Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/TfqvhOweNmYQuY0tWjPAO2yXuGk.roa
File: TfqvhOweNmYQuY0tWjPAO2yXuGk.roa (raw, json)
Hash identifier: ignPn4JbieWfhGV/kpwkfFrTM5GXwlO/c3lYA7dD1I0=
Subject key identifier: 4D:FA:AF:84:EC:1E:36:66:10:B9:8D:2D:5A:33:C0:3B:6C:97:B8:69
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 1577
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/TfqvhOweNmYQuY0tWjPAO2yXuGk.roa
Signing time: Fri 17 Jan 2025 01:27:47 +0000
ROA not before: Fri 17 Jan 2025 01:27:47 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 2914
IP address blocks: 180.223.32.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5495 (0x1577)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Jan 17 01:27:47 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=4DFAAF84EC1E366610B98D2D5A33C03B6C97B869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f9:d5:25:8f:06:96:7a:46:e2:55:20:2e:33:
25:a7:e7:d0:b1:d6:12:ee:f9:c8:00:f5:73:1f:f7:
04:5a:9f:e6:61:22:7d:f3:bb:f3:16:5f:ad:30:56:
4a:aa:12:d5:88:20:d9:27:b5:0a:05:1e:ee:3c:4e:
d0:b9:00:53:02:ab:6f:17:36:8c:3c:69:a3:7e:ad:
78:5b:80:b0:9f:27:7d:d7:15:b7:b4:b7:a9:0d:b3:
cc:b7:95:95:a6:9e:ae:7e:b6:ea:0d:07:1a:b4:32:
2b:cc:22:ed:58:02:ce:69:58:0a:4c:e0:56:b8:52:
e2:24:02:21:56:72:79:b3:3f:03:0b:f1:62:c7:f2:
21:65:66:0e:eb:27:7f:74:45:91:d4:51:a7:42:b1:
88:ed:84:21:cd:87:27:5d:92:dd:21:97:88:23:84:
b1:4a:e6:9e:36:39:12:b9:a6:9d:fd:89:4e:b6:98:
34:f0:f0:28:ba:14:f0:c1:37:c3:c7:d1:87:31:86:
6e:15:2d:fe:a6:76:a6:b5:49:85:76:20:b6:f9:0f:
d6:d6:d0:5f:7f:d6:ec:b1:53:4f:37:4b:21:48:fb:
db:5e:ef:7e:4c:ac:f4:e6:70:96:ef:93:bf:51:54:
78:45:c6:46:35:f4:69:1a:3e:37:b6:b4:52:0e:76:
79:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FA:AF:84:EC:1E:36:66:10:B9:8D:2D:5A:33:C0:3B:6C:97:B8:69
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/TfqvhOweNmYQuY0tWjPAO2yXuGk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.32.0/21
Signature Algorithm: sha256WithRSAEncryption
94:66:26:81:51:e4:6c:da:e7:10:25:23:49:66:df:38:e4:82:
db:bf:8c:49:6b:18:1c:80:50:be:a0:e3:fb:95:30:3e:4a:81:
2a:83:36:e7:96:88:fa:b0:ad:6c:cf:03:ff:b0:14:bd:c5:b2:
1a:b6:35:69:ef:d9:df:52:a3:35:9d:cd:33:98:b8:e8:9b:94:
2a:f2:59:e1:67:27:cf:fa:cd:6f:4a:1b:e8:55:0c:f5:64:b5:
97:1f:2a:2c:1d:89:18:20:76:c8:96:f7:67:b8:8c:80:ef:aa:
a3:db:12:86:3b:70:39:41:38:55:1b:66:04:43:7e:65:ad:72:
64:2d:9f:62:36:da:84:33:1f:0e:ad:2a:12:62:c5:6d:8b:f8:
78:72:8c:47:f9:ec:17:dd:9f:a3:3a:48:88:69:a7:43:7d:23:
75:f4:8e:3c:03:94:ae:fd:4b:8f:be:33:eb:aa:21:29:50:9e:
cf:fb:b7:4a:6c:49:c2:38:c3:42:23:01:60:56:4e:90:63:3c:
75:c9:96:81:03:5b:8b:b5:0f:0c:b0:3e:36:80:6a:c5:15:de:
9f:2f:1f:08:fb:2d:ad:d0:be:60:b6:7d:1a:68:7e:f7:d6:d1:
1b:eb:1e:89:b7:8c:40:dd:10:2b:3c:62:e7:da:61:e1:ef:f0:
49:7f:8e:18
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFXcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAxMTcw
MTI3NDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRERkFBRjg0RUMxRTM2
NjYxMEI5OEQyRDVBMzNDMDNCNkM5N0I4NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDr+dUljwaWekbiVSAuMyWn59Cx1hLu+cgA9XMf9wRan+ZhIn3z
u/MWX60wVkqqEtWIINkntQoFHu48TtC5AFMCq28XNow8aaN+rXhbgLCfJ33XFbe0
t6kNs8y3lZWmnq5+tuoNBxq0MivMIu1YAs5pWApM4Fa4UuIkAiFWcnmzPwML8WLH
8iFlZg7rJ390RZHUUadCsYjthCHNhyddkt0hl4gjhLFK5p42ORK5pp39iU62mDTw
8Ci6FPDBN8PH0Ycxhm4VLf6mdqa1SYV2ILb5D9bW0F9/1uyxU083SyFI+9te735M
rPTmcJbvk79RVHhFxkY19GkaPje2tFIOdnldAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUTfqvhOweNmYQuY0tWjPAO2yXuGkwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvVGZxdmhPd2VObVlR
dVkwdFdqUEFPMnlYdUdrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA7TfIDANBgkqhkiG9w0BAQsFAAOCAQEAlGYmgVHkbNrnECUjSWbfOOSC27+M
SWsYHIBQvqDj+5UwPkqBKoM255aI+rCtbM8D/7AUvcWyGrY1ae/Z31KjNZ3NM5i4
6JuUKvJZ4Wcnz/rNb0ob6FUM9WS1lx8qLB2JGCB2yJb3Z7iMgO+qo9sShjtwOUE4
VRtmBEN+Za1yZC2fYjbahDMfDq0qEmLFbYv4eHKMR/nsF92fozpIiGmnQ30jdfSO
PAOUrv1Lj74z66ohKVCez/u3SmxJwjjDQiMBYFZOkGM8dcmWgQNbi7UPDLA+NoBq
xRXeny8fCPstrdC+YLZ9Gmh+99bRG+seibeMQN0QKzxi59ph4e/wSX+OGA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:37:34 2025 by rpki-client