Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/332/Umnc3rXG56J9LhIscKLpK4uF_ZU.roa
File: Umnc3rXG56J9LhIscKLpK4uF_ZU.roa (raw, json)
Hash identifier: Mp7ZeLTnXs8lzA5d1yRLEdcS6KzF3OmPGvZrf85d9xQ=
Subject key identifier: 52:69:DC:DE:B5:C6:E7:A2:7D:2E:12:2C:70:A2:E9:2B:8B:85:FD:95
Certificate issuer: /CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Certificate serial: 1FAF
Authority key identifier: 86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/Umnc3rXG56J9LhIscKLpK4uF_ZU.roa
Signing time: Fri 17 Jan 2025 01:30:13 +0000
ROA not before: Fri 17 Jan 2025 01:30:13 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24424
IP address blocks: 203.208.32.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8111 (0x1faf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Validity
Not Before: Jan 17 01:30:13 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=5269DCDEB5C6E7A27D2E122C70A2E92B8B85FD95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7c:0d:c5:f1:a7:a6:f9:f4:9e:20:a9:f2:3e:
ef:a2:d2:36:ad:e3:2f:3f:ca:8c:05:a2:c1:6e:30:
49:f3:a6:01:c3:78:24:ee:bf:59:b3:aa:6f:8f:16:
bd:dc:b1:22:3e:c6:c2:a5:3c:d6:f8:cd:1d:1f:a1:
c9:e5:9f:00:13:37:a7:91:ca:9e:b0:88:af:8c:a9:
0e:db:a9:d2:4c:b3:4d:f4:c7:75:3d:bb:ba:42:ea:
0b:c5:9f:a9:e5:6c:b7:a5:06:42:12:45:73:4a:e8:
22:8a:88:ec:44:c8:8e:c0:b6:94:f0:ce:2d:53:d1:
c7:0d:18:f1:65:5c:02:11:75:53:fd:da:5b:19:84:
13:e4:28:77:e7:63:77:29:ba:37:12:b2:a0:c8:95:
b8:0c:4c:1c:e3:fd:f8:c5:8a:2f:a8:83:61:22:93:
c0:bc:f1:ba:15:23:02:1b:2e:df:5c:d6:e4:e6:20:
07:b0:9d:f6:13:59:f3:74:f5:c8:d3:0e:7a:cb:67:
db:7d:55:10:a2:a9:2c:3a:f3:bf:75:10:ac:05:8e:
2a:60:32:c8:f9:28:98:de:88:bc:03:15:24:ad:0e:
a7:22:79:c3:9e:f8:1d:a7:54:eb:83:8b:2c:a5:55:
17:d1:70:46:81:13:ac:ae:16:6e:37:48:40:d8:e0:
d0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:69:DC:DE:B5:C6:E7:A2:7D:2E:12:2C:70:A2:E9:2B:8B:85:FD:95
X509v3 Authority Key Identifier:
keyid:86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/hkbqdDVucErt0WPsqU5aRCMI33g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/Umnc3rXG56J9LhIscKLpK4uF_ZU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.208.32.0/19
Signature Algorithm: sha256WithRSAEncryption
c4:63:10:e3:80:6a:71:39:17:5b:1f:07:54:92:fa:12:46:6c:
06:7c:f4:79:87:f2:40:28:81:c2:08:80:f5:65:f4:fd:9e:21:
70:a6:df:8d:b8:c0:f2:41:9b:1b:1d:6b:10:6f:30:c0:f0:00:
56:0f:17:75:25:a0:f3:67:f4:e7:30:bd:63:43:0c:6d:62:80:
ed:bc:77:77:64:0e:64:0d:2a:77:1f:28:20:ad:19:09:96:cc:
39:6b:e7:d7:11:db:42:a0:8e:a5:7b:50:d6:83:47:36:37:f3:
1e:4a:1d:c2:43:ca:7f:26:92:34:f5:bc:95:c7:7a:cb:68:ce:
18:d2:96:f5:66:33:01:7c:6e:a9:ce:2a:b6:6c:2c:08:21:c5:
61:59:32:b9:ca:32:9a:da:4f:42:b2:f0:84:c0:1e:99:c9:3e:
78:d4:ef:26:d9:56:1b:f9:68:af:6b:58:84:63:62:d3:64:77:
e8:48:f0:b0:7f:f4:33:a1:c4:90:88:0b:7c:90:8e:ef:79:36:
e6:d6:67:99:fe:65:38:7e:30:4d:9b:5d:71:f6:63:d1:48:e4:
a2:37:ad:09:93:a5:dc:81:a2:fe:ce:07:48:99:f3:48:20:49:
4d:65:1e:df:4c:6b:b6:c4:eb:f7:ae:a2:f7:fd:51:a9:d5:1a:
cb:89:06:5b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICH68wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODY0
NkVBNzQzNTZFNzA0QUVERDE2M0VDQTk0RTVBNDQyMzA4REY3ODAeFw0yNTAxMTcw
MTMwMTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDUyNjlEQ0RFQjVDNkU3
QTI3RDJFMTIyQzcwQTJFOTJCOEI4NUZEOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKfA3F8aem+fSeIKnyPu+i0jat4y8/yowFosFuMEnzpgHDeCTu
v1mzqm+PFr3csSI+xsKlPNb4zR0focnlnwATN6eRyp6wiK+MqQ7bqdJMs030x3U9
u7pC6gvFn6nlbLelBkISRXNK6CKKiOxEyI7AtpTwzi1T0ccNGPFlXAIRdVP92lsZ
hBPkKHfnY3cpujcSsqDIlbgMTBzj/fjFii+og2Eik8C88boVIwIbLt9c1uTmIAew
nfYTWfN09cjTDnrLZ9t9VRCiqSw68791EKwFjipgMsj5KJjeiLwDFSStDqciecOe
+B2nVOuDiyylVRfRcEaBE6yuFm43SEDY4NB1AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUUmnc3rXG56J9LhIscKLpK4uF/ZUwHwYDVR0jBBgwFoAUhkbqdDVucErt0WPs
qU5aRCMI33gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy
L2hrYnFkRFZ1Y0VydDBXUHNxVTVhUkNNSTMzZy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaGticWREVnVjRXJ0MFdQc3FVNWFSQ01JMzNnLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMyL1VtbmMzclhHNTZKOUxo
SXNjS0xwSzR1Rl9aVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAXL0CAwDQYJKoZIhvcNAQELBQADggEBAMRjEOOAanE5F1sfB1SS+hJGbAZ89HmH
8kAogcIIgPVl9P2eIXCm3424wPJBmxsdaxBvMMDwAFYPF3UloPNn9OcwvWNDDG1i
gO28d3dkDmQNKncfKCCtGQmWzDlr59cR20KgjqV7UNaDRzY38x5KHcJDyn8mkjT1
vJXHestozhjSlvVmMwF8bqnOKrZsLAghxWFZMrnKMpraT0Ky8ITAHpnJPnjU7ybZ
Vhv5aK9rWIRjYtNkd+hI8LB/9DOhxJCIC3yQju95NubWZ5n+ZTh+ME2bXXH2Y9FI
5KI3rQmTpdyBov7OB0iZ80ggSU1lHt9Ma7bE6/euovf9UanVGsuJBls=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:45:56 2025 by rpki-client