Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/2xkZrTWLkS9kgnfo_VJ8NgTJn8g.roa
File: 2xkZrTWLkS9kgnfo_VJ8NgTJn8g.roa (raw, json)
Hash identifier: T2cQMW/5FDkDZX9LU0LTsOQwOlZzsLOIDuFdn2CyfZ0=
Subject key identifier: DB:19:19:AD:35:8B:91:2F:64:82:77:E8:FD:52:7C:36:04:C9:9F:C8
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 1073
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/2xkZrTWLkS9kgnfo_VJ8NgTJn8g.roa
Signing time: Thu 20 Feb 2025 05:06:41 +0000
ROA not before: Thu 20 Feb 2025 05:06:41 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 62387
IP address blocks: 101.232.32.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4211 (0x1073)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Feb 20 05:06:41 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=DB1919AD358B912F648277E8FD527C3604C99FC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b9:4c:93:1e:b8:42:9c:69:23:88:07:a2:c0:
d4:ad:42:c0:57:01:ab:fb:16:02:ba:25:dc:23:19:
73:f2:ef:aa:6f:1b:94:da:9e:dd:7f:48:66:8d:a9:
ff:6e:ac:2e:48:25:49:46:84:3e:e3:98:2a:e5:d3:
0d:82:f1:26:87:41:dc:fe:a7:08:a5:57:7b:80:ae:
5c:9d:15:bd:cf:ee:03:3b:04:38:53:42:bf:61:57:
f3:33:2c:f1:55:e4:ae:0c:31:3d:e1:64:9a:ce:69:
81:b3:b0:3e:c5:17:5e:95:61:54:49:fb:ea:c1:ed:
ff:ff:73:d8:ed:0b:b5:be:74:b1:f9:aa:28:5e:03:
62:a5:ba:fc:60:90:bc:b2:3e:ad:c5:38:b6:23:14:
66:26:95:97:b4:3d:1a:23:c7:4c:fb:65:23:f9:5b:
39:eb:f3:e6:04:97:f2:41:ba:44:49:e1:aa:47:c0:
2a:f4:f9:4e:b4:18:9d:1d:3e:9a:2d:4d:cf:2f:81:
8d:57:8c:f4:bb:b9:de:8f:3b:76:04:fc:90:00:cc:
5e:ea:a3:74:ec:6f:61:07:95:e9:49:0f:51:fe:0b:
8b:90:b7:5e:63:92:fc:c4:dd:5c:0e:22:ed:e4:3c:
33:63:c5:db:65:f4:3f:bc:91:c4:1f:36:ea:30:c2:
98:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:19:19:AD:35:8B:91:2F:64:82:77:E8:FD:52:7C:36:04:C9:9F:C8
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/2xkZrTWLkS9kgnfo_VJ8NgTJn8g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.232.32.0/22
Signature Algorithm: sha256WithRSAEncryption
35:87:79:ff:65:b0:72:ac:e9:d1:b7:ee:6b:9e:02:14:19:f5:
10:b9:9a:87:9b:37:fe:0f:4f:b0:39:fa:3e:ab:ae:ff:fe:a7:
45:63:bb:f5:b4:e7:0a:e7:79:91:79:af:7a:15:ad:ba:df:00:
25:49:f4:64:9b:33:b5:d7:80:c0:d2:16:dd:4e:c2:91:60:25:
8b:55:16:4c:a2:78:d2:ba:fb:61:0b:b8:81:b8:0a:a4:1d:97:
f1:35:7d:78:56:aa:27:ac:0c:ea:82:c8:64:28:03:6e:c6:9a:
e0:89:88:81:6e:18:cc:05:8e:ce:ce:89:ae:21:bd:73:6a:38:
ba:45:09:fd:a7:92:7d:2e:01:e6:8b:55:8b:be:9b:63:95:97:
48:6d:12:fc:9a:93:89:31:38:62:b5:32:15:49:b2:46:22:6f:
ef:f2:9a:fb:ae:07:90:ce:8f:eb:c2:eb:af:df:63:70:88:ed:
4f:f8:2c:88:8a:d6:55:eb:a4:60:a2:e4:c1:cb:83:c8:74:33:
7d:f0:2d:92:28:d5:31:17:b7:da:50:c4:bb:84:40:6a:49:05:
8b:19:dc:04:3d:5e:64:b4:44:b2:de:c0:ca:72:66:11:69:5a:
5a:68:d1:95:81:16:de:80:82:f8:64:4c:ac:35:e5:28:bd:76:
08:b1:17:1a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEHMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTAyMjAw
NTA2NDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERCMTkxOUFEMzU4Qjkx
MkY2NDgyNzdFOEZENTI3QzM2MDRDOTlGQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRuUyTHrhCnGkjiAeiwNStQsBXAav7FgK6JdwjGXPy76pvG5Ta
nt1/SGaNqf9urC5IJUlGhD7jmCrl0w2C8SaHQdz+pwilV3uArlydFb3P7gM7BDhT
Qr9hV/MzLPFV5K4MMT3hZJrOaYGzsD7FF16VYVRJ++rB7f//c9jtC7W+dLH5qihe
A2KluvxgkLyyPq3FOLYjFGYmlZe0PRojx0z7ZSP5Wznr8+YEl/JBukRJ4apHwCr0
+U60GJ0dPpotTc8vgY1XjPS7ud6PO3YE/JAAzF7qo3Tsb2EHlelJD1H+C4uQt15j
kvzE3VwOIu3kPDNjxdtl9D+8kcQfNuowwpgdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU2xkZrTWLkS9kgnfo/VJ8NgTJn8gwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzJ4a1pyVFdMa1M5a2du
Zm9fVko4TmdUSm44Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJl6CAwDQYJKoZIhvcNAQELBQADggEBADWHef9lsHKs6dG37mueAhQZ9RC5moeb
N/4PT7A5+j6rrv/+p0Vju/W05wrneZF5r3oVrbrfACVJ9GSbM7XXgMDSFt1OwpFg
JYtVFkyieNK6+2ELuIG4CqQdl/E1fXhWqiesDOqCyGQoA27GmuCJiIFuGMwFjs7O
ia4hvXNqOLpFCf2nkn0uAeaLVYu+m2OVl0htEvyak4kxOGK1MhVJskYib+/ymvuu
B5DOj+vC66/fY3CI7U/4LIiK1lXrpGCi5MHLg8h0M33wLZIo1TEXt9pQxLuEQGpJ
BYsZ3AQ9XmS0RLLewMpyZhFpWlpo0ZWBFt6AgvhkTKw15Si9dgixFxo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:02 2025 by rpki-client