Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3051/uKdWCaEnVONu4fZr7N9srVNLqMU.roa
File: uKdWCaEnVONu4fZr7N9srVNLqMU.roa (raw, json)
Hash identifier: bLAMgiyp/+z7wYa7NqzIhJJBnnzmKA4F9e4V4dRy4g4=
Subject key identifier: B8:A7:56:09:A1:27:54:E3:6E:E1:F6:6B:EC:DF:6C:AD:53:4B:A8:C5
Certificate issuer: /CN=FC03F2F966F62BFDC66B041562E9BA40032DA09E
Certificate serial: 1D2C
Authority key identifier: FC:03:F2:F9:66:F6:2B:FD:C6:6B:04:15:62:E9:BA:40:03:2D:A0:9E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_APy-Wb2K_3GawQVYum6QAMtoJ4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3051/uKdWCaEnVONu4fZr7N9srVNLqMU.roa
Signing time: Fri 17 Jan 2025 01:27:11 +0000
ROA not before: Fri 17 Jan 2025 01:27:11 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24409
IP address blocks: 111.223.8.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7468 (0x1d2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FC03F2F966F62BFDC66B041562E9BA40032DA09E
Validity
Not Before: Jan 17 01:27:11 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=B8A75609A12754E36EE1F66BECDF6CAD534BA8C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bc:0d:4a:60:4d:66:17:ce:b0:a8:00:05:d0:
25:32:7a:85:72:53:59:74:a0:f3:dc:b8:87:7a:af:
34:b1:55:ad:be:84:74:96:c1:ff:92:25:9e:47:dc:
08:00:2d:27:8c:2a:30:74:af:0e:21:7d:fd:2b:ba:
75:64:6c:1c:65:70:14:46:b4:f9:a9:72:f8:db:13:
88:3c:45:c7:34:dd:28:d4:ab:77:82:8a:17:42:c2:
8f:26:d9:a3:d5:66:44:07:3d:9a:05:d4:e4:15:bd:
f9:b7:f5:63:4c:a7:78:f2:07:e4:d9:77:8f:73:cc:
d8:8d:43:a7:85:d4:cb:09:e1:30:0a:d5:c7:35:d1:
ad:5a:58:45:62:72:fb:76:76:2b:71:b8:6f:b9:b1:
89:3c:4f:51:9d:62:ca:45:aa:60:e7:67:3a:de:8b:
e2:d7:14:2e:49:0b:43:28:45:5b:0e:f5:28:ad:65:
ef:5c:a0:81:2e:11:04:58:55:97:5b:1e:a2:03:6f:
da:34:3d:79:f2:d6:d1:b9:70:ec:f7:06:ad:fb:0a:
15:4e:4e:c2:63:12:38:08:9c:7c:81:0b:12:52:1c:
70:b9:74:11:c6:c4:e5:d2:34:fc:ca:95:d2:5e:6d:
0d:3f:bd:ef:36:7a:4b:9b:a9:02:76:8a:ce:37:c9:
bb:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A7:56:09:A1:27:54:E3:6E:E1:F6:6B:EC:DF:6C:AD:53:4B:A8:C5
X509v3 Authority Key Identifier:
keyid:FC:03:F2:F9:66:F6:2B:FD:C6:6B:04:15:62:E9:BA:40:03:2D:A0:9E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3051/_APy-Wb2K_3GawQVYum6QAMtoJ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_APy-Wb2K_3GawQVYum6QAMtoJ4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3051/uKdWCaEnVONu4fZr7N9srVNLqMU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
