Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/qaQsj97RIgR0fO-aCsGf9j3F6Oc.roa
File: qaQsj97RIgR0fO-aCsGf9j3F6Oc.roa (raw, json)
Hash identifier: VyklnB2JyWdtvARiWzho5oE3/MWhkSznyQaJBpqxO6E=
Subject key identifier: A9:A4:2C:8F:DE:D1:22:04:74:7C:EF:9A:0A:C1:9F:F6:3D:C5:E8:E7
Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708
Certificate serial: 1CB5
Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/qaQsj97RIgR0fO-aCsGf9j3F6Oc.roa
Signing time: Thu 02 Jan 2025 13:58:22 +0000
ROA not before: Thu 02 Jan 2025 13:58:22 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4811
IP address blocks: 180.184.152.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7349 (0x1cb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708
Validity
Not Before: Jan 2 13:58:22 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=A9A42C8FDED12204747CEF9A0AC19FF63DC5E8E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6a:e6:7f:37:40:d5:ed:e0:7d:65:45:d2:3e:
af:78:3c:0e:7b:b6:5c:58:ec:4d:e3:c4:89:51:e1:
bb:56:1c:a0:c3:d7:2c:79:3c:aa:67:b1:83:30:be:
88:86:56:88:f9:ef:93:6a:cf:85:ba:a6:58:1c:b4:
b0:80:64:78:cf:a9:2b:be:3e:c3:a8:b3:2e:64:70:
76:08:b9:ec:bf:a6:cf:76:6c:cb:58:03:54:2e:e2:
0a:12:da:f9:6b:d8:69:43:78:80:e4:0a:1d:fd:24:
19:11:08:e3:22:23:20:f3:58:08:b7:02:06:e6:89:
17:2d:c9:69:6b:08:5a:e4:d1:e7:88:db:30:e9:2f:
dd:b7:11:53:ed:f9:10:16:5e:dd:d1:96:0c:1b:41:
4a:98:89:dd:00:a9:44:bd:a8:89:f6:e9:a9:0f:81:
c6:b1:4b:40:6f:f7:a3:83:e4:d4:6a:b5:58:2b:d5:
09:51:c7:40:48:43:38:10:2d:38:70:ac:2f:4b:c9:
4b:35:5b:a4:2e:14:3e:5a:d3:38:3f:9b:ae:9c:84:
0b:a7:7f:a1:bc:e9:f3:af:d7:87:06:b2:04:99:3c:
9d:22:74:19:d7:b5:db:f4:57:43:55:3e:03:07:86:
c0:f9:06:48:6e:94:60:9b:cf:2c:e0:1c:e7:20:c1:
8c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A4:2C:8F:DE:D1:22:04:74:7C:EF:9A:0A:C1:9F:F6:3D:C5:E8:E7
X509v3 Authority Key Identifier:
keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/qaQsj97RIgR0fO-aCsGf9j3F6Oc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.184.152.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:90:eb:07:d7:40:e0:e2:d6:c6:6f:20:b1:cd:46:d4:17:4c:
24:3e:37:42:8b:14:2e:a1:4b:dc:16:56:8e:32:1d:db:03:ea:
e6:c4:31:a2:ee:2b:5a:00:ef:45:d7:c7:34:0d:d2:c5:03:af:
9c:97:02:65:25:28:c1:e7:3d:4b:7a:30:51:7d:e7:0b:a2:b4:
81:c8:f4:a9:4d:30:5b:8c:39:73:9e:91:9e:be:b3:88:b7:f6:
d5:51:8e:55:cf:5f:88:6d:5c:36:db:92:49:43:47:18:69:7f:
44:38:bd:08:75:c6:5a:5c:4e:c0:8c:a0:ec:e9:72:42:ca:6c:
ec:56:b7:c6:94:f5:f6:97:5e:bd:5f:0c:c6:02:15:44:46:73:
81:28:4d:3e:5b:74:34:9f:32:96:a1:0e:49:19:4b:43:fb:7f:
65:8e:f8:72:b7:ff:e8:38:7d:9e:0d:7e:3e:57:eb:09:e2:12:
e8:53:e8:b4:e6:7b:00:21:59:a0:6b:8a:ee:d3:0a:34:13:c3:
55:1e:78:a8:6f:e9:5a:0a:d6:7d:62:50:7c:94:0c:96:a8:16:
2c:ee:12:f3:9a:a6:29:48:6a:84:41:b6:86:64:80:48:f4:3d:
25:13:28:b6:5e:71:fa:a7:b2:b2:99:70:3d:27:15:29:19:ab:
86:f2:ee:bc
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHLUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4
QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx
MzU4MjJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEE5QTQyQzhGREVEMTIy
MDQ3NDdDRUY5QTBBQzE5RkY2M0RDNUU4RTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJauZ/N0DV7eB9ZUXSPq94PA57tlxY7E3jxIlR4btWHKDD1yx5
PKpnsYMwvoiGVoj575Nqz4W6plgctLCAZHjPqSu+PsOosy5kcHYIuey/ps92bMtY
A1Qu4goS2vlr2GlDeIDkCh39JBkRCOMiIyDzWAi3AgbmiRctyWlrCFrk0eeI2zDp
L923EVPt+RAWXt3RlgwbQUqYid0AqUS9qIn26akPgcaxS0Bv96OD5NRqtVgr1QlR
x0BIQzgQLThwrC9LyUs1W6QuFD5a0zg/m66chAunf6G86fOv14cGsgSZPJ0idBnX
tdv0V0NVPgMHhsD5BkhulGCbzyzgHOcgwYxvAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUqaQsj97RIgR0fO+aCsGf9j3F6OcwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw
dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvcWFRc2o5N1JJZ1Iw
Zk8tYUNzR2Y5ajNGNk9jLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEArS4mDANBgkqhkiG9w0BAQsFAAOCAQEAuZDrB9dA4OLWxm8gsc1G1BdMJD43
QosULqFL3BZWjjId2wPq5sQxou4rWgDvRdfHNA3SxQOvnJcCZSUowec9S3owUX3n
C6K0gcj0qU0wW4w5c56Rnr6ziLf21VGOVc9fiG1cNtuSSUNHGGl/RDi9CHXGWlxO
wIyg7OlyQsps7Fa3xpT19pdevV8MxgIVREZzgShNPlt0NJ8ylqEOSRlLQ/t/ZY74
crf/6Dh9ng1+PlfrCeIS6FPotOZ7ACFZoGuK7tMKNBPDVR54qG/pWgrWfWJQfJQM
lqgWLO4S85qmKUhqhEG2hmSASPQ9JRMotl5x+qeysplwPScVKRmrhvLuvA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:08:46 2025 by rpki-client