Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/2U-xmiM3fTs14uJFVzwJ7mo9dIk.roa
File: 2U-xmiM3fTs14uJFVzwJ7mo9dIk.roa (raw, json)
Hash identifier: TFL0/XFUs/Zeo14zQeX9vTN9QCvF6RNed05s271HUWk=
Subject key identifier: D9:4F:B1:9A:23:37:7D:3B:35:E2:E2:45:57:3C:09:EE:6A:3D:74:89
Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708
Certificate serial: 1AA7
Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/2U-xmiM3fTs14uJFVzwJ7mo9dIk.roa
Signing time: Tue 24 Sep 2024 00:21:45 +0000
ROA not before: Tue 24 Sep 2024 00:21:45 +0000
ROA not after: Sat 20 Sep 2025 07:41:26 +0000
asID: 136958
IP address blocks: 118.145.32.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6823 (0x1aa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708
Validity
Not Before: Sep 24 00:21:45 2024 GMT
Not After : Sep 20 07:41:26 2025 GMT
Subject: CN=D94FB19A23377D3B35E2E245573C09EE6A3D7489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5d:8b:06:f0:c9:bd:b1:54:1c:de:be:33:81:
63:c1:9f:d2:94:d7:0d:48:a2:3b:46:c3:9d:dd:b4:
1f:ca:5d:6a:6c:d5:41:4a:58:3d:c5:22:24:fe:93:
fa:24:9c:34:a7:d3:db:97:34:5a:04:9d:d7:77:a5:
32:6c:5c:1b:34:33:a3:36:3d:ab:31:f4:74:3f:65:
50:c1:82:76:bc:51:89:6d:4b:9b:bb:7d:8b:bc:68:
77:c3:ca:fe:11:52:60:7a:53:66:17:de:ea:14:3d:
82:cb:2d:70:7c:d1:18:ef:ab:54:84:c0:38:7e:d1:
d5:77:ed:c9:c3:87:50:a2:b7:34:27:04:1f:23:74:
f1:a6:03:80:4e:25:c3:52:97:00:84:81:8c:f9:31:
e6:52:d5:9d:3c:e8:f0:b1:6f:78:46:a8:b8:2d:37:
5c:7a:6f:74:3c:9b:72:00:71:bc:23:7e:29:80:38:
ea:35:7c:70:f6:52:80:78:04:ce:94:f3:e8:b5:db:
68:7e:07:3d:3d:2a:01:b5:8a:59:1d:fa:d7:f0:48:
92:16:9e:f4:d5:cb:80:c2:25:e6:65:5e:fa:36:75:
bc:9c:87:e1:e0:94:8f:52:d2:8a:24:93:92:d3:aa:
a4:e6:5c:45:18:e8:99:02:e2:7f:e2:29:d3:7f:8b:
eb:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:4F:B1:9A:23:37:7D:3B:35:E2:E2:45:57:3C:09:EE:6A:3D:74:89
X509v3 Authority Key Identifier:
keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/2U-xmiM3fTs14uJFVzwJ7mo9dIk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.145.32.0/19
Signature Algorithm: sha256WithRSAEncryption
32:b6:78:ce:98:d8:04:c7:e5:fc:a7:83:1f:ec:67:eb:f7:a8:
74:b8:65:6d:ec:3d:59:43:a2:4c:21:bb:7e:b1:22:56:b9:fd:
a0:e0:28:e4:79:b2:37:f0:13:95:b1:96:84:30:38:d7:f9:c0:
15:d6:83:d9:87:41:f9:9c:20:8a:55:91:44:7d:85:d5:b4:6a:
af:31:9d:84:a5:fa:30:e7:6c:fc:f6:a5:28:7c:95:5c:50:30:
bd:3a:e0:4b:7e:75:35:e4:73:f1:46:0c:68:21:97:5c:96:11:
c5:ad:15:77:74:ad:6f:3a:2b:c2:4e:4d:9a:25:73:70:e5:70:
bd:d1:bb:24:22:fe:10:90:17:4e:63:86:c7:cc:91:dc:a6:e3:
82:21:30:c6:38:e8:f1:0f:b9:9e:86:ab:15:50:64:7d:ff:0f:
57:71:4b:18:46:5c:a9:bb:1d:0f:55:64:c7:c0:2f:f0:dd:86:
94:23:bd:3a:91:08:32:d6:82:39:cf:ba:7f:ff:cf:a0:7b:38:
9e:5f:aa:5e:6c:79:2d:9a:ae:b7:56:dc:40:e9:26:24:b3:bb:
29:13:07:42:4e:36:40:bf:b8:09:d9:48:03:df:19:8d:0f:75:
1b:16:6d:6f:c0:f2:e4:dd:39:50:63:59:fe:dc:ce:82:66:17:
87:ae:fb:74
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICGqcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4
QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNDA5MjQw
MDIxNDVaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKEQ5NEZCMTlBMjMzNzdE
M0IzNUUyRTI0NTU3M0MwOUVFNkEzRDc0ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDXYsG8Mm9sVQc3r4zgWPBn9KU1w1IojtGw53dtB/KXWps1UFK
WD3FIiT+k/oknDSn09uXNFoEndd3pTJsXBs0M6M2Pasx9HQ/ZVDBgna8UYltS5u7
fYu8aHfDyv4RUmB6U2YX3uoUPYLLLXB80Rjvq1SEwDh+0dV37cnDh1CitzQnBB8j
dPGmA4BOJcNSlwCEgYz5MeZS1Z086PCxb3hGqLgtN1x6b3Q8m3IAcbwjfimAOOo1
fHD2UoB4BM6U8+i122h+Bz09KgG1ilkd+tfwSJIWnvTVy4DCJeZlXvo2dbych+Hg
lI9S0ookk5LTqqTmXEUY6JkC4n/iKdN/i+v1AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU2U+xmiM3fTs14uJFVzwJ7mo9dIkwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw
dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvMlUteG1pTTNmVHMx
NHVKRlZ6d0o3bW85ZElrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBXaRIDANBgkqhkiG9w0BAQsFAAOCAQEAMrZ4zpjYBMfl/KeDH+xn6/eodLhl
bew9WUOiTCG7frEiVrn9oOAo5HmyN/ATlbGWhDA41/nAFdaD2YdB+ZwgilWRRH2F
1bRqrzGdhKX6MOds/PalKHyVXFAwvTrgS351NeRz8UYMaCGXXJYRxa0Vd3Stbzor
wk5NmiVzcOVwvdG7JCL+EJAXTmOGx8yR3KbjgiEwxjjo8Q+5noarFVBkff8PV3FL
GEZcqbsdD1Vkx8Av8N2GlCO9OpEIMtaCOc+6f//PoHs4nl+qXmx5LZqut1bcQOkm
JLO7KRMHQk42QL+4CdlIA98ZjQ91GxZtb8Dy5N05UGNZ/tzOgmYXh677dA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:25:12 2025 by rpki-client