Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/Bza58ss-4JUQhHxFuPhJj85INLI.roa
File: Bza58ss-4JUQhHxFuPhJj85INLI.roa (raw, json)
Hash identifier: H0B4wUHoC4mfs2yi8t17ZRT7PkDxlTqbRPrNqlNq2DQ=
Subject key identifier: 07:36:B9:F2:CB:3E:E0:95:10:84:7C:45:B8:F8:49:8F:CE:48:34:B2
Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA
Certificate serial: 0653
Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/Bza58ss-4JUQhHxFuPhJj85INLI.roa
Signing time: Tue 04 Mar 2025 06:58:42 +0000
ROA not before: Tue 04 Mar 2025 06:58:42 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 7641
IP address blocks: 223.162.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1619 (0x653)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA
Validity
Not Before: Mar 4 06:58:42 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=0736B9F2CB3EE09510847C45B8F8498FCE4834B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c5:10:36:b1:7d:43:b7:3d:fb:49:a2:b7:5a:
16:df:be:c0:5d:93:de:32:28:b6:fa:7a:a0:da:56:
c1:24:60:29:cb:14:e3:25:fd:fa:a3:b7:97:3e:ad:
fb:80:cc:78:49:28:24:c6:4d:b1:5f:88:45:63:a9:
a7:4b:89:94:da:28:04:ac:e2:5d:68:18:05:9b:30:
4f:20:2b:3f:87:10:62:7c:d2:29:b6:2b:f6:65:bb:
10:19:91:98:aa:3f:e1:b6:66:c2:35:19:d0:ae:0b:
60:52:4f:47:f3:4c:a5:61:e0:21:b9:80:7f:d6:b4:
8d:f0:9d:6b:23:91:48:94:40:67:0f:f2:10:f6:8f:
25:be:82:2c:20:42:31:06:3e:06:c9:0b:21:58:c7:
b7:8d:17:35:e6:19:ea:3c:f3:e2:59:88:74:92:bc:
36:39:37:d2:8d:70:10:bc:e3:0a:8d:10:b0:14:59:
07:f8:0d:4f:7d:ff:02:80:4a:fb:55:18:3b:6b:a1:
0c:e6:92:19:9f:19:b2:05:13:7d:e5:3c:21:cb:93:
09:2d:5b:50:64:3f:03:35:e7:12:3a:4f:81:62:6e:
3d:f5:5b:53:ce:51:0f:ef:80:3b:8c:36:24:dd:85:
f3:f5:98:48:5d:23:8d:97:e2:63:69:32:59:4c:0c:
47:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:36:B9:F2:CB:3E:E0:95:10:84:7C:45:B8:F8:49:8F:CE:48:34:B2
X509v3 Authority Key Identifier:
keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/Bza58ss-4JUQhHxFuPhJj85INLI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.162.0.0/15
Signature Algorithm: sha256WithRSAEncryption
17:a2:5f:13:2a:b6:58:5e:1f:88:2a:06:57:44:05:cb:0e:c7:
44:e1:aa:03:3b:7f:a6:b1:5b:99:88:2b:51:05:33:5c:bd:34:
c9:65:06:86:0c:45:8f:1d:9f:86:af:8d:84:86:c0:9d:d2:2e:
38:0c:57:a9:41:f3:7e:c0:9b:f0:c0:31:51:f3:3f:e0:28:dd:
7a:01:8e:63:54:90:d5:e9:60:b6:72:98:6c:b9:61:f5:91:5d:
7c:55:44:b0:ef:84:0e:09:dc:e9:c2:4f:61:44:a0:d4:16:81:
87:78:8a:0d:9b:3e:40:4a:5b:18:11:b2:be:bd:45:fd:e1:d1:
5d:52:84:41:a0:46:9a:05:27:f2:86:c0:cb:bc:8e:69:37:2e:
04:4b:ef:21:d6:4c:d9:d3:0e:b5:d8:40:54:93:5a:62:63:c0:
c5:d6:e4:b7:d9:23:25:13:14:c8:7f:30:eb:e6:36:5b:43:9e:
d9:32:ff:46:10:55:5f:f8:c5:e2:60:92:18:2a:c6:df:29:be:
ef:bb:f6:15:a4:4c:7d:51:65:c7:bc:41:06:8a:61:5c:bb:62:
3c:3b:02:80:12:bb:96:33:68:07:48:a8:23:73:3e:76:2a:4f:
f2:70:4b:16:63:df:2b:b2:e3:b5:e3:9e:2a:eb:16:60:ff:e3:
67:11:03:18
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBlMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw
MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTAzMDQw
NjU4NDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDA3MzZCOUYyQ0IzRUUw
OTUxMDg0N0M0NUI4Rjg0OThGQ0U0ODM0QjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCxRA2sX1Dtz37SaK3WhbfvsBdk94yKLb6eqDaVsEkYCnLFOMl
/fqjt5c+rfuAzHhJKCTGTbFfiEVjqadLiZTaKASs4l1oGAWbME8gKz+HEGJ80im2
K/ZluxAZkZiqP+G2ZsI1GdCuC2BST0fzTKVh4CG5gH/WtI3wnWsjkUiUQGcP8hD2
jyW+giwgQjEGPgbJCyFYx7eNFzXmGeo88+JZiHSSvDY5N9KNcBC84wqNELAUWQf4
DU99/wKASvtVGDtroQzmkhmfGbIFE33lPCHLkwktW1BkPwM15xI6T4Fibj31W1PO
UQ/vgDuMNiTdhfP1mEhdI42X4mNpMllMDEexAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBza58ss+4JUQhHxFuPhJj85INLIwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U
IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv
TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9CemE1OHNzLTRKVVFoSHhG
dVBoSmo4NUlOTEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMB
36IwDQYJKoZIhvcNAQELBQADggEBABeiXxMqtlheH4gqBldEBcsOx0ThqgM7f6ax
W5mIK1EFM1y9NMllBoYMRY8dn4avjYSGwJ3SLjgMV6lB837Am/DAMVHzP+Ao3XoB
jmNUkNXpYLZymGy5YfWRXXxVRLDvhA4J3OnCT2FEoNQWgYd4ig2bPkBKWxgRsr69
Rf3h0V1ShEGgRpoFJ/KGwMu8jmk3LgRL7yHWTNnTDrXYQFSTWmJjwMXW5LfZIyUT
FMh/MOvmNltDntky/0YQVV/4xeJgkhgqxt8pvu+79hWkTH1RZce8QQaKYVy7Yjw7
AoASu5YzaAdIqCNzPnYqT/JwSxZj3yuy47XjnirrFmD/42cRAxg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:35:16 2025 by rpki-client