Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3350/bAICBsc2yNpS-hdBUc7C_MQUAq0.roa
File: bAICBsc2yNpS-hdBUc7C_MQUAq0.roa (raw, json)
Hash identifier: lLJZk8Sidva5VoVsEc6PmZ2JWsZGvOEY6Er0Y9R2Euw=
Subject key identifier: 6C:02:02:06:C7:36:C8:DA:52:FA:17:41:51:CE:C2:FC:C4:14:02:AD
Certificate issuer: /CN=1914420AA4D3A908B85E280D5C94D3795ED9029A
Certificate serial: 22
Authority key identifier: 19:14:42:0A:A4:D3:A9:08:B8:5E:28:0D:5C:94:D3:79:5E:D9:02:9A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GRRCCqTTqQi4XigNXJTTeV7ZApo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/bAICBsc2yNpS-hdBUc7C_MQUAq0.roa
Signing time: Wed 12 Feb 2025 12:30:37 +0000
ROA not before: Wed 12 Feb 2025 12:30:37 +0000
ROA not after: Fri 06 Feb 2026 03:05:20 +0000
asID: 18464
IP address blocks: 163.61.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34 (0x22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1914420AA4D3A908B85E280D5C94D3795ED9029A
Validity
Not Before: Feb 12 12:30:37 2025 GMT
Not After : Feb 6 03:05:20 2026 GMT
Subject: CN=6C020206C736C8DA52FA174151CEC2FCC41402AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d5:e1:97:33:36:46:46:a4:5a:c0:1e:4f:c5:
77:f9:1e:1e:2b:20:1d:53:2b:9b:19:fd:35:d2:5b:
0f:46:0a:de:40:4a:b0:02:04:df:00:1d:ad:07:e6:
fc:14:53:af:ff:3a:ce:d9:d0:0e:05:20:24:23:89:
a5:7c:99:ac:fe:12:3b:22:5b:97:f7:fd:d2:0e:49:
d3:a3:db:5e:c0:6f:dd:4d:c8:e0:5e:db:df:ed:21:
be:7c:e0:0a:32:7a:0f:c5:37:01:0d:1c:10:e5:80:
af:a8:31:8f:2b:e2:63:5c:89:32:ac:57:8e:c6:81:
c6:28:a3:15:be:9d:2f:f0:f7:d2:45:1d:fd:0f:cc:
f3:1d:5d:cf:49:5c:46:23:85:1e:c4:c6:77:67:8d:
af:fa:f4:db:a9:d4:0b:72:2c:c7:63:f5:bc:fa:4b:
3e:c0:d2:34:21:59:18:d9:73:cf:f0:fd:97:cd:ae:
76:28:b2:ff:a4:d6:c0:82:0f:9c:18:fe:b7:b1:1f:
d9:53:e4:78:c0:f4:76:5b:f2:9f:b7:67:9d:88:e6:
21:91:0e:91:e1:8a:45:9d:27:ca:f6:cd:35:f2:0a:
85:cf:76:20:c9:f2:65:dc:e1:a5:dc:fc:9c:8f:53:
d0:d4:ca:1c:e5:9c:1d:41:46:ae:7e:11:4d:bc:16:
d4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:02:02:06:C7:36:C8:DA:52:FA:17:41:51:CE:C2:FC:C4:14:02:AD
X509v3 Authority Key Identifier:
keyid:19:14:42:0A:A4:D3:A9:08:B8:5E:28:0D:5C:94:D3:79:5E:D9:02:9A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/GRRCCqTTqQi4XigNXJTTeV7ZApo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GRRCCqTTqQi4XigNXJTTeV7ZApo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/bAICBsc2yNpS-hdBUc7C_MQUAq0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.62.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:b3:1c:56:7c:f8:7c:bd:fd:0a:5c:1a:5f:39:11:84:c1:97:
