkVFc0AcO5LxKQYdOBBTIia2duzKhUP8IjY0agfKkhlqdC
5BeytD7nLRs26fpu8KV7kHb7f4pI2jblx32OlD20Rg69TsJh+ZC3216ZQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:55:34 2025 by rpki-client