Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/QoygC503zB9UhYQRK0yJAngXydE.roa
File: QoygC503zB9UhYQRK0yJAngXydE.roa (raw, json)
Hash identifier: KNez+K6+OCeScScg77MsRmHq7Z5IruqTKrpc4Ul+Pf0=
Subject key identifier: 42:8C:A0:0B:9D:37:CC:1F:54:85:84:11:2B:4C:89:02:78:17:C9:D1
Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708
Certificate serial: 1CC7
Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/QoygC503zB9UhYQRK0yJAngXydE.roa
Signing time: Thu 02 Jan 2025 13:58:27 +0000
ROA not before: Thu 02 Jan 2025 13:58:27 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4808
IP address blocks: 180.184.24.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7367 (0x1cc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708
Validity
Not Before: Jan 2 13:58:27 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=428CA00B9D37CC1F548584112B4C89027817C9D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a3:fa:5a:7c:40:33:31:34:30:bb:bf:03:a6:
8c:81:d5:79:14:22:50:85:68:53:b7:21:b4:59:ab:
b3:de:df:56:53:e5:9a:42:0b:e4:b1:b1:5f:84:df:
31:98:b1:c4:d7:4a:1e:56:00:f3:7c:92:e7:d3:a0:
d6:e2:c7:d7:2d:9f:ab:e8:2a:32:e4:19:c7:cb:ab:
7f:87:de:3d:ec:a0:2d:2a:8d:67:9f:36:b4:be:be:
b1:54:78:67:11:90:81:c6:9b:32:ad:82:c5:70:29:
46:ea:25:e2:79:f9:62:85:3c:2b:77:c1:8f:0c:44:
6b:91:8a:7c:b9:c5:53:b7:4b:40:52:4c:44:63:10:
2b:83:65:dc:d0:7c:b4:7e:08:90:6f:e9:d2:e2:c8:
92:47:5d:1c:f3:fd:72:d4:d0:33:48:44:91:a6:49:
bf:10:b5:3f:84:56:be:23:51:a2:43:a4:dd:c8:10:
7a:8d:a1:c5:9f:c9:89:76:89:3b:ac:7c:55:ff:49:
79:b1:69:e9:ac:fe:9b:80:37:5f:f0:18:15:54:11:
b4:de:86:5c:46:84:dd:a3:87:00:6a:5b:73:44:b3:
d2:1e:bb:7f:cc:9a:75:ea:8c:e7:5e:06:60:eb:72:
39:63:a1:98:05:0f:16:9c:c0:8c:90:96:5b:cc:0e:
c6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8C:A0:0B:9D:37:CC:1F:54:85:84:11:2B:4C:89:02:78:17:C9:D1
X509v3 Authority Key Identifier:
keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/QoygC503zB9UhYQRK0yJAngXydE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.184.24.0/21
Signature Algorithm: sha256WithRSAEncryption
47:ae:ea:c9:3d:d4:b4:0f:c7:46:80:0f:82:ab:63:bd:4b:0b:
97:e5:91:2f:5c:91:f0:89:4c:ea:fb:55:e8:32:32:62:54:90:
f6:8d:91:4e:0f:f9:9e:18:7c:f1:89:8c:47:3e:e2:31:50:5d:
6d:c5:d6:ff:f0:b5:6a:fc:f7:ee:ee:2e:f1:d0:fe:9d:ec:fc:
a8:42:c3:16:72:06:c5:fd:ec:2b:3d:88:d4:46:8f:ad:5b:13:
ef:49:87:18:ab:d2:d4:20:93:97:11:ad:b6:f3:b0:f2:37:fc:
42:46:d1:dd:52:94:9c:73:f9:24:6d:72:6d:4e:f8:50:2a:43:
d4:ab:ea:94:a8:7c:fd:f1:e7:de:a9:17:af:75:a5:79:f2:4f:
c5:0d:8c:fb:12:0b:93:2b:09:58:ab:98:d5:e4:57:4f:fa:ac:
1c:32:1a:63:da:81:91:23:4b:67:cd:c3:43:7d:f6:b1:0a:96:
67:9a:79:a2:90:9c:05:7c:20:b7:97:20:ac:66:f5:71:cd:cf:
be:84:fe:7f:f1:72:ec:0e:9b:b1:d7:1f:f7:46:f0:b1:7e:c2:
f1:44:bc:a7:5e:78:af:e2:20:ab:0d:de:89:1f:83:d0:8f:65:
80:3a:d4:89:22:11:4d:c3:43:59:98:c7:2b:69:cd:0a:6a:38:
c2:ae:56:70
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHMcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4
QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx
MzU4MjdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQyOENBMDBCOUQzN0ND
MUY1NDg1ODQxMTJCNEM4OTAyNzgxN0M5RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5o/pafEAzMTQwu78DpoyB1XkUIlCFaFO3IbRZq7Pe31ZT5ZpC
C+SxsV+E3zGYscTXSh5WAPN8kufToNbix9ctn6voKjLkGcfLq3+H3j3soC0qjWef
NrS+vrFUeGcRkIHGmzKtgsVwKUbqJeJ5+WKFPCt3wY8MRGuRiny5xVO3S0BSTERj
ECuDZdzQfLR+CJBv6dLiyJJHXRzz/XLU0DNIRJGmSb8QtT+EVr4jUaJDpN3IEHqN
ocWfyYl2iTusfFX/SXmxaems/puAN1/wGBVUEbTehlxGhN2jhwBqW3NEs9Ieu3/M
mnXqjOdeBmDrcjljoZgFDxacwIyQllvMDsapAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUQoygC503zB9UhYQRK0yJAngXydEwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw
dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvUW95Z0M1MDN6QjlV
aFlRUksweUpBbmdYeWRFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA7S4GDANBgkqhkiG9w0BAQsFAAOCAQEAR67qyT3UtA/HRoAPgqtjvUsLl+WR
L1yR8IlM6vtV6DIyYlSQ9o2RTg/5nhh88YmMRz7iMVBdbcXW//C1avz37u4u8dD+
nez8qELDFnIGxf3sKz2I1EaPrVsT70mHGKvS1CCTlxGttvOw8jf8QkbR3VKUnHP5
JG1ybU74UCpD1KvqlKh8/fHn3qkXr3WlefJPxQ2M+xILkysJWKuY1eRXT/qsHDIa
Y9qBkSNLZ83DQ332sQqWZ5p5opCcBXwgt5cgrGb1cc3PvoT+f/Fy7A6bsdcf90bw
sX7C8US8p154r+Igqw3eiR+D0I9lgDrUiSIRTcNDWZjHK2nNCmo4wq5WcA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:27:38 2025 by rpki-client