Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/v8oGHaQC-2SPL61Ew29_UWSFTOg.roa
File: v8oGHaQC-2SPL61Ew29_UWSFTOg.roa (raw, json)
Hash identifier: kcT+IcPq5hj6tVvBJsnmqWUnCHnXXENV0X4uz5E63Qo=
Subject key identifier: BF:CA:06:1D:A4:02:FB:64:8F:2F:AD:44:C3:6F:7F:51:64:85:4C:E8
Certificate issuer: /CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA
Certificate serial: 1240
Authority key identifier: B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/v8oGHaQC-2SPL61Ew29_UWSFTOg.roa
Signing time: Thu 12 Sep 2024 15:06:59 +0000
ROA not before: Thu 12 Sep 2024 15:06:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 37963
IP address blocks: 112.127.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4672 (0x1240)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA
Validity
Not Before: Sep 12 15:06:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BFCA061DA402FB648F2FAD44C36F7F5164854CE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:88:dd:5b:90:77:3b:e4:9d:ba:f0:1e:ee:31:
31:8c:91:2e:4a:36:e6:90:39:92:ad:85:eb:5b:6a:
a8:4e:df:ce:ac:59:3d:5b:6f:46:cc:9a:e2:68:e9:
94:86:94:7a:a5:35:ec:69:fb:5c:30:28:23:e8:69:
56:e0:71:d0:a2:39:10:d1:a0:7a:8d:67:86:a5:cc:
54:2a:df:8c:54:f1:05:3c:7d:82:8e:8c:ce:1d:03:
38:2c:6c:e2:8e:44:5b:5e:e5:f4:e5:25:0d:28:c0:
bc:77:1d:11:6d:96:46:21:86:4f:27:34:29:b7:ed:
f7:8a:d3:21:29:2b:69:f4:d8:ba:e7:69:dc:b3:1d:
99:8a:b1:1a:4d:12:22:aa:d3:4b:fc:28:90:f5:f0:
2b:9c:3b:d0:4c:c8:6d:dc:b7:1a:f1:c4:83:f3:bb:
c7:e2:49:4f:53:44:98:ca:36:d4:89:27:b0:d1:c3:
d7:a3:67:e9:a5:4e:49:30:a3:0e:56:ae:54:4a:a1:
96:4b:a1:4f:16:e7:2b:cd:62:ae:0e:6e:92:e8:fb:
1b:d4:2d:5d:36:9e:44:8c:06:6f:c1:fe:9c:b3:c6:
49:b4:e8:fd:28:63:ab:be:ba:73:a9:fd:cf:bf:55:
32:6b:f5:1b:27:27:d7:0c:94:b7:6d:af:86:c5:85:
ea:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CA:06:1D:A4:02:FB:64:8F:2F:AD:44:C3:6F:7F:51:64:85:4C:E8
X509v3 Authority Key Identifier:
keyid:B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/v8oGHaQC-2SPL61Ew29_UWSFTOg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:d5:0d:7b:4d:6c:02:ca:5d:b8:f2:30:eb:5f:36:53:0e:69:
8a:7b:10:e1:d7:c8:18:8e:b9:42:4c:b0:e2:bf:25:c0:df:70:
17:98:7e:4a:a8:80:a8:59:fe:5f:03:6a:e0:7c:c0:f6:57:71:
4a:86:f3:0f:90:59:22:78:be:91:ba:46:50:ec:c5:21:b5:00:
c4:fb:f7:d1:6a:28:b5:76:54:c9:ec:c8:35:c9:ac:82:40:8b:
20:f7:04:1a:29:4d:1b:4d:44:26:ba:c1:7c:0f:4d:53:fb:37:
5f:29:d0:12:32:1c:e0:aa:a8:73:a6:72:be:03:e7:32:8e:17:
df:65:72:fd:51:51:fc:c9:af:57:98:85:87:e0:59:d6:7c:52:
c3:c5:64:e0:9a:dd:4e:3c:36:43:25:d2:e9:fb:05:83:ff:cd:
71:1b:2f:f3:7a:8c:c5:4b:0e:e6:79:35:20:91:41:77:b4:8d:
7c:49:ab:c8:f2:fa:bc:99:48:5a:eb:33:cd:84:35:94:e8:49:
cb:15:0c:17:e3:97:af:63:ff:3a:b9:5c:f5:3f:6d:ca:69:5f:
75:47:08:81:53:9a:54:50:a0:8e:16:55:23:a1:ac:86:82:12:
cc:13:70:0e:be:cf:7d:b7:6c:d0:ce:21:72:6e:66:a1:e7:b3:
3f:7d:1c:dc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEkAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjNC
QTZBRUYzQjhGQTJFNUQ5QjVFNDM0MzhFMDAyMEQ0MjZBMUVDQTAeFw0yNDA5MTIx
NTA2NTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJGQ0EwNjFEQTQwMkZC
NjQ4RjJGQUQ0NEMzNkY3RjUxNjQ4NTRDRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMiN1bkHc75J268B7uMTGMkS5KNuaQOZKthetbaqhO386sWT1b
b0bMmuJo6ZSGlHqlNexp+1wwKCPoaVbgcdCiORDRoHqNZ4alzFQq34xU8QU8fYKO
jM4dAzgsbOKORFte5fTlJQ0owLx3HRFtlkYhhk8nNCm37feK0yEpK2n02Lrnadyz
HZmKsRpNEiKq00v8KJD18CucO9BMyG3ctxrxxIPzu8fiSU9TRJjKNtSJJ7DRw9ej
Z+mlTkkwow5WrlRKoZZLoU8W5yvNYq4ObpLo+xvULV02nkSMBm/B/pyzxkm06P0o
Y6u+unOp/c+/VTJr9RsnJ9cMlLdtr4bFher3AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUv8oGHaQC+2SPL61Ew29/UWSFTOgwHwYDVR0jBBgwFoAUs7pq7zuPouXZteQ0
OOACDUJqHsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3
L3M3cHE3enVQb3VYWnRlUTBPT0FDRFVKcUhzby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvczdwcTd6dVBvdVhadGVRME9PQUNEVUpxSHNvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L3Y4b0dIYVFDLTJTUEw2
MUV3MjlfVVdTRlRPZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwfzANBgkqhkiG9w0BAQsFAAOCAQEAAtUNe01sAspduPIw6182Uw5pinsQ4dfI
GI65Qkyw4r8lwN9wF5h+SqiAqFn+XwNq4HzA9ldxSobzD5BZIni+kbpGUOzFIbUA
xPv30WootXZUyezINcmsgkCLIPcEGilNG01EJrrBfA9NU/s3XynQEjIc4Kqoc6Zy
vgPnMo4X32Vy/VFR/MmvV5iFh+BZ1nxSw8Vk4JrdTjw2QyXS6fsFg//NcRsv83qM
xUsO5nk1IJFBd7SNfEmryPL6vJlIWuszzYQ1lOhJyxUMF+OXr2P/Orlc9T9tymlf
dUcIgVOaVFCgjhZVI6GshoISzBNwDr7Pfbds0M4hcm5moeezP30c3A==
-----END CERTIFICATE-----
Generated at Thu Apr 10 01:27:54 2025 by rpki-client