Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/1gT41DGJmmD9as8xESyxXtkidlU.roa
File: 1gT41DGJmmD9as8xESyxXtkidlU.roa (raw, json)
Hash identifier: vCEOGTEWEczBNbcj2tYnyF6hlDHUrfCU8W57l6790Eo=
Subject key identifier: D6:04:F8:D4:31:89:9A:60:FD:6A:CF:31:11:2C:B1:5E:D9:22:76:55
Certificate issuer: /CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA
Certificate serial: 123E
Authority key identifier: B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/1gT41DGJmmD9as8xESyxXtkidlU.roa
Signing time: Thu 12 Sep 2024 15:06:59 +0000
ROA not before: Thu 12 Sep 2024 15:06:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 37963
IP address blocks: 112.124.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4670 (0x123e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA
Validity
Not Before: Sep 12 15:06:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D604F8D431899A60FD6ACF31112CB15ED9227655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:91:23:fa:32:43:e0:6d:a0:fb:68:1f:4c:05:
a3:cf:66:47:ff:be:d6:cd:8a:ca:d7:db:bd:4b:dc:
dc:71:71:ee:96:a3:4d:c1:77:d6:e9:36:c9:ce:f8:
aa:fd:ac:fe:a0:3a:d5:12:d4:12:b1:42:7a:c5:69:
e3:f7:0b:24:b9:14:c2:17:03:1b:00:cc:b9:2e:a4:
b1:21:c8:e3:ad:13:0c:a9:d2:7c:5e:0e:82:5c:7a:
60:ff:5a:be:7b:cb:89:41:d5:6c:b1:97:9d:a4:a0:
6f:e5:c6:3f:f4:fd:7c:56:63:7b:be:bf:b4:0e:47:
b8:eb:09:d7:ea:36:f6:61:5f:87:0d:7b:13:e2:cd:
64:8d:14:fd:8a:ea:40:83:78:bd:63:de:1c:bd:fd:
b7:de:7f:31:cb:24:c6:f8:3d:8b:35:e3:cd:7a:56:
98:e8:f8:60:79:42:df:1b:da:55:d9:a5:e1:fe:7d:
25:b6:22:54:a6:35:01:b9:1c:b2:52:2f:e3:42:60:
ea:29:46:b8:cb:70:55:18:92:ba:63:f0:8b:e8:48:
88:39:8c:11:0a:2a:1b:67:69:6e:4d:e2:d2:c9:95:
f4:36:f0:34:4f:77:1e:b6:70:e3:ec:f2:e0:93:5f:
26:56:b7:2c:c9:65:56:43:7a:79:81:da:ab:04:d4:
e1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:04:F8:D4:31:89:9A:60:FD:6A:CF:31:11:2C:B1:5E:D9:22:76:55
X509v3 Authority Key Identifier:
keyid:B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/1gT41DGJmmD9as8xESyxXtkidlU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.124.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3e:2a:67:8e:3b:aa:06:85:23:62:09:7f:49:65:ac:8d:ab:b2:
b8:56:75:2a:0b:f3:89:5a:46:52:ab:eb:69:85:df:42:a3:51:
5e:9e:d6:21:49:35:7d:03:f6:7d:ce:d6:51:30:c2:5d:d7:0a:
9b:52:48:5d:b9:b4:bb:45:6e:49:f6:c3:04:21:c4:7e:d7:75:
c5:0e:6f:44:11:9b:19:41:fc:66:c0:6d:70:fd:62:7d:a9:88:
28:4f:a0:d7:0e:eb:92:fc:c8:96:a7:e9:95:af:97:6e:92:84:
71:c5:fd:52:af:a3:fb:3f:ac:2e:4e:4a:52:1d:b7:1e:f1:ca:
65:83:bc:de:c6:92:25:a7:ab:31:bb:2e:d9:74:9e:83:b5:dc:
2b:b8:5f:bd:cc:5f:28:5d:5f:fd:12:a8:f8:5f:86:9f:c2:57:
94:f6:6f:6e:df:bd:8a:54:59:92:cb:c1:7e:5f:ce:cd:87:91:
f7:89:e1:07:79:7a:04:c8:b4:15:e1:30:9b:ba:20:06:2d:f6:
86:61:67:da:3b:56:9e:31:3d:68:f9:eb:09:6e:13:40:43:75:
26:f5:d9:d9:16:a7:3a:f7:21:41:3c:6a:9a:be:04:a1:38:68:
7c:30:6b:4a:c2:b5:b1:13:84:82:c8:10:97:77:c3:dc:2f:66:
77:b0:6e:0f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEj4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjNC
QTZBRUYzQjhGQTJFNUQ5QjVFNDM0MzhFMDAyMEQ0MjZBMUVDQTAeFw0yNDA5MTIx
NTA2NTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ2MDRGOEQ0MzE4OTlB
NjBGRDZBQ0YzMTExMkNCMTVFRDkyMjc2NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwkSP6MkPgbaD7aB9MBaPPZkf/vtbNisrX271L3Nxxce6Wo03B
d9bpNsnO+Kr9rP6gOtUS1BKxQnrFaeP3CyS5FMIXAxsAzLkupLEhyOOtEwyp0nxe
DoJcemD/Wr57y4lB1Wyxl52koG/lxj/0/XxWY3u+v7QOR7jrCdfqNvZhX4cNexPi
zWSNFP2K6kCDeL1j3hy9/bfefzHLJMb4PYs14816Vpjo+GB5Qt8b2lXZpeH+fSW2
IlSmNQG5HLJSL+NCYOopRrjLcFUYkrpj8IvoSIg5jBEKKhtnaW5N4tLJlfQ28DRP
dx62cOPs8uCTXyZWtyzJZVZDenmB2qsE1OFpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU1gT41DGJmmD9as8xESyxXtkidlUwHwYDVR0jBBgwFoAUs7pq7zuPouXZteQ0
OOACDUJqHsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3
L3M3cHE3enVQb3VYWnRlUTBPT0FDRFVKcUhzby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvczdwcTd6dVBvdVhadGVRME9PQUNEVUpxSHNvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3LzFnVDQxREdKbW1EOWFz
OHhFU3l4WHRraWRsVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwfDANBgkqhkiG9w0BAQsFAAOCAQEAPipnjjuqBoUjYgl/SWWsjauyuFZ1Kgvz
iVpGUqvraYXfQqNRXp7WIUk1fQP2fc7WUTDCXdcKm1JIXbm0u0VuSfbDBCHEftd1
xQ5vRBGbGUH8ZsBtcP1ifamIKE+g1w7rkvzIlqfpla+XbpKEccX9Uq+j+z+sLk5K
Uh23HvHKZYO83saSJaerMbsu2XSeg7XcK7hfvcxfKF1f/RKo+F+Gn8JXlPZvbt+9
ilRZksvBfl/OzYeR94nhB3l6BMi0FeEwm7ogBi32hmFn2jtWnjE9aPnrCW4TQEN1
JvXZ2RanOvchQTxqmr4EoThofDBrSsK1sROEgsgQl3fD3C9md7BuDw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:06:54 2025 by rpki-client