Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/1m23rT-wybp3qouRQDx2Vz2wxR4.roa
File: 1m23rT-wybp3qouRQDx2Vz2wxR4.roa (raw, json)
Hash identifier: y8i5IlKTRoVcIG5j8BxxzmgFF49GPZJEaTsCLoyhdMA=
Subject key identifier: D6:6D:B7:AD:3F:B0:C9:BA:77:AA:8B:91:40:3C:76:57:3D:B0:C5:1E
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 15DF
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/1m23rT-wybp3qouRQDx2Vz2wxR4.roa
Signing time: Thu 06 Feb 2025 08:17:37 +0000
ROA not before: Thu 06 Feb 2025 08:17:37 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4766
IP address blocks: 180.223.240.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5599 (0x15df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Feb 6 08:17:37 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D66DB7AD3FB0C9BA77AA8B91403C76573DB0C51E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3f:6e:cb:bc:14:4c:f3:13:6d:11:3b:31:d6:
5a:a5:75:83:13:9c:fa:d0:3e:9d:3a:47:5f:92:6a:
f6:b4:d6:9c:30:b2:a6:ba:30:94:53:07:78:d6:ff:
d4:3f:b2:96:63:39:7f:ed:d9:5e:61:cc:db:19:c1:
f6:b5:16:b9:2b:6b:33:16:1d:b7:00:15:c5:ee:5f:
21:a0:20:c9:6f:c4:c8:a3:13:c5:a8:8e:4e:c0:59:
d1:5e:e5:b4:78:bc:5a:3e:e9:d1:2d:b1:cb:60:30:
5c:38:3c:3f:b7:e3:83:63:32:12:92:b0:6b:fa:b9:
7d:4b:70:ae:d4:0d:9b:b8:3b:2e:e9:f2:1e:45:71:
f2:7e:52:e2:e4:54:08:3d:3b:10:28:d6:a5:ce:0c:
bf:1c:04:00:2d:a0:f5:c7:4b:0b:c5:20:c2:b8:dc:
fa:1c:e0:5c:c4:02:c6:a4:fa:ac:44:df:c1:4a:87:
39:06:ce:60:83:2a:ee:75:59:7f:65:72:97:67:4c:
16:a7:16:dd:aa:39:3d:f2:40:cb:9d:a4:46:6b:70:
cd:df:88:c7:ac:21:a4:29:f5:fd:c5:af:aa:30:8f:
6d:38:bb:92:11:09:4f:bf:06:e0:28:ca:1d:b4:e2:
04:1c:6e:95:d9:bd:fb:75:cf:e0:11:38:fc:3d:6b:
81:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:6D:B7:AD:3F:B0:C9:BA:77:AA:8B:91:40:3C:76:57:3D:B0:C5:1E
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/1m23rT-wybp3qouRQDx2Vz2wxR4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.240.0/21
Signature Algorithm: sha256WithRSAEncryption
7b:75:86:1a:72:b7:13:e2:fe:68:67:da:77:e4:ab:be:26:07:
83:5c:9a:99:86:3a:ff:07:f6:34:ca:2e:ff:27:5f:54:16:c1:
e6:d1:40:5f:48:57:b0:ad:89:90:4b:1e:16:23:38:92:c9:60:
27:2a:d2:16:ab:d8:27:2b:d8:1a:af:53:7b:7c:ab:02:d5:0b:
3a:84:39:2c:19:55:70:82:08:36:19:09:90:d5:60:bb:fb:1f:
5d:30:19:69:92:0f:b7:3e:5d:94:cf:7e:34:d6:71:5d:6d:58:
a4:90:ba:cc:b4:81:81:b8:a1:0a:35:74:40:95:d1:54:ac:f1:
0e:a5:3c:97:d6:9c:3a:24:0d:64:4b:21:cc:0a:ce:7d:94:2a:
32:01:55:c5:bb:39:a2:f4:f8:f0:df:62:de:44:43:08:53:7f:
92:00:be:27:cf:2b:cb:ec:5d:64:14:9b:14:6e:00:40:79:b7:
41:6f:e9:c6:06:a8:29:9c:6a:b1:5b:d7:b0:73:94:47:b2:f1:
eb:71:16:89:a5:3e:9e:87:ca:81:bb:27:3f:0f:0a:48:ea:7d:
3e:51:d4:4a:1e:ef:b0:83:98:92:13:6b:41:51:6c:8b:a3:7a:
a7:dd:e9:b6:3b:d8:5a:6e:04:bb:2b:96:91:99:0e:2d:b9:76:
ea:88:56:5c
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFd8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAyMDYw
ODE3MzdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ2NkRCN0FEM0ZCMEM5
QkE3N0FBOEI5MTQwM0M3NjU3M0RCMEM1MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDP27LvBRM8xNtETsx1lqldYMTnPrQPp06R1+Sava01pwwsqa6
MJRTB3jW/9Q/spZjOX/t2V5hzNsZwfa1FrkrazMWHbcAFcXuXyGgIMlvxMijE8Wo
jk7AWdFe5bR4vFo+6dEtsctgMFw4PD+344NjMhKSsGv6uX1LcK7UDZu4Oy7p8h5F
cfJ+UuLkVAg9OxAo1qXODL8cBAAtoPXHSwvFIMK43Poc4FzEAsak+qxE38FKhzkG
zmCDKu51WX9lcpdnTBanFt2qOT3yQMudpEZrcM3fiMesIaQp9f3Fr6owj204u5IR
CU+/BuAoyh204gQcbpXZvft1z+AROPw9a4GtAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU1m23rT+wybp3qouRQDx2Vz2wxR4wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvMW0yM3JULXd5YnAz
cW91UlFEeDJWejJ3eFI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA7Tf8DANBgkqhkiG9w0BAQsFAAOCAQEAe3WGGnK3E+L+aGfad+SrviYHg1ya
mYY6/wf2NMou/ydfVBbB5tFAX0hXsK2JkEseFiM4kslgJyrSFqvYJyvYGq9Te3yr
AtULOoQ5LBlVcIIINhkJkNVgu/sfXTAZaZIPtz5dlM9+NNZxXW1YpJC6zLSBgbih
CjV0QJXRVKzxDqU8l9acOiQNZEshzArOfZQqMgFVxbs5ovT48N9i3kRDCFN/kgC+
J88ry+xdZBSbFG4AQHm3QW/pxgaoKZxqsVvXsHOUR7Lx63EWiaU+nofKgbsnPw8K
SOp9PlHUSh7vsIOYkhNrQVFsi6N6p93ptjvYWm4EuyuWkZkOLbl26ohWXA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:34:16 2025 by rpki-client