111.223.8.0/22
Signature Algorithm: sha256WithRSAEncryption
19:83:88:76:e2:12:e8:29:17:ed:2b:f7:40:e7:ca:78:29:42:
3c:dc:32:12:99:07:73:81:f2:f2:82:d9:9b:dc:e4:a4:14:0d:
ae:89:a5:b4:92:d7:16:e9:fc:fa:d9:9e:af:a2:03:86:30:be:
2a:db:0d:e3:2d:cd:98:cb:b5:98:53:22:48:ba:62:af:bd:26:
0c:7e:31:cb:12:1c:ac:0f:7e:df:34:ec:4b:ed:f7:56:85:6d:
fa:42:56:05:a6:ba:b8:90:1b:f7:26:d6:40:58:37:7f:f1:65:
17:87:6e:71:2c:ea:46:a2:22:f9:28:39:76:43:73:a4:84:60:
7d:63:2e:84:f1:f2:f5:1f:23:68:8b:a8:b8:6f:0c:2d:39:d8:
dd:82:88:1d:6d:ae:c7:b6:79:e0:6f:2c:fb:93:57:74:84:43:
f0:72:92:f5:6a:da:1c:e4:8c:5e:2a:23:c8:bb:4e:9a:7c:af:
66:a5:bf:44:f8:cc:cf:15:27:47:a5:09:b0:df:a4:ea:96:da:
e5:25:e1:d6:9f:e7:f8:f0:c6:00:0f:73:31:60:22:ee:3c:37:
60:72:d5:00:0c:8e:a9:c7:b9:ad:8e:a0:14:f2:0c:1e:d8:96:
9c:55:6e:4e:d2:a1:6e:16:97:92:48:8a:f4:02:a2:39:45:8f:
ee:43:7a:b2
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHSwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkMw
M0YyRjk2NkY2MkJGREM2NkIwNDE1NjJFOUJBNDAwMzJEQTA5RTAeFw0yNTAxMTcw
MTI3MTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEI4QTc1NjA5QTEyNzU0
RTM2RUUxRjY2QkVDREY2Q0FENTM0QkE4QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChvA1KYE1mF86wqAAF0CUyeoVyU1l0oPPcuId6rzSxVa2+hHSW
wf+SJZ5H3AgALSeMKjB0rw4hff0runVkbBxlcBRGtPmpcvjbE4g8Rcc03SjUq3eC
ihdCwo8m2aPVZkQHPZoF1OQVvfm39WNMp3jyB+TZd49zzNiNQ6eF1MsJ4TAK1cc1
0a1aWEVicvt2ditxuG+5sYk8T1GdYspFqmDnZzrei+LXFC5JC0MoRVsO9SitZe9c
oIEuEQRYVZdbHqIDb9o0PXny1tG5cOz3Bq37ChVOTsJjEjgInHyBCxJSHHC5dBHG
xOXSNPzKldJebQ0/ve82ekubqQJ2is43ybs3AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUuKdWCaEnVONu4fZr7N9srVNLqMUwHwYDVR0jBBgwFoAU/APy+Wb2K/3GawQV
Yum6QAMtoJ4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA1
MS9fQVB5LVdiMktfM0dhd1FWWXVtNlFBTXRvSjQuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL19BUHktV2IyS18zR2F3UVZZdW02UUFNdG9KNC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNTEvdUtkV0NhRW5WT051
NGZacjdOOXNyVk5McU1VLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAm/fCDANBgkqhkiG9w0BAQsFAAOCAQEAGYOIduIS6CkX7Sv3QOfKeClCPNwy
EpkHc4Hy8oLZm9zkpBQNromltJLXFun8+tmer6IDhjC+KtsN4y3NmMu1mFMiSLpi
r70mDH4xyxIcrA9+3zTsS+33VoVt+kJWBaa6uJAb9ybWQFg3f/FlF4ducSzqRqIi
+Sg5dkNzpIRgfWMuhPHy9R8jaIuouG8MLTnY3YKIHW2ux7Z54G8s+5NXdIRD8HKS
9WraHOSMXiojyLtOmnyvZqW/RPjMzxUnR6UJsN+k6pba5SXh1p/n+PDGAA9zMWAi
7jw3YHLVAAyOqce5rY6gFPIMHtiWnFVuTtKhbhaXkkiK9AKiOUWP7kN6sg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:18 2025 by rpki-client