Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/L4kGErpZwE2IJTcxIDpVK6stU3o.roa
File: L4kGErpZwE2IJTcxIDpVK6stU3o.roa (raw, json)
Hash identifier: 8cpijSl690D+NXmSwLKfM/DFyvLvMFqn2RyUILFPWFk=
Subject key identifier: 2F:89:06:12:BA:59:C0:4D:88:25:37:31:20:3A:55:2B:AB:2D:53:7A
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 162B
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/L4kGErpZwE2IJTcxIDpVK6stU3o.roa
Signing time: Sun 16 Feb 2025 03:31:05 +0000
ROA not before: Sun 16 Feb 2025 03:31:05 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 2914
IP address blocks: 180.223.248.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5675 (0x162b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Feb 16 03:31:05 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=2F890612BA59C04D88253731203A552BAB2D537A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:dd:74:ff:4c:57:91:28:d0:59:0c:8d:66:91:
ea:a5:0c:e0:f5:66:27:77:b0:0a:1e:5d:65:e2:2e:
fa:6d:5b:3f:5a:80:7c:7e:57:10:9e:eb:60:0d:bd:
56:75:16:4c:81:6a:a9:fc:b0:c0:dc:38:c4:dc:17:
da:c1:6d:dd:54:91:52:5f:55:19:e2:92:7e:6d:f7:
a3:fc:e3:3c:56:55:cc:22:6a:fb:84:ef:eb:bf:02:
4b:fb:45:48:3d:87:b4:e9:a2:cb:91:92:f2:b0:fe:
ba:a3:bf:01:a8:40:45:35:40:8e:73:64:03:2e:fe:
33:09:e1:85:22:64:8a:6e:ac:b1:d6:41:dc:97:a5:
9e:5f:dd:ec:58:89:06:76:c2:20:e4:3e:df:47:47:
9b:cd:80:2d:ca:3c:41:67:4b:98:3e:cd:cf:cf:9d:
e1:e1:7f:d9:55:db:ac:1b:17:7a:56:5c:38:19:c8:
16:6f:bc:38:ab:be:a2:41:68:f3:e3:14:0a:9d:a8:
3c:f1:81:f5:c7:40:d0:80:cc:16:99:a9:fb:2d:0a:
5f:3e:0c:f9:f1:d2:25:ad:39:e1:ae:00:e9:5f:82:
52:df:20:40:2c:83:37:35:1f:cf:3b:12:97:ea:77:
98:94:da:d4:c4:83:43:1e:f3:ef:c0:9a:fe:6b:ba:
a8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:89:06:12:BA:59:C0:4D:88:25:37:31:20:3A:55:2B:AB:2D:53:7A
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/L4kGErpZwE2IJTcxIDpVK6stU3o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.248.0/21
Signature Algorithm: sha256WithRSAEncryption
bf:82:dd:55:02:0e:95:9e:f8:6a:e5:54:3e:7b:bd:00:62:16:
37:a7:67:80:4a:29:13:65:4a:1d:d2:b6:6a:0e:cb:9a:cd:50:
bf:73:36:35:81:0e:90:5b:35:a6:e6:74:fc:fe:2e:c7:68:97:
43:42:a9:f1:18:3e:87:5a:67:f6:25:b1:f8:50:c4:af:1e:b5:
7c:a2:0f:3a:97:a9:05:3f:ce:74:aa:2b:bc:dc:b5:ca:e0:be:
67:e6:dd:08:37:18:8f:2b:d4:47:be:74:26:5d:f8:ef:88:6e:
da:8b:13:71:55:80:e2:76:88:35:f2:96:24:91:4d:45:7f:c1:
28:6c:f0:ed:5c:27:01:fd:22:b4:83:1e:2b:17:0a:e6:85:ad:
69:0a:64:e5:e5:5c:43:73:b1:27:9e:cc:af:f2:51:29:b9:6d:
79:f2:79:ca:5f:b8:b2:af:6d:c7:74:dc:ce:a0:17:6f:7e:00:
1c:2a:c1:fe:3a:50:6e:e7:35:49:06:39:4b:15:68:9e:37:65:
5b:b1:51:ae:e7:fe:8f:52:42:c1:24:dc:7d:84:95:a9:4f:98:
80:20:82:88:c2:f4:f6:ad:98:19:bd:0c:4f:f1:e3:d4:1b:e9:
3c:25:dd:eb:22:5d:67:f7:10:78:a5:fb:a7:cb:7e:1f:92:aa:
2d:0d:e0:dc
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFiswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAyMTYw
MzMxMDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDJGODkwNjEyQkE1OUMw
NEQ4ODI1MzczMTIwM0E1NTJCQUIyRDUzN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDg3XT/TFeRKNBZDI1mkeqlDOD1Zid3sAoeXWXiLvptWz9agHx+
VxCe62ANvVZ1FkyBaqn8sMDcOMTcF9rBbd1UkVJfVRnikn5t96P84zxWVcwiavuE
7+u/Akv7RUg9h7TposuRkvKw/rqjvwGoQEU1QI5zZAMu/jMJ4YUiZIpurLHWQdyX
pZ5f3exYiQZ2wiDkPt9HR5vNgC3KPEFnS5g+zc/PneHhf9lV26wbF3pWXDgZyBZv
vDirvqJBaPPjFAqdqDzxgfXHQNCAzBaZqfstCl8+DPnx0iWtOeGuAOlfglLfIEAs
gzc1H887Epfqd5iU2tTEg0Me8+/Amv5ruqhHAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUL4kGErpZwE2IJTcxIDpVK6stU3owHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvTDRrR0VycFp3RTJJ
SlRjeElEcFZLNnN0VTNvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA7Tf+DANBgkqhkiG9w0BAQsFAAOCAQEAv4LdVQIOlZ74auVUPnu9AGIWN6dn
gEopE2VKHdK2ag7Lms1Qv3M2NYEOkFs1puZ0/P4ux2iXQ0Kp8Rg+h1pn9iWx+FDE
rx61fKIPOpepBT/OdKorvNy1yuC+Z+bdCDcYjyvUR750Jl3474hu2osTcVWA4naI
NfKWJJFNRX/BKGzw7VwnAf0itIMeKxcK5oWtaQpk5eVcQ3OxJ57Mr/JRKbltefJ5
yl+4sq9tx3TczqAXb34AHCrB/jpQbuc1SQY5SxVonjdlW7FRruf+j1JCwSTcfYSV
qU+YgCCCiML09q2YGb0MT/Hj1BvpPCXd6yJdZ/cQeKX7p8t+H5KqLQ3g3A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:45 2025 by rpki-client