Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/312/pkcVefRHc892SpTt4m918JNKlrc.roa
File: pkcVefRHc892SpTt4m918JNKlrc.roa (raw, json)
Hash identifier: LRyTSX6Z3s8aqt+Hnazr2/yLIn5xgFlfVO38GiaQIbM=
Subject key identifier: A6:47:15:79:F4:47:73:CF:76:4A:94:ED:E2:6F:75:F0:93:4A:96:B7
Certificate issuer: /CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F
Certificate serial: 15E3
Authority key identifier: 85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/pkcVefRHc892SpTt4m918JNKlrc.roa
Signing time: Wed 13 Mar 2024 01:21:00 +0000
ROA not before: Wed 13 Mar 2024 01:21:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4515
IP address blocks: 120.31.164.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5603 (0x15e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85F3BFD1A14090C4829A5A313A4D31F9CC8F312F
Validity
Not Before: Mar 13 01:21:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A6471579F44773CF764A94EDE26F75F0934A96B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:66:7f:35:7d:b3:c6:65:cf:55:23:42:a9:67:
15:34:8e:12:88:ce:b9:77:01:02:73:11:0f:a0:6b:
a0:6e:69:84:a2:f0:3f:a5:a9:26:8b:22:9d:bc:47:
30:93:07:8b:6e:54:b7:5d:d6:ea:e6:3e:78:ae:8e:
7f:0c:30:ea:5d:82:94:15:a6:bb:70:db:50:a6:54:
2c:9a:a3:57:7d:86:e4:b5:73:16:d5:98:99:aa:4b:
f0:50:fd:3b:4c:ed:9a:29:b8:e5:9d:0d:6c:16:8a:
e3:be:1c:f6:d7:70:f4:cd:e0:be:93:61:3e:b2:db:
82:92:6f:6e:b5:01:0b:7e:36:2d:df:ea:ed:6b:84:
98:61:54:28:dc:83:47:9c:64:5e:c6:32:06:c3:00:
9f:45:79:b7:15:40:b0:43:d0:29:2f:f6:56:99:03:
9b:48:80:ae:54:8e:96:f5:c1:3e:3b:6b:7e:5f:2e:
d6:10:e2:30:50:28:f3:0c:a7:86:01:74:a7:7f:0a:
39:d1:5c:26:f8:59:30:82:61:23:43:c1:e9:00:ad:
fb:e6:7c:8f:50:36:9e:78:22:ca:04:b9:b0:27:68:
8b:46:1e:59:3c:ac:11:dd:d7:0b:d2:d9:8c:b1:eb:
ac:ae:d0:72:2e:0e:c3:0f:6f:1d:31:c3:b7:d0:5f:
94:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:47:15:79:F4:47:73:CF:76:4A:94:ED:E2:6F:75:F0:93:4A:96:B7
X509v3 Authority Key Identifier:
keyid:85:F3:BF:D1:A1:40:90:C4:82:9A:5A:31:3A:4D:31:F9:CC:8F:31:2F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/hfO_0aFAkMSCmloxOk0x-cyPMS8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hfO_0aFAkMSCmloxOk0x-cyPMS8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/312/pkcVefRHc892SpTt4m918JNKlrc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
120.31.164.0/22
Signature Algorithm: sha256WithRSAEncryption
49:aa:df:fc:bb:e2:f1:eb:46:f8:d4:23:2c:3e:07:ba:f4:52:
24:0f:a3:13:2f:50:a8:ea:77:c7:58:ba:bd:a9:0e:c0:28:cb:
1d:c6:df:7d:82:c1:f7:55:ed:92:bf:30:d1:41:98:d5:07:c5:
1b:44:51:f6:ba:a0:c6:df:ce:3c:30:fe:27:40:f5:b7:3e:1d:
2f:21:6b:0e:94:1a:d6:1d:6e:43:be:0e:e2:da:b9:af:1e:ed:
61:6d:bd:5a:6d:71:3c:1b:c5:d0:d8:3c:37:9f:1c:97:ca:4e:
88:9e:e0:e7:9b:28:04:67:5d:66:8e:5c:82:a0:14:32:ad:2f:
6f:c1:e3:ba:cb:5a:be:09:57:bb:86:1e:f4:7b:06:f8:f7:2c:
1a:d6:99:25:70:e4:60:62:71:14:f8:13:ad:31:88:c7:13:33:
88:9e:73:d2:5c:d0:f8:b6:a4:92:29:d0:48:ea:ee:af:64:f9:
91:72:9b:1b:bf:57:a2:10:b6:02:c1:01:67:d0:14:39:7d:38:
db:46:80:44:1f:88:ca:61:40:ad:f2:92:37:10:5f:82:1f:26:
e6:79:ad:91:df:0f:02:4d:f1:03:a5:c6:da:d6:00:65:1d:23:
5a:eb:0c:10:9c:5d:0d:ae:3f:e4:91:8f:be:94:48:d5:f7:88:
37:f9:b2:4d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFeMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODVG
M0JGRDFBMTQwOTBDNDgyOUE1QTMxM0E0RDMxRjlDQzhGMzEyRjAeFw0yNDAzMTMw
MTIxMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE2NDcxNTc5RjQ0Nzcz
Q0Y3NjRBOTRFREUyNkY3NUYwOTM0QTk2QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQZn81fbPGZc9VI0KpZxU0jhKIzrl3AQJzEQ+ga6BuaYSi8D+l
qSaLIp28RzCTB4tuVLdd1urmPniujn8MMOpdgpQVprtw21CmVCyao1d9huS1cxbV
mJmqS/BQ/TtM7ZopuOWdDWwWiuO+HPbXcPTN4L6TYT6y24KSb261AQt+Ni3f6u1r
hJhhVCjcg0ecZF7GMgbDAJ9FebcVQLBD0Ckv9laZA5tIgK5Ujpb1wT47a35fLtYQ
4jBQKPMMp4YBdKd/CjnRXCb4WTCCYSNDwekArfvmfI9QNp54IsoEubAnaItGHlk8
rBHd1wvS2Yyx66yu0HIuDsMPbx0xw7fQX5RjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUpkcVefRHc892SpTt4m918JNKlrcwHwYDVR0jBBgwFoAUhfO/0aFAkMSCmlox
Ok0x+cyPMS8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEy
L2hmT18wYUZBa01TQ21sb3hPazB4LWN5UE1TOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaGZPXzBhRkFrTVNDbWxveE9rMHgtY3lQTVM4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEyL3BrY1ZlZlJIYzg5MlNw
VHQ0bTkxOEpOS2xyYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ4H6QwDQYJKoZIhvcNAQELBQADggEBAEmq3/y74vHrRvjUIyw+B7r0UiQPoxMv
UKjqd8dYur2pDsAoyx3G332CwfdV7ZK/MNFBmNUHxRtEUfa6oMbfzjww/idA9bc+
HS8haw6UGtYdbkO+DuLaua8e7WFtvVptcTwbxdDYPDefHJfKToie4OebKARnXWaO
XIKgFDKtL2/B47rLWr4JV7uGHvR7Bvj3LBrWmSVw5GBicRT4E60xiMcTM4iec9Jc
0Pi2pJIp0Ejq7q9k+ZFymxu/V6IQtgLBAWfQFDl9ONtGgEQfiMphQK3ykjcQX4If
JuZ5rZHfDwJN8QOlxtrWAGUdI1rrDBCcXQ2uP+SRj76USNX3iDf5sk0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:18 2025 by rpki-client