0a:d8:bb:5f:df:31:0f:a9:2e:b7:95:ca:22:1f:c7:09:fb:ee:
2b:d1:9b:6c:76:2b:9f:e3:eb:dc:5d:e8:a1:79:82:25:03:fe:
43:14:d8:27:48:0a:a9:aa:62:64:63:38:3c:61:d1:5b:f1:96:
e5:eb:6a:9a:37:5a:e4:e6:52:b4:a2:ec:95:1a:ed:ca:8c:b5:
9a:ea:3e:ec:25:4e:f4:c5:5d:2c:ac:9e:5a:27:80:f4:28:1b:
c9:ae:cd:db:e7:64:27:4a:2b:78:fd:32:67:9e:5e:27:47:82:
89:00:bb:8c:3f:15:fc:bf:33:57:15:08:ad:14:5f:00:cd:25:
03:81:03:da:a6:10:69:32:8d:11:96:b6:5e:34:f1:9f:bb:fb:
10:58:31:38:9f:f1:e4:cb:5b:e9:30:b4:cf:e3:8a:29:b6:aa:
52:6c:6d:a6:61:8d:56:55:16:38:e3:39:de:8f:bf:80:b9:80:
35:54:19:9c:47:5f:c4:cf:40:06:fe:60:7f:a7:32:09:51:7f:
cc:dc:7c:dc:27:56:e9:bd:e5:5d:e3:ee:3d:52:ec:f9:c7:3c:
02:48:ff:f8:60:3a:5d:dc:fc:bb:9d:a1:cc:84:ef:26:36:bc:
6a:36:d2:06
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxOTE0
NDIwQUE0RDNBOTA4Qjg1RTI4MEQ1Qzk0RDM3OTVFRDkwMjlBMB4XDTI1MDIxMjEy
MzAzN1oXDTI2MDIwNjAzMDUyMFowMzExMC8GA1UEAxMoNkMwMjAyMDZDNzM2QzhE
QTUyRkExNzQxNTFDRUMyRkNDNDE0MDJBRDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOLV4ZczNkZGpFrAHk/Fd/keHisgHVMrmxn9NdJbD0YK3kBKsAIE
3wAdrQfm/BRTr/86ztnQDgUgJCOJpXyZrP4SOyJbl/f90g5J06PbXsBv3U3I4F7b
3+0hvnzgCjJ6D8U3AQ0cEOWAr6gxjyviY1yJMqxXjsaBxiijFb6dL/D30kUd/Q/M
8x1dz0lcRiOFHsTGd2eNr/r026nUC3Isx2P1vPpLPsDSNCFZGNlzz/D9l82udiiy
/6TWwIIPnBj+t7Ef2VPkeMD0dlvyn7dnnYjmIZEOkeGKRZ0nyvbNNfIKhc92IMny
Zdzhpdz8nI9T0NTKHOWcHUFGrn4RTbwW1B0CAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBRsAgIGxzbI2lL6F0FRzsL8xBQCrTAfBgNVHSMEGDAWgBQZFEIKpNOpCLheKA1c
lNN5XtkCmjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMzUw
L0dSUkNDcVRUcVFpNFhpZ05YSlRUZVY3WkFwby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvR1JSQ0NxVFRxUWk0WGlnTlhKVFRlVjdaQXBvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM1MC9iQUlDQnNjMnlOcFMt
aGRCVWM3Q19NUVVBcTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAoz0+MA0GCSqGSIb3DQEBCwUAA4IBAQAusxxWfPh8vf0KXBpfORGEwZcK2Ltf
3zEPqS63lcoiH8cJ++4r0Ztsdiuf4+vcXeiheYIlA/5DFNgnSAqpqmJkYzg8YdFb
8Zbl62qaN1rk5lK0ouyVGu3KjLWa6j7sJU70xV0srJ5aJ4D0KBvJrs3b52QnSit4
/TJnnl4nR4KJALuMPxX8vzNXFQitFF8AzSUDgQPaphBpMo0RlrZeNPGfu/sQWDE4
n/Hky1vpMLTP44optqpSbG2mYY1WVRY44znej7+AuYA1VBmcR1/Ez0AG/mB/pzIJ
UX/M3HzcJ1bpveVd4+49Uuz5xzwCSP/4YDpd3Py7naHMhO8mNrxqNtIG
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:18 2025 by rpki-client