Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/E-X3cnOxnzDAMSbOk5pCLUZ7hVk.roa
File: E-X3cnOxnzDAMSbOk5pCLUZ7hVk.roa (raw, json)
Hash identifier: HY8nS3JbcH+U6eQKGRNH2rOxX16KDWHj6FA31vcLj6M=
Subject key identifier: 13:E5:F7:72:73:B1:9F:30:C0:31:26:CE:93:9A:42:2D:46:7B:85:59
Certificate issuer: /CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA
Certificate serial: 14B4
Authority key identifier: B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/E-X3cnOxnzDAMSbOk5pCLUZ7hVk.roa
Signing time: Fri 17 Jan 2025 01:27:22 +0000
ROA not before: Fri 17 Jan 2025 01:27:22 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 37963
IP address blocks: 112.125.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5300 (0x14b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA
Validity
Not Before: Jan 17 01:27:22 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=13E5F77273B19F30C03126CE939A422D467B8559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7a:3c:76:61:ab:ea:22:61:67:57:0b:8a:32:
0b:39:42:c9:ef:4d:86:99:72:56:a3:21:3f:81:bf:
7c:e0:2d:91:29:c3:6f:82:39:14:38:09:46:da:11:
09:6a:51:30:f5:82:a1:14:c4:87:4a:3c:33:ab:15:
e2:04:07:81:0a:64:f6:72:cf:4e:c8:0e:fe:fd:10:
c2:f1:20:54:b1:3b:b6:22:21:60:0c:e9:e2:8a:86:
80:df:e6:69:a6:19:17:f4:df:3f:bb:19:25:8d:e0:
fa:b2:0c:1a:99:2e:8b:88:ac:79:93:9c:3a:b6:26:
58:44:8c:83:7f:82:52:80:76:ce:69:91:6e:75:93:
2d:6f:26:1c:82:bb:4d:8f:18:03:21:2d:d2:d9:0d:
9d:e0:be:cd:04:6c:39:70:fb:ee:e6:4b:f7:8b:b3:
b2:3e:ec:7f:84:df:d7:7d:e7:90:71:e0:96:fd:9f:
59:ef:f8:f2:4e:bd:0b:ee:c7:8f:0f:a0:1a:19:59:
33:3e:4d:35:8d:c4:44:5d:1d:a9:43:32:0e:56:ec:
83:c2:e9:a5:1f:4f:8c:b4:f1:d8:f7:23:4c:1d:81:
d7:e3:22:b6:5d:09:3b:ab:d2:96:b8:ad:9d:f6:1d:
6a:53:16:a6:86:24:40:6f:ef:f8:f6:75:12:80:b6:
3b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:E5:F7:72:73:B1:9F:30:C0:31:26:CE:93:9A:42:2D:46:7B:85:59
X509v3 Authority Key Identifier:
keyid:B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/E-X3cnOxnzDAMSbOk5pCLUZ7hVk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
03:dd:b4:97:42:db:c9:27:09:ae:b7:ee:b4:60:bb:65:47:cb:
f2:ba:96:0c:f4:c8:b2:45:21:3f:6a:29:0e:e6:d3:23:a4:1b:
7f:73:fd:ae:a2:3f:59:8e:8d:e6:ca:1c:74:85:3f:87:c6:8a:
a4:56:6a:70:1a:75:0d:99:c1:25:8a:a3:bf:94:91:a3:2a:37:
f4:3c:c3:ed:56:ad:e3:11:89:b1:e9:74:71:37:8c:4b:a1:60:
4c:54:04:59:c8:53:97:aa:6d:5d:56:99:5f:ea:4a:48:fe:db:
43:93:b9:b9:ef:40:9d:3d:e4:aa:67:9a:f9:ea:6e:ce:dd:4b:
4f:53:6a:9f:e7:b6:74:4e:8f:52:db:7f:43:38:b8:28:e8:50:
d4:7f:cb:6c:0e:06:3e:59:48:8e:f7:eb:80:e7:5a:e4:fb:88:
39:a5:59:ab:d2:67:32:65:85:c0:55:39:59:c9:e4:ec:4e:dc:
7c:d0:51:7e:17:47:9f:01:c3:d0:a7:ac:cf:2d:cb:8a:7b:0d:
2b:ff:5b:dd:8f:fe:f0:d5:5e:e7:52:20:f0:03:7e:75:f3:84:
ab:e4:6d:42:7f:b5:d4:f2:2d:c7:5c:ba:69:5b:99:3e:62:d1:
1a:6c:16:26:0f:71:d9:ad:53:db:e3:10:21:72:09:02:d4:f7:
06:df:94:67
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFLQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjNC
QTZBRUYzQjhGQTJFNUQ5QjVFNDM0MzhFMDAyMEQ0MjZBMUVDQTAeFw0yNTAxMTcw
MTI3MjJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDEzRTVGNzcyNzNCMTlG
MzBDMDMxMjZDRTkzOUE0MjJENDY3Qjg1NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJejx2YavqImFnVwuKMgs5QsnvTYaZclajIT+Bv3zgLZEpw2+C
ORQ4CUbaEQlqUTD1gqEUxIdKPDOrFeIEB4EKZPZyz07IDv79EMLxIFSxO7YiIWAM
6eKKhoDf5mmmGRf03z+7GSWN4PqyDBqZLouIrHmTnDq2JlhEjIN/glKAds5pkW51
ky1vJhyCu02PGAMhLdLZDZ3gvs0EbDlw++7mS/eLs7I+7H+E39d955Bx4Jb9n1nv
+PJOvQvux48PoBoZWTM+TTWNxERdHalDMg5W7IPC6aUfT4y08dj3I0wdgdfjIrZd
CTur0pa4rZ32HWpTFqaGJEBv7/j2dRKAtjsTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUE+X3cnOxnzDAMSbOk5pCLUZ7hVkwHwYDVR0jBBgwFoAUs7pq7zuPouXZteQ0
OOACDUJqHsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3
L3M3cHE3enVQb3VYWnRlUTBPT0FDRFVKcUhzby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvczdwcTd6dVBvdVhadGVRME9PQUNEVUpxSHNvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L0UtWDNjbk94bnpEQU1T
Yk9rNXBDTFVaN2hWay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwfTANBgkqhkiG9w0BAQsFAAOCAQEAA920l0LbyScJrrfutGC7ZUfL8rqWDPTI
skUhP2opDubTI6Qbf3P9rqI/WY6N5socdIU/h8aKpFZqcBp1DZnBJYqjv5SRoyo3
9DzD7Vat4xGJsel0cTeMS6FgTFQEWchTl6ptXVaZX+pKSP7bQ5O5ue9AnT3kqmea
+epuzt1LT1Nqn+e2dE6PUtt/Qzi4KOhQ1H/LbA4GPllIjvfrgOda5PuIOaVZq9Jn
MmWFwFU5Wcnk7E7cfNBRfhdHnwHD0Keszy3LinsNK/9b3Y/+8NVe51Ig8AN+dfOE
q+RtQn+11PItx1y6aVuZPmLRGmwWJg9x2a1T2+MQIXIJAtT3Bt+UZw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:01 2025 by rpki-client