Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/54F3hRBb6UQHd9RW9mnsWmJ_rjk.roa
File: 54F3hRBb6UQHd9RW9mnsWmJ_rjk.roa (raw, json)
Hash identifier: xsSrDQjTVw3sznUU/bKbSAlPGsG/LDIUXNdAk67BeGU=
Subject key identifier: E7:81:77:85:10:5B:E9:44:07:77:D4:56:F6:69:EC:5A:62:7F:AE:39
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 1021
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/54F3hRBb6UQHd9RW9mnsWmJ_rjk.roa
Signing time: Wed 05 Feb 2025 09:37:20 +0000
ROA not before: Wed 05 Feb 2025 09:37:20 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 62387
IP address blocks: 101.232.52.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4129 (0x1021)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Feb 5 09:37:20 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=E7817785105BE9440777D456F669EC5A627FAE39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:0d:db:21:5c:83:7f:cf:50:1f:89:5c:01:91:
8f:dc:4b:eb:c2:6f:07:91:86:fe:0b:c4:31:60:eb:
b4:9b:e6:70:a1:fc:2e:eb:b1:80:b8:c0:9b:63:6d:
01:c0:01:4a:47:f7:4f:9f:5b:ef:05:0f:b1:3b:92:
aa:eb:d6:bd:96:34:06:71:54:9b:1d:51:99:17:11:
11:73:70:10:87:14:67:11:0e:c9:f3:24:35:34:bc:
a1:5b:6e:40:25:7c:43:6e:49:8f:c7:82:17:5b:d8:
be:75:61:db:02:b2:80:44:28:02:23:d6:e2:ac:ce:
72:3e:84:c1:59:bb:84:c4:d8:53:14:20:7d:a0:be:
b7:0c:0a:c3:8d:8c:04:2e:23:74:d7:dc:de:e9:6f:
ca:4d:a3:56:72:4d:c7:f0:7d:e3:b1:64:39:3d:0b:
87:05:64:5a:7e:4a:6c:20:d7:2d:32:5e:7a:f7:5e:
fc:f9:96:1d:7b:20:f2:3f:10:e2:c3:c3:bb:af:83:
c9:6e:73:ee:60:e1:a5:fb:3f:a7:62:7f:2b:44:8b:
9d:7b:2a:ba:f4:6a:cb:a1:35:e9:f4:5b:a9:a9:bd:
01:0d:91:ca:c0:6e:5f:eb:2d:c2:cc:9b:1b:aa:07:
18:0b:be:a8:37:86:93:f