Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/TB6XnY8AM4lEXVJ9IFTEn9HpfAY.roa
File: TB6XnY8AM4lEXVJ9IFTEn9HpfAY.roa (raw, json)
Hash identifier: lUXS5qhStQey4JNLbN4EzrJa45LZVcFlhhxdcBI62qg=
Subject key identifier: 4C:1E:97:9D:8F:00:33:89:44:5D:52:7D:20:54:C4:9F:D1:E9:7C:06
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 1575
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/TB6XnY8AM4lEXVJ9IFTEn9HpfAY.roa
Signing time: Fri 17 Jan 2025 01:27:46 +0000
ROA not before: Fri 17 Jan 2025 01:27:46 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 7018
IP address blocks: 180.223.104.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5493 (0x1575)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Jan 17 01:27:46 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=4C1E979D8F003389445D527D2054C49FD1E97C06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e0:1f:5f:e3:7d:40:7d:3d:b0:2e:99:85:84:
23:17:3e:98:8a:f2:d4:e6:3d:a1:88:11:8d:00:33:
e5:bd:30:73:12:3a:f1:d8:72:ee:46:6c:ba:ea:eb:
48:3c:ae:5b:d4:6e:d4:f2:f8:65:be:89:50:08:44:
bd:5f:93:cb:d9:65:cb:62:df:32:71:05:24:f4:56:
57:32:8c:d9:fe:52:7e:08:b5:b2:90:ee:fa:dd:3a:
54:d9:c7:f7:e8:fc:d2:4a:81:9d:84:47:0d:39:86:
da:33:8d:91:9a:ab:c7:62:a5:13:66:f5:2d:d9:f6:
6c:24:40:c0:29:e1:47:68:5f:2c:f4:bd:20:13:cf:
24:53:c8:a4:e4:b9:04:50:0a:cd:4f:63:94:6d:ae:
87:8f:50:6f:bf:d9:ba:03:3e:d7:49:8e:26:f6:38:
cb:b2:d9:6c:3f:78:d2:ea:82:79:df:95:8a:ad:47:
85:7b:40:f2:dd:a0:dd:e5:7d:69:a1:c4:d9:3e:22:
e4:49:09:3c:ab:23:c8:57:95:bb:c5:97:98:51:17:
bd:04:44:c5:e2:3c:01:b8:c6:92:d7:15:5e:e0:5c:
e8:c9:af:d6:0a:1d:28:de:bd:1c:f5:9c:b9:64:38:
36:c5:d4:db:ec:a0:82:3c:7e:04:66:5d:cd:74:61:
2e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:1E:97:9D:8F:00:33:89:44:5D:52:7D:20:54:C4:9F:D1:E9:7C:06
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/TB6XnY8AM4lEXVJ9IFTEn9HpfAY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.104.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:f2:9a:e8:89:bf:fb:36:6b:c3:1d:ab:9b:26:f5:fd:f1:71:
77:7c:95:08:fe:20:05:a2:f9:91:cd:9a:70:d8:8c:8d:18:a4:
2b:41:04:3b:ce:72:4b:f7:16:72:18:64:3a:b3:29:e2:69:54:
ca:e8:17:95:16:11:60:92:c4:16:ad:05:4d:3a:aa:8f:a1:61:
ce:f2:df:34:9e:58:32:c5:74:6b:32:0e:15:f2:a2:d9:10:25:
f2:7b:b3:7f:69:66:1f:72:e8:dc:b7:98:f5:a1:ce:a1:22:d5:
13:bd:af:ed:8a:ca:39:f2:3e:f2:d8:a3:bf:c5:95:40:9c:ce:
6f:67:c6:db:0e:e0:d9:65:ac:ad:cd:6b:bd:d3:8c:59:ab:ea:
90:5d:ab:eb:59:61:76:9b:04:e2:ec:3a:a2:e6:0f:0c:d8:97:
bc:68:dc:c9:8c:e2:5b:d7:42:f7:8a:0f:1b:14:ae:a0:da:11:
23:72:5f:d1:da:da:54:3e:68:1f:b1:af:86:b2:e5:4b:6d:8c:
37:3a:f5:07:31:c3:04:a8:42:8b:9c:ac:7a:b2:50:96:6c:b1:
4d:32:15:72:0d:04:9c:0e:cf:35:91:75:89:30:21:50:b2:ab:
84:51:67:2b:38:ec:34:6a:80:cd:1f:c3:27:77:0f:e2:96:db:
f6:43:8e:6a
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFXUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAxMTcw
MTI3NDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRDMUU5NzlEOEYwMDMz
ODk0NDVENTI3RDIwNTRDNDlGRDFFOTdDMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+4B9f431AfT2wLpmFhCMXPpiK8tTmPaGIEY0AM+W9MHMSOvHY
cu5GbLrq60g8rlvUbtTy+GW+iVAIRL1fk8vZZcti3zJxBST0VlcyjNn+Un4ItbKQ
7vrdOlTZx/fo/NJKgZ2ERw05htozjZGaq8dipRNm9S3Z9mwkQMAp4UdoXyz0vSAT
zyRTyKTkuQRQCs1PY5RtroePUG+/2boDPtdJjib2OMuy2Ww/eNLqgnnflYqtR4V7
QPLdoN3lfWmhxNk+IuRJCTyrI8hXlbvFl5hRF70ERMXiPAG4xpLXFV7gXOjJr9YK
HSjevRz1nLlkODbF1NvsoII8fgRmXc10YS4LAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUTB6XnY8AM4lEXVJ9IFTEn9HpfAYwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvVEI2WG5ZOEFNNGxF
WFZKOUlGVEVuOUhwZkFZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA7TfaDANBgkqhkiG9w0BAQsFAAOCAQEAL/Ka6Im/+zZrwx2rmyb1/fFxd3yV
CP4gBaL5kc2acNiMjRikK0EEO85yS/cWchhkOrMp4mlUyugXlRYRYJLEFq0FTTqq
j6FhzvLfNJ5YMsV0azIOFfKi2RAl8nuzf2lmH3Lo3LeY9aHOoSLVE72v7YrKOfI+
8tijv8WVQJzOb2fG2w7g2WWsrc1rvdOMWavqkF2r61lhdpsE4uw6ouYPDNiXvGjc
yYziW9dC94oPGxSuoNoRI3Jf0draVD5oH7GvhrLlS22MNzr1BzHDBKhCi5yserJQ
lmyxTTIVcg0EnA7PNZF1iTAhULKrhFFnKzjsNGqAzR/DJ3cP4pbb9kOOag==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:00:57 2025 by rpki-client