Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/3IZZ4gYvhqsHR4IoEzFnPWAOLmM.roa
File: 3IZZ4gYvhqsHR4IoEzFnPWAOLmM.roa (raw, json)
Hash identifier: 6EoI5cdflmk6oeFriHKiYYN6fe7Wl2b4dMlpznPMdOI=
Subject key identifier: DC:86:59:E2:06:2F:86:AB:07:47:82:28:13:31:67:3D:60:0E:2E:63
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 1621
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/3IZZ4gYvhqsHR4IoEzFnPWAOLmM.roa
Signing time: Sun 16 Feb 2025 03:29:01 +0000
ROA not before: Sun 16 Feb 2025 03:29:01 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 7018
IP address blocks: 180.223.232.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5665 (0x1621)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Feb 16 03:29:01 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=DC8659E2062F86AB074782281331673D600E2E63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2d:28:bd:43:c1:7c:53:bb:8c:ba:dc:40:f4:
4d:86:ee:fe:15:d0:82:af:ec:39:ee:bb:88:be:92:
64:05:11:6a:ff:2e:3d:c8:6f:4f:a6:3c:cd:3e:19:
0f:ac:58:ac:db:57:12:9f:e5:2d:f8:81:71:f5:fd:
ab:92:72:e3:08:85:bb:7d:fc:e5:70:76:64:c4:2b:
0d:15:7b:4b:ae:34:24:0c:81:bc:5a:3d:67:c7:02:
d2:83:3e:4c:53:b3:2d:a6:be:c3:af:1b:eb:08:4c:
89:0c:a3:e6:97:36:bb:86:29:4f:62:04:64:2b:ed:
83:6b:af:f2:3b:e4:4d:8d:33:c1:2d:bb:47:0a:27:
4e:d0:8c:d7:76:d7:9c:95:88:2c:2b:2c:55:07:19:
7a:90:ff:f9:8e:aa:ee:f5:df:fc:be:99:52:d3:df:
77:8d:bf:1b:e1:0e:75:43:16:b3:2b:b7:8a:c9:f2:
d9:d0:21:19:d3:27:8e:06:bb:c9:77:2f:f2:49:85:
18:52:62:29:b8:5f:39:20:91:f4:7c:01:c9:79:38:
2e:98:e2:91:f5:38:08:c1:7c:5b:38:37:5c:1a:12:
8b:f9:3e:d9:29:c3:3c:77:77:0e:df:da:a1:fb:4d:
18:bb:be:41:64:26:09:ee:ab:b0:28:80:47:a6:5c:
ea:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:86:59:E2:06:2F:86:AB:07:47:82:28:13:31:67:3D:60:0E:2E:63
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/3IZZ4gYvhqsHR4IoEzFnPWAOLmM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.232.0/21
Signature Algorithm: sha256WithRSAEncryption
2a:9c:82:f0:cd:35:cd:12:4b:18:d6:d8:b5:4f:b4:99:40:22:
3f:d8:ba:4b:c2:8f:34:ee:f1:4c:6f:3d:02:01:e3:db:62:a6:
07:57:af:5c:4e:f5:df:ac:05:3d:0b:32:2d:3f:cb:07:06:cc:
33:0d:55:f8:b0:04:76:14:b2:d2:dd:f2:33:d0:f2:91:ea:a3:
a6:e9:b4:5f:0a:01:1c:d7:04:85:ae:de:9b:9d:bf:1a:b1:93:
24:57:0a:63:a0:c3:ff:6f:92:79:f2:21:96:e7:c1:7c:b0:91:
f3:3f:a1:e8:ac:1e:00:d4:5c:ef:8f:22:10:5a:7d:99:dd:b4:
d0:10:08:8d:9e:81:35:b5:dd:b4:c5:b7:50:67:d2:97:31:8f:
7d:2b:e0:cb:d1:6d:a5:7c:55:80:f4:3a:7c:14:2f:7e:1c:31:
74:97:73:cf:3a:f2:1f:c1:54:28:4b:05:6a:42:b7:2b:7c:ec:
77:45:75:e3:a8:44:8b:08:c6:a4:9d:e0:e7:57:57:6c:3b:4d:
50:70:ab:85:2f:81:c8:ac:97:7d:8e:22:53:ca:c0:8f:3d:62:
e1:69:b9:a3:b6:36:21:67:78:f8:51:a7:27:d7:97:ad:09:07:
bb:69:05:e6:d9:6d:f3:b0:4a:c2:7b:ef:c2:b2:80:2d:dd:6d:
6b:c1:82:d1
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFiEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAyMTYw
MzI5MDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERDODY1OUUyMDYyRjg2
QUIwNzQ3ODIyODEzMzE2NzNENjAwRTJFNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0LSi9Q8F8U7uMutxA9E2G7v4V0IKv7Dnuu4i+kmQFEWr/Lj3I
b0+mPM0+GQ+sWKzbVxKf5S34gXH1/auScuMIhbt9/OVwdmTEKw0Ve0uuNCQMgbxa
PWfHAtKDPkxTsy2mvsOvG+sITIkMo+aXNruGKU9iBGQr7YNrr/I75E2NM8Etu0cK
J07QjNd215yViCwrLFUHGXqQ//mOqu713/y+mVLT33eNvxvhDnVDFrMrt4rJ8tnQ
IRnTJ44Gu8l3L/JJhRhSYim4XzkgkfR8Acl5OC6Y4pH1OAjBfFs4N1waEov5Ptkp
wzx3dw7f2qH7TRi7vkFkJgnuq7AogEemXOrNAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU3IZZ4gYvhqsHR4IoEzFnPWAOLmMwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvM0laWjRnWXZocXNI
UjRJb0V6Rm5QV0FPTG1NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA7Tf6DANBgkqhkiG9w0BAQsFAAOCAQEAKpyC8M01zRJLGNbYtU+0mUAiP9i6
S8KPNO7xTG89AgHj22KmB1evXE7136wFPQsyLT/LBwbMMw1V+LAEdhSy0t3yM9Dy
keqjpum0XwoBHNcEha7em52/GrGTJFcKY6DD/2+SefIhlufBfLCR8z+h6KweANRc
748iEFp9md200BAIjZ6BNbXdtMW3UGfSlzGPfSvgy9FtpXxVgPQ6fBQvfhwxdJdz
zzryH8FUKEsFakK3K3zsd0V146hEiwjGpJ3g51dXbDtNUHCrhS+ByKyXfY4iU8rA
jz1i4Wm5o7Y2IWd4+FGnJ9eXrQkHu2kF5tlt87BKwnvvwrKALd1ta8GC0Q==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:37:44 2025 by rpki-client