Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/hScwhISbbD05P3MsLEqTbc-dDTs.roa
File: hScwhISbbD05P3MsLEqTbc-dDTs.roa (raw, json)
Hash identifier: gmUbfsswTFyRVEoA8qaEC9fKflGoEEuvkYKxch/4fkY=
Subject key identifier: 85:27:30:84:84:9B:6C:3D:39:3F:73:2C:2C:4A:93:6D:CF:9D:0D:3B
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 1576
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/hScwhISbbD05P3MsLEqTbc-dDTs.roa
Signing time: Fri 17 Jan 2025 01:27:47 +0000
ROA not before: Fri 17 Jan 2025 01:27:47 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 2914
IP address blocks: 180.223.216.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5494 (0x1576)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Jan 17 01:27:47 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=85273084849B6C3D393F732C2C4A936DCF9D0D3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:48:9a:4a:bd:87:e5:cc:dc:0d:54:fd:12:18:
91:22:f4:53:b7:58:5f:12:08:7e:b0:28:f6:ca:f0:
d4:1d:17:60:e7:51:35:5f:c1:cb:85:1b:7d:af:58:
05:2c:f9:bb:0d:ea:d3:5c:2f:58:5a:04:65:20:e4:
5c:bb:ae:cf:2e:24:d4:ad:5c:12:44:83:89:64:f5:
a2:6a:b2:39:88:1c:5c:f3:da:74:a4:02:f8:55:48:
2b:68:52:2d:50:e8:65:80:f2:38:f1:b8:b6:e4:4a:
8d:ab:b9:56:b2:58:5b:92:86:34:4e:82:e8:a6:75:
37:f1:a4:3e:3f:b8:ad:cc:9d:88:4d:8b:46:a2:57:
32:03:22:4f:dd:63:b0:47:78:2b:cb:99:49:10:a7:
92:78:87:70:57:e4:96:20:93:69:c2:7d:ed:15:fb:
10:90:67:c9:d2:57:37:96:63:c4:11:a0:43:34:c7:
f4:9b:86:fa:e0:81:73:2a:b6:f1:cf:32:35:06:12:
55:07:eb:e0:5b:3a:ab:31:c8:5f:8b:c1:5d:a5:02:
d9:54:c4:6b:07:81:f6:52:18:80:21:d8:5d:b5:2e:
61:8c:57:b9:17:bc:46:98:2b:b8:a4:6e:b2:00:dd:
5a:6e:c7:98:3c:76:64:5c:63:39:46:c3:9e:a9:e6:
ab:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:27:30:84:84:9B:6C:3D:39:3F:73:2C:2C:4A:93:6D:CF:9D:0D:3B
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/hScwhISbbD05P3MsLEqTbc-dDTs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.216.0/21
Signature Algorithm: sha256WithRSAEncryption
a5:e9:6a:f1:e8:b6:42:51:a6:18:34:5f:74:9c:b3:29:a3:5c:
93:7b:89:5f:a0:2e:16:bb:a7:b7:c8:f6:9b:f7:35:d3:25:8f:
60:05:e4:a9:93:1e:4d:c4:95:ed:7c:a8:28:b4:67:5f:ac:f3:
98:fb:c4:5a:7d:71:40:83:37:ff:47:71:48:ec:f1:1a:b1:3d:
9f:7c:08:66:db:0c:fa:5e:67:04:ee:3e:41:c6:f4:e5:33:9a:
7e:ea:59:a6:83:a2:1a:f2:a9:94:48:2a:d6:69:f3:7f:2c:c3:
15:77:85:62:cf:2b:88:17:e7:3c:0e:30:30:ce:80:ff:9e:ed:
58:45:69:ce:f4:ed:90:fe:5a:bf:f7:b9:ab:3e:c2:79:db:66:
b4:5e:b6:14:37:07:0b:43:02:1c:b3:47:65:64:45:2d:2e:da:
fe:9c:7e:69:e9:ba:d1:e4:96:5e:26:6a:05:9f:06:23:a9:ff:
39:ef:92:56:ef:2b:41:0d:54:11:27:e7:1d:a7:14:47:b2:9d:
51:4c:a9:5b:69:04:6b:c9:b1:28:ad:7c:20:b2:90:a6:73:2f:
54:33:2e:49:a6:4c:7c:f4:ae:d4:0b:b3:18:d8:32:9e:0e:2c:
c0:4a:d3:88:ef:e2:ca:4f:af:e1:4c:f2:75:f7:cb:a1:e5:6c:
b1:1b:e5:f2
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAxMTcw
MTI3NDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg1MjczMDg0ODQ5QjZD
M0QzOTNGNzMyQzJDNEE5MzZEQ0Y5RDBEM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFSJpKvYflzNwNVP0SGJEi9FO3WF8SCH6wKPbK8NQdF2DnUTVf
wcuFG32vWAUs+bsN6tNcL1haBGUg5Fy7rs8uJNStXBJEg4lk9aJqsjmIHFzz2nSk
AvhVSCtoUi1Q6GWA8jjxuLbkSo2ruVayWFuShjROguimdTfxpD4/uK3MnYhNi0ai
VzIDIk/dY7BHeCvLmUkQp5J4h3BX5JYgk2nCfe0V+xCQZ8nSVzeWY8QRoEM0x/Sb
hvrggXMqtvHPMjUGElUH6+BbOqsxyF+LwV2lAtlUxGsHgfZSGIAh2F21LmGMV7kX
vEaYK7ikbrIA3Vpux5g8dmRcYzlGw56p5qtDAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUhScwhISbbD05P3MsLEqTbc+dDTswHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvaFNjd2hJU2JiRDA1
UDNNc0xFcVRiYy1kRFRzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA7Tf2DANBgkqhkiG9w0BAQsFAAOCAQEApelq8ei2QlGmGDRfdJyzKaNck3uJ
X6AuFrunt8j2m/c10yWPYAXkqZMeTcSV7XyoKLRnX6zzmPvEWn1xQIM3/0dxSOzx
GrE9n3wIZtsM+l5nBO4+Qcb05TOafupZpoOiGvKplEgq1mnzfyzDFXeFYs8riBfn
PA4wMM6A/57tWEVpzvTtkP5av/e5qz7CedtmtF62FDcHC0MCHLNHZWRFLS7a/px+
aem60eSWXiZqBZ8GI6n/Oe+SVu8rQQ1UESfnHacUR7KdUUypW2kEa8mxKK18ILKQ
pnMvVDMuSaZMfPSu1AuzGNgyng4swErTiO/iyk+v4UzydffLoeVssRvl8g==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:02:22 2025 by rpki-client