Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/EHVQbTIKrJU3agaNtnJ_G12O8VE.roa
File: EHVQbTIKrJU3agaNtnJ_G12O8VE.roa (raw, json)
Hash identifier: cTRh7AMNBw/udrAvqSalKqxu5+nrSFSA4xPT3Uy8kAs=
Subject key identifier: 10:75:50:6D:32:0A:AC:95:37:6A:06:8D:B6:72:7F:1B:5D:8E:F1:51
Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98
Certificate serial: 0960
Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/EHVQbTIKrJU3agaNtnJ_G12O8VE.roa
Signing time: Mon 20 Jan 2025 01:30:16 +0000
ROA not before: Mon 20 Jan 2025 01:30:16 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 37968
IP address blocks: 202.46.224.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2400 (0x960)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98
Validity
Not Before: Jan 20 01:30:16 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=1075506D320AAC95376A068DB6727F1B5D8EF151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9b:18:d4:de:f6:ac:1f:f2:e8:c2:41:ae:14:
98:69:19:19:30:05:d7:5c:e9:a7:f0:1c:d2:7b:56:
0b:8e:cd:fe:cd:8e:04:a4:01:e9:1e:c6:6e:d4:dc:
1e:9a:12:58:5a:90:a3:dd:87:34:1f:c2:d6:96:8e:
7a:42:99:3b:57:28:7b:1a:5b:72:bb:ff:da:ce:23:
04:2b:24:7e:4d:0d:7d:53:a5:3d:b5:2c:69:33:eb:
49:e2:e1:58:c3:cd:44:da:36:b2:75:ef:89:d8:54:
81:60:36:7f:59:2d:ac:7c:b7:25:fa:22:c6:97:33:
c1:34:ec:f8:e5:8d:d8:80:57:5d:18:d7:8d:09:1e:
a6:7b:99:c4:30:37:dc:99:0a:32:88:fc:f2:c9:33:
c5:ee:da:cf:c9:c2:20:c3:d4:e0:0f:2f:aa:a4:19:
35:30:ea:9a:ed:de:d2:56:d6:64:23:90:c2:33:be:
65:64:b5:6b:a1:71:4a:6c:38:b0:d8:f8:7b:a3:a7:
33:8a:19:55:40:77:e8:d8:94:5f:37:12:17:ea:f0:
ac:6f:01:ac:44:7a:49:2b:4c:47:b7:a5:f5:81:78:
1e:77:b2:9b:90:dd:1c:e7:1f:c0:3c:76:74:5a:3d:
a1:6d:a1:e9:96:64:3c:b7:a6:74:57:61:d9:d0:52:
11:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:75:50:6D:32:0A:AC:95:37:6A:06:8D:B6:72:7F:1B:5D:8E:F1:51
X509v3 Authority Key Identifier:
keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/EHVQbTIKrJU3agaNtnJ_G12O8VE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.46.224.0/22
Signature Algorithm: sha256WithRSAEncryption
18:ff:54:da:52:67:b6:03:78:0f:73:22:72:7e:f9:75:bf:d5:
28:c3:19:6b:e3:f0:dc:a9:93:41:cd:2c:b7:99:1e:d4:67:a2:
f5:0a:8a:13:9b:12:b8:07:03:f1:88:88:ee:5a:cc:b3:f1:1f:
b5:8a:2b:e0:e5:dc:26:79:f7:17:b5:5b:41:64:4c:6b:52:fe:
3e:ce:b1:08:f1:25:c4:0c:f0:2a:cc:ad:0a:91:b3:9e:56:e9:
07:d4:ae:21:cd:f7:84:ec:19:2d:c2:8b:a7:ee:b9:5a:d9:cf:
1b:03:0d:27:cd:1c:93:33:5f:a0:88:8e:d9:9a:b4:bb:55:03:
52:ff:fc:05:d5:6a:32:af:41:fb:10:d5:47:e4:23:b2:39:e0:
19:f9:47:ef:b8:e0:f9:92:49:9d:fe:a2:c3:44:c1:c9:12:b1:
53:36:a8:8d:0b:b4:35:1c:29:70:73:a0:61:97:6f:e9:ff:85:
7b:de:a2:8a:fc:14:9d:4d:3d:22:7f:c0:f0:a0:d6:6c:a1:f1:
36:84:59:e1:84:aa:2c:34:25:5e:76:3f:aa:6f:7e:ac:a2:7a:
be:9d:e0:62:a7:5b:6b:e2:ff:81:32:c8:d1:39:9d:42:a6:ee:
9e:d5:bc:72:d9:54:1c:18:4a:f3:1d:ab:05:dd:71:d6:48:dd:
aa:6e:9e:18
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCWAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix
NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNTAxMjAw
MTMwMTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDEwNzU1MDZEMzIwQUFD
OTUzNzZBMDY4REI2NzI3RjFCNUQ4RUYxNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjmxjU3vasH/LowkGuFJhpGRkwBddc6afwHNJ7VguOzf7NjgSk
Aekexm7U3B6aElhakKPdhzQfwtaWjnpCmTtXKHsaW3K7/9rOIwQrJH5NDX1TpT21
LGkz60ni4VjDzUTaNrJ174nYVIFgNn9ZLax8tyX6IsaXM8E07PjljdiAV10Y140J
HqZ7mcQwN9yZCjKI/PLJM8Xu2s/JwiDD1OAPL6qkGTUw6prt3tJW1mQjkMIzvmVk
tWuhcUpsOLDY+HujpzOKGVVAd+jYlF83Ehfq8KxvAaxEekkrTEe3pfWBeB53spuQ
3RznH8A8dnRaPaFtoemWZDy3pnRXYdnQUhEzAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUEHVQbTIKrJU3agaNtnJ/G12O8VEwHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b
3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvRUhWUWJUSUtySlUz
YWdhTnRuSl9HMTJPOFZFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAsou4DANBgkqhkiG9w0BAQsFAAOCAQEAGP9U2lJntgN4D3Micn75db/VKMMZ
a+Pw3KmTQc0st5ke1Gei9QqKE5sSuAcD8YiI7lrMs/EftYor4OXcJnn3F7VbQWRM
a1L+Ps6xCPElxAzwKsytCpGznlbpB9SuIc33hOwZLcKLp+65WtnPGwMNJ80ckzNf
oIiO2Zq0u1UDUv/8BdVqMq9B+xDVR+QjsjngGflH77jg+ZJJnf6iw0TByRKxUzao
jQu0NRwpcHOgYZdv6f+Fe96iivwUnU09In/A8KDWbKHxNoRZ4YSqLDQlXnY/qm9+
rKJ6vp3gYqdba+L/gTLI0TmdQqbuntW8ctlUHBhK8x2rBd1x1kjdqm6eGA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:00 2025 by rpki-client