Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/Zxfwg1jqSXYUk_Dudf_0uN6d554.roa
File: Zxfwg1jqSXYUk_Dudf_0uN6d554.roa (raw, json)
Hash identifier: 8aUTqunXY7vdfyiinZg7j4FNYNmCbkTFe/7GxfrX/BM=
Subject key identifier: 67:17:F0:83:58:EA:49:76:14:93:F0:EE:75:FF:F4:B8:DE:9D:E7:9E
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 1244
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/Zxfwg1jqSXYUk_Dudf_0uN6d554.roa
Signing time: Tue 20 Aug 2024 12:56:42 +0000
ROA not before: Tue 20 Aug 2024 12:56:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 7018
IP address blocks: 180.223.64.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4676 (0x1244)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Aug 20 12:56:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6717F08358EA49761493F0EE75FFF4B8DE9DE79E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2c:34:5c:df:ae:e7:b6:d1:48:6d:7d:eb:2c:
87:ab:6a:02:5b:3a:a7:19:e9:53:63:7a:07:a2:db:
e5:a6:e7:f0:70:80:ff:6f:c8:63:cc:5c:ef:e5:02:
b4:cd:8b:35:ea:82:eb:57:1f:4a:e8:c1:ee:ea:73:
27:4c:84:7f:39:14:c8:1c:65:86:38:48:e7:d3:d9:
26:cc:9a:f1:65:ef:a7:3f:37:61:75:58:75:33:cf:
c8:d3:5b:fb:ca:ad:47:8e:39:f6:bc:ab:e0:0c:5b:
a4:f2:e1:8c:fb:78:4b:47:c5:bd:cd:48:f5:bf:ce:
41:fc:98:e6:48:22:32:df:03:ea:c0:3d:53:5f:73:
44:3e:df:53:3b:7d:ba:5e:8f:6d:6e:8f:dd:d4:e9:
0d:93:dc:33:f6:6b:c1:62:7d:fc:4e:8c:43:4c:d4:
87:57:39:9c:6c:92:63:be:2d:06:2d:01:fa:ab:d0:
98:8c:9c:d8:22:02:78:28:99:d4:18:98:97:b2:0f:
93:86:16:a3:f9:03:fc:97:28:3a:17:ee:cb:64:95:
8a:03:59:c5:29:8b:93:3f:88:5a:d0:7b:b5:33:f4:
5e:49:4d:c4:0e:c7:54:26:ae:78:94:35:57:34:3c:
82:8f:4f:36:9e:aa:2b:ae:13:66:0e:e0:37:1e:f6:
a1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:17:F0:83:58:EA:49:76:14:93:F0:EE:75:FF:F4:B8:DE:9D:E7:9E
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/Zxfwg1jqSXYUk_Dudf_0uN6d554.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.64.0/21
Signature Algorithm: sha256WithRSAEncryption
a6:2d:b4:f1:64:b8:91:5d:c4:59:ec:0e:e5:fe:13:9b:c5:1a:
2c:42:ed:c8:83:c6:54:5e:df:91:b1:21:88:ad:a1:13:80:db:
92:bd:7e:40:26:cc:85:e6:ed:ae:4f:19:da:0f:af:e6:8a:cf:
68:17:66:95:73:29:e5:40:94:d5:fd:a4:83:b3:7e:36:0e:4f:
2b:6c:f5:f0:3a:ee:c3:0f:1f:6e:8a:6a:77:cc:97:88:d7:92:
70:9c:bf:cd:17:07:13:2f:5e:0d:fd:69:cc:5d:43:f0:e6:da:
d7:f2:e6:46:46:e9:13:de:2c:a7:ee:f7:6f:47:5d:fd:b2:a8:
41:89:86:63:63:f4:91:9a:76:8f:d9:52:25:32:5d:d1:8f:cd:
cf:ab:95:ec:d7:84:e7:2b:07:94:5d:4e:22:51:42:c7:17:5f:
be:b1:08:84:04:93:c8:a1:83:52:38:67:21:32:e2:0f:c5:53:
92:b9:f9:e4:1b:02:11:41:40:9e:ce:de:bc:97:e5:2d:79:ee:
49:0f:c9:66:65:31:9e:9f:c5:8e:f2:f7:fc:64:96:e6:b8:57:
36:f2:78:26:b3:d3:1c:3d:7b:20:2e:bf:cd:e7:f5:74:31:7a:
89:49:f7:de:70:2c:ad:fd:f1:ec:d4:e9:a5:57:04:bd:51:cc:
1e:9f:84:02
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEkQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA4MjAx
MjU2NDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY3MTdGMDgzNThFQTQ5
NzYxNDkzRjBFRTc1RkZGNEI4REU5REU3OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+LDRc367nttFIbX3rLIeragJbOqcZ6VNjegei2+Wm5/BwgP9v
yGPMXO/lArTNizXqgutXH0rowe7qcydMhH85FMgcZYY4SOfT2SbMmvFl76c/N2F1
WHUzz8jTW/vKrUeOOfa8q+AMW6Ty4Yz7eEtHxb3NSPW/zkH8mOZIIjLfA+rAPVNf
c0Q+31M7fbpej21uj93U6Q2T3DP2a8FiffxOjENM1IdXOZxskmO+LQYtAfqr0JiM
nNgiAngomdQYmJeyD5OGFqP5A/yXKDoX7stklYoDWcUpi5M/iFrQe7Uz9F5JTcQO
x1QmrniUNVc0PIKPTzaeqiuuE2YO4Dce9qEPAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUZxfwg1jqSXYUk/Dudf/0uN6d554wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvWnhmd2cxanFTWFlV
a19EdWRmXzB1TjZkNTU0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA7TfQDANBgkqhkiG9w0BAQsFAAOCAQEApi208WS4kV3EWewO5f4Tm8UaLELt
yIPGVF7fkbEhiK2hE4Dbkr1+QCbMhebtrk8Z2g+v5orPaBdmlXMp5UCU1f2kg7N+
Ng5PK2z18Druww8fbopqd8yXiNeScJy/zRcHEy9eDf1pzF1D8Oba1/LmRkbpE94s
p+73b0dd/bKoQYmGY2P0kZp2j9lSJTJd0Y/Nz6uV7NeE5ysHlF1OIlFCxxdfvrEI
hASTyKGDUjhnITLiD8VTkrn55BsCEUFAns7evJflLXnuSQ/JZmUxnp/FjvL3/GSW
5rhXNvJ4JrPTHD17IC6/zef1dDF6iUn33nAsrf3x7NTppVcEvVHMHp+EAg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:11:02 2025 by rpki-client