Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/6OOgbcc6tw2AkFZlOv9og89RGzM.roa
File: 6OOgbcc6tw2AkFZlOv9og89RGzM.roa (raw, json)
Hash identifier: PqGCVipLIB4LfMJFXO580kMf7UBPAoR85GnhUUFQplo=
Subject key identifier: E8:E3:A0:6D:C7:3A:B7:0D:80:90:56:65:3A:FF:68:83:CF:51:1B:33
Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA
Certificate serial: A6
Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/6OOgbcc6tw2AkFZlOv9og89RGzM.roa
Signing time: Thu 16 May 2024 08:12:56 +0000
ROA not before: Thu 16 May 2024 08:12:56 +0000
ROA not after: Tue 15 Apr 2025 07:02:50 +0000
asID: 7641
IP address blocks: 42.204.0.0/14 maxlen: 24
103.8.204.0/22 maxlen: 24
112.128.0.0/14 maxlen: 24
150.242.52.0/22 maxlen: 24
211.89.0.0/16 maxlen: 24
211.146.3.0/24 maxlen: 24
211.156.128.0/19 maxlen: 24
223.162.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166 (0xa6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA
Validity
Not Before: May 16 08:12:56 2024 GMT
Not After : Apr 15 07:02:50 2025 GMT
Subject: CN=E8E3A06DC73AB70D809056653AFF6883CF511B33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:39:c2:92:99:89:9e:0f:86:aa:59:cd:7c:d0:
be:f3:7f:06:5a:70:e5:68:9f:b7:8a:85:eb:c7:82:
a0:38:2b:56:2a:91:24:a0:8a:ec:a5:33:b3:83:f1:
12:69:4b:40:72:40:07:a7:e5:33:99:65:4f:b1:4f:
b4:8d:84:69:8a:86:db:2a:76:25:9c:60:a7:ff:dd:
84:80:55:ef:a2:4d:af:8a:a6:3a:94:9e:4b:92:6f:
da:a4:ee:bb:b3:cf:50:dd:3b:d4:d6:f8:34:91:e5:
17:77:48:e4:9e:47:da:6c:f8:bd:42:f5:8d:d1:6a:
6c:79:d5:e6:bf:3c:52:ef:53:0e:36:da:50:4d:18:
67:88:ba:d2:bb:04:c6:a4:a9:df:a8:38:80:83:09:
1f:0a:5d:b2:a4:2e:85:fa:26:7d:9e:d1:a2:bd:85:
68:c8:ae:7a:3b:2a:48:27:1d:c9:86:e5:3d:a2:39:
99:18:60:a5:9b:7e:27:26:2d:78:5e:91:b4:5a:d6:
f0:fa:14:d3:30:c2:ca:65:70:03:ea:4a:87:e3:9c:
bc:f8:33:e3:4c:86:26:d6:00:3f:87:cc:c3:0c:ae:
b1:6f:53:88:a6:a4:32:8e:3c:17:94:5c:10:49:ef:
78:16:75:2c:ec:bf:40:ee:24:15:01:17:ef:c8:71:
87:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E3:A0:6D:C7:3A:B7:0D:80:90:56:65:3A:FF:68:83:CF:51:1B:33
X509v3 Authority Key Identifier:
keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/6OOgbcc6tw2AkFZlOv9og89RGzM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
42.204.0.0/14
103.8.204.0/22
112.128.0.0/14
150.242.52.0/22
211.89.0.0/16
211.146.3.0/24
211.156.128.0/19
223.162.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0a:7f:37:c8:88:54:da:25:37:89:4b:72:5e:cf:52:7d:20:dc:
23:37:e4:5a:46:0b:56:83:9d:fc:4a:a6:da:b2:4a:4f:61:66:
d9:95:9c:8c:73:95:3a:cd:70:24:92:e8:3d:70:51:b7:a1:c5:
9e:69:34:eb:cb:44:f7:fd:7d:8c:13:e0:78:20:72:f4:df:2c:
fc:d6:f3:98:61:54:d6:37:3f:13:92:21:15:dc:4e:15:f3:9b:
88:1f:7a:81:4e:69:d3:01:00:c2:bc:9c:cd:da:b9:6c:30:b3:
b7:12:c5:71:4d:cd:0e:82:c0:a3:28:b9:8b:87:22:bb:2f:da:
af:bb:f0:d8:5b:93:a7:16:3d:c5:81:d5:72:7d:fc:07:7a:60:
eb:cb:de:a1:55:c9:6b:2c:3a:57:a9:fc:fa:7b:90:3c:92:29:
71:5b:61:df:1a:fe:40:31:5a:ff:36:d8:a6:29:e3:8f:0c:0c:
69:c5:cf:ca:b2:99:28:7c:d9:29:3d:47:9b:b0:88:7f:85:e4:
f0:de:03:39:5d:8f:83:34:90:a9:42:6a:94:f3:47:15:b4:56:
36:7b:d5:9f:ea:fc:d8:80:49:04:2b:9e:e2:d3:0b:04:1d:ff:
25:7b:aa:0f:5b:b3:f1:66:5b:30:7b:0b:25:58:a2:eb:00:7c:
39:6d:81:37
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgICAKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw
MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNDA1MTYw
ODEyNTZaFw0yNTA0MTUwNzAyNTBaMDMxMTAvBgNVBAMTKEU4RTNBMDZEQzczQUI3
MEQ4MDkwNTY2NTNBRkY2ODgzQ0Y1MTFCMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfOcKSmYmeD4aqWc180L7zfwZacOVon7eKhevHgqA4K1YqkSSg
iuylM7OD8RJpS0ByQAen5TOZZU+xT7SNhGmKhtsqdiWcYKf/3YSAVe+iTa+KpjqU
nkuSb9qk7ruzz1DdO9TW+DSR5Rd3SOSeR9ps+L1C9Y3Ramx51ea/PFLvUw422lBN
GGeIutK7BMakqd+oOICDCR8KXbKkLoX6Jn2e0aK9hWjIrno7KkgnHcmG5T2iOZkY
YKWbficmLXhekbRa1vD6FNMwwsplcAPqSofjnLz4M+NMhibWAD+HzMMMrrFvU4im
pDKOPBeUXBBJ73gWdSzsv0DuJBUBF+/IcYfrAgMBAAGjggIVMIICETAdBgNVHQ4E
FgQU6OOgbcc6tw2AkFZlOv9og89RGzMwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U
IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv
TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy82T09nYmNjNnR3MkFrRlps
T3Y5b2c4OVJHek0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwMC
KswDBAJnCMwDAwJwgAMEApbyNAMDANNZAwQA05IDAwQF05yAAwMB36IwDQYJKoZI
hvcNAQELBQADggEBAAp/N8iIVNolN4lLcl7PUn0g3CM35FpGC1aDnfxKptqySk9h
ZtmVnIxzlTrNcCSS6D1wUbehxZ5pNOvLRPf9fYwT4HggcvTfLPzW85hhVNY3PxOS
IRXcThXzm4gfeoFOadMBAMK8nM3auWwws7cSxXFNzQ6CwKMouYuHIrsv2q+78Nhb
k6cWPcWB1XJ9/Ad6YOvL3qFVyWssOlep/Pp7kDySKXFbYd8a/kAxWv822KYp448M
DGnFz8qymSh82Sk9R5uwiH+F5PDeAzldj4M0kKlCapTzRxW0VjZ71Z/q/NiASQQr
nuLTCwQd/yV7qg9bs/FmWzB7CyVYousAfDltgTc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:55 2025 by rpki-client