Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/aAu8vVgUNHmbv-ixjRP0CebhG68.roa
File: aAu8vVgUNHmbv-ixjRP0CebhG68.roa (raw, json)
Hash identifier: FlYN3RJBjiCmkQso56R8x4BOfxLnjihXcVrtyZH+H4c=
Subject key identifier: 68:0B:BC:BD:58:14:34:79:9B:BF:E8:B1:8D:13:F4:09:E6:E1:1B:AF
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 1570
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/aAu8vVgUNHmbv-ixjRP0CebhG68.roa
Signing time: Fri 17 Jan 2025 01:27:45 +0000
ROA not before: Fri 17 Jan 2025 01:27:45 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 7018
IP address blocks: 180.223.88.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5488 (0x1570)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Jan 17 01:27:45 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=680BBCBD581434799BBFE8B18D13F409E6E11BAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:23:c5:83:58:f0:55:7b:25:ad:72:43:6d:e8:
66:4c:d0:9b:85:e7:4a:e4:0c:c5:b0:1d:16:f2:3d:
33:ce:8a:e0:d7:2b:75:dc:06:22:7f:2a:a7:3c:37:
d1:94:f7:b9:28:96:aa:69:1c:49:20:c1:73:95:13:
ba:57:8a:13:83:2a:59:fb:e4:27:cf:02:98:23:8c:
8d:76:1d:a8:cc:c5:66:54:9a:4d:0c:f8:5a:40:54:
bf:0c:79:10:fb:18:c9:07:fc:d4:9a:e2:dc:35:65:
35:53:fe:84:63:9d:83:22:65:bc:9b:3f:fe:73:0a:
13:2e:75:da:5d:72:71:5b:6c:7b:c7:ac:54:c9:b9:
4f:ac:30:f6:17:17:b4:41:2c:f8:c6:48:f6:50:29:
c3:0b:43:0f:df:03:44:9c:02:e7:46:82:0d:8d:ee:
85:2e:25:b8:99:93:08:15:da:a6:83:f7:94:3a:c2:
89:c7:1c:e6:b3:02:29:46:ea:a3:b6:4b:dd:af:2c:
51:cf:f5:8d:59:87:3e:0a:7d:6a:8b:05:a0:78:e2:
06:f8:fb:69:e0:45:61:35:6f:21:51:79:a4:84:d8:
96:ae:e5:61:cc:82:f3:1f:33:13:bd:30:c0:44:5e:
78:b3:eb:72:da:67:12:63:ad:bc:08:a3:c0:69:f1:
a6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:0B:BC:BD:58:14:34:79:9B:BF:E8:B1:8D:13:F4:09:E6:E1:1B:AF
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/aAu8vVgUNHmbv-ixjRP0CebhG68.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.88.0/21
Signature Algorithm: sha256WithRSAEncryption
86:18:f5:29:7a:75:72:61:04:c9:ae:00:f8:2d:b4:d1:04:fd:
0b:fa:b6:54:cc:87:64:84:36:b6:da:7f:f5:2e:6e:44:be:da:
7f:e3:e0:35:e9:af:e3:fc:08:05:1a:af:07:38:31:a6:93:da:
37:af:db:4d:79:e3:49:4d:67:9f:c8:da:c1:35:36:e3:c1:18:
6a:a5:42:cd:cb:ae:c0:27:32:b5:96:d2:51:71:b4:f5:f3:5a:
94:35:10:d1:cd:bb:9f:2d:f1:75:74:7b:cf:10:9f:96:66:f5:
d8:f0:f6:34:b1:16:73:4d:01:63:55:c9:17:b3:0b:1b:07:47:
c2:e2:d6:04:eb:f8:c4:ac:e4:9c:8f:0b:8b:f3:40:25:81:60:
c8:bb:14:74:b2:fe:53:bb:68:e5:d6:51:ac:ae:f6:89:9c:19:
3c:58:03:6b:e1:de:95:30:e3:b3:e7:6e:14:20:d8:ee:2d:6d:
2c:35:59:27:d8:da:25:f9:5b:02:6d:d7:4d:e0:3f:36:c6:21:
6d:b9:8c:5e:f6:0a:33:04:9a:30:de:53:b7:eb:93:fa:1e:71:
9e:1a:8f:4c:a3:3b:0a:99:dd:de:5d:d4:ff:dd:55:3c:c3:ce:
7e:45:e9:b8:b9:47:74:5c:ba:85:06:0a:fa:31:aa:9d:6c:66:
f9:30:4f:9e
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFXAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAxMTcw
MTI3NDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY4MEJCQ0JENTgxNDM0
Nzk5QkJGRThCMThEMTNGNDA5RTZFMTFCQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDII8WDWPBVeyWtckNt6GZM0JuF50rkDMWwHRbyPTPOiuDXK3Xc
BiJ/Kqc8N9GU97kolqppHEkgwXOVE7pXihODKln75CfPApgjjI12HajMxWZUmk0M
+FpAVL8MeRD7GMkH/NSa4tw1ZTVT/oRjnYMiZbybP/5zChMuddpdcnFbbHvHrFTJ
uU+sMPYXF7RBLPjGSPZQKcMLQw/fA0ScAudGgg2N7oUuJbiZkwgV2qaD95Q6wonH
HOazAilG6qO2S92vLFHP9Y1Zhz4KfWqLBaB44gb4+2ngRWE1byFReaSE2Jau5WHM
gvMfMxO9MMBEXniz63LaZxJjrbwIo8Bp8aajAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUaAu8vVgUNHmbv+ixjRP0CebhG68wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvYUF1OHZWZ1VOSG1i
di1peGpSUDBDZWJoRzY4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA7TfWDANBgkqhkiG9w0BAQsFAAOCAQEAhhj1KXp1cmEEya4A+C200QT9C/q2
VMyHZIQ2ttp/9S5uRL7af+PgNemv4/wIBRqvBzgxppPaN6/bTXnjSU1nn8jawTU2
48EYaqVCzcuuwCcytZbSUXG09fNalDUQ0c27ny3xdXR7zxCflmb12PD2NLEWc00B
Y1XJF7MLGwdHwuLWBOv4xKzknI8Li/NAJYFgyLsUdLL+U7to5dZRrK72iZwZPFgD
a+HelTDjs+duFCDY7i1tLDVZJ9jaJflbAm3XTeA/NsYhbbmMXvYKMwSaMN5Tt+uT
+h5xnhqPTKM7Cpnd3l3U/91VPMPOfkXpuLlHdFy6hQYK+jGqnWxm+TBPng==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:52 2025 by rpki-client