Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3246/xA1ExRCLTB0US-v9AemsR7Tw1AE.roa
File: xA1ExRCLTB0US-v9AemsR7Tw1AE.roa (raw, json)
Hash identifier: C1h8BK9fIROK4WCFyDC6MvAzWQD9AJjZBPEUZosVPcM=
Subject key identifier: C4:0D:44:C5:10:8B:4C:1D:14:4B:EB:FD:01:E9:AC:47:B4:F0:D4:01
Certificate issuer: /CN=2CB67186E296C89E1F34779ED66A077F7E050CCB
Certificate serial: 035A
Authority key identifier: 2C:B6:71:86:E2:96:C8:9E:1F:34:77:9E:D6:6A:07:7F:7E:05:0C:CB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLZxhuKWyJ4fNHee1moHf34FDMs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/xA1ExRCLTB0US-v9AemsR7Tw1AE.roa
Signing time: Fri 24 May 2024 09:32:04 +0000
ROA not before: Fri 24 May 2024 09:32:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 211392
IP address blocks: 210.87.72.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 858 (0x35a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2CB67186E296C89E1F34779ED66A077F7E050CCB
Validity
Not Before: May 24 09:32:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C40D44C5108B4C1D144BEBFD01E9AC47B4F0D401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a8:b7:c7:df:09:35:9b:96:38:39:28:a4:81:
f2:87:45:b6:71:03:df:7f:e1:40:70:16:6e:12:91:
f5:34:e5:37:a8:c0:5d:3d:d2:08:bf:19:4b:78:6f:
b9:89:1e:78:8e:57:4b:40:fe:ba:7b:55:a2:96:21:
96:c1:e6:56:52:b5:55:fb:9f:38:70:d4:89:88:af:
ed:a9:f3:3b:d0:e6:52:5f:3e:ac:c8:14:52:6a:8e:
61:0f:eb:6f:b8:39:0b:f1:8e:6d:4f:14:ae:60:c7:
cc:57:f4:d5:ea:70:50:c7:be:ab:d9:fe:1d:44:04:
6d:bb:86:b3:65:d0:52:f9:1c:44:ee:a3:5e:1f:02:
ed:af:27:90:5f:c9:f8:73:78:83:9c:05:0e:25:40:
a0:2e:d0:2a:22:0d:01:2e:03:16:52:5e:8c:1b:8a:
ac:1c:0f:67:90:20:3a:52:b6:7d:fa:84:14:8e:72:
96:b6:93:57:d3:fe:81:d9:a2:f2:0e:75:e9:1c:35:
5b:1a:f9:c5:a5:8e:3b:ef:39:75:b4:ea:3a:7d:2e:
94:5b:c6:9d:28:29:10:31:01:75:53:c4:ce:4b:22:
8d:ff:73:9b:3f:4f:88:51:d6:9a:fc:20:73:5b:53:
d2:11:b3:0e:ea:27:7a:57:0f:54:94:93:62:f4:8e:
7a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:0D:44:C5:10:8B:4C:1D:14:4B:EB:FD:01:E9:AC:47:B4:F0:D4:01
X509v3 Authority Key Identifier:
keyid:2C:B6:71:86:E2:96:C8:9E:1F:34:77:9E:D6:6A:07:7F:7E:05:0C:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/LLZxhuKWyJ4fNHee1moHf34FDMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LLZxhuKWyJ4fNHee1moHf34FDMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/xA1ExRCLTB0US-v9AemsR7Tw1AE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.87.72.0/23
Signature Algorithm: sha256WithRSAEncryption
90:fe:69:eb:23:ff:2c:01:6e:a8:37:08:02:dc:a7:b8:29:23:
f3:c3:65:68:78:06:5d:e7:95:ea:9e:23:ac:11:78:79:18:99:
66:6f:ad:d6:3b:02:b9:55:c5:1b:bf:b9:fc:50:f8:8d:1a:f9:
e1:75:d1:fc:8d:1c:ee:ad:b7:bb:65:75:9a:cc:59:23:c9:0e:
4f:86:dd:16:93:b6:28:bf:45:9e:f7:f0:50:29:b7:f8:3e:10:
73:e2:ff:a7:d1:b3:09:79:c7:39:83:0a:23:ad:d5:b5:2e:26:
38:66:8a:61:77:14:6b:90:33:bc:77:29:26:b1:41:94:db:79:
69:73:d7:89:41:5d:29:8a:74:74:b6:8b:1f:9e:7a:05:54:eb:
74:4c:38:a8:cc:31:40:bd:ee:6a:9d:dc:0c:e4:ff:e3:92:90:
5b:10:62:51:94:51:c9:c0:47:a2:9d:5e:b4:b2:b0:d3:f2:f4:
e4:89:f1:43:25:3c:e6:c8:7f:ce:4e:b9:63:28:47:40:55:10:
be:4f:97:f5:b9:4f:48:76:fe:2a:bb:c4:ee:6c:90:24:2d:c5:
4d:e2:1f:66:80:23:f1:aa:96:1c:a0:5f:bb:97:e0:64:70:99:
f5:9e:fa:7d:dd:a7:72:64:a8:e0:d0:fb:1e:85:1b:60:00:b9:
2b:4a:b1:9b
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICA1owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkNC
NjcxODZFMjk2Qzg5RTFGMzQ3NzlFRDY2QTA3N0Y3RTA1MENDQjAeFw0yNDA1MjQw
OTMyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM0MEQ0NEM1MTA4QjRD
MUQxNDRCRUJGRDAxRTlBQzQ3QjRGMEQ0MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAqLfH3wk1m5Y4OSikgfKHRbZxA99/4UBwFm4SkfU05TeowF09
0gi/GUt4b7mJHniOV0tA/rp7VaKWIZbB5lZStVX7nzhw1ImIr+2p8zvQ5lJfPqzI
FFJqjmEP62+4OQvxjm1PFK5gx8xX9NXqcFDHvqvZ/h1EBG27hrNl0FL5HETuo14f
Au2vJ5BfyfhzeIOcBQ4lQKAu0CoiDQEuAxZSXowbiqwcD2eQIDpStn36hBSOcpa2
k1fT/oHZovIOdekcNVsa+cWljjvvOXW06jp9LpRbxp0oKRAxAXVTxM5LIo3/c5s/
T4hR1pr8IHNbU9IRsw7qJ3pXD1SUk2L0jnrbAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUxA1ExRCLTB0US+v9AemsR7Tw1AEwHwYDVR0jBBgwFoAULLZxhuKWyJ4fNHee
1moHf34FDMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI0
Ni9MTFp4aHVLV3lKNGZOSGVlMW1vSGYzNEZETXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0xMWnhodUtXeUo0Zk5IZWUxbW9IZjM0RkRNcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNDYveEExRXhSQ0xUQjBV
Uy12OUFlbXNSN1R3MUFFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAdJXSDANBgkqhkiG9w0BAQsFAAOCAQEAkP5p6yP/LAFuqDcIAtynuCkj88Nl
aHgGXeeV6p4jrBF4eRiZZm+t1jsCuVXFG7+5/FD4jRr54XXR/I0c7q23u2V1msxZ
I8kOT4bdFpO2KL9FnvfwUCm3+D4Qc+L/p9GzCXnHOYMKI63VtS4mOGaKYXcUa5Az
vHcpJrFBlNt5aXPXiUFdKYp0dLaLH556BVTrdEw4qMwxQL3uap3cDOT/45KQWxBi
UZRRycBHop1etLKw0/L05InxQyU85sh/zk65YyhHQFUQvk+X9blPSHb+KrvE7myQ
JC3FTeIfZoAj8aqWHKBfu5fgZHCZ9Z76fd2ncmSo4ND7HoUbYAC5K0qxmw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:44 2025 by rpki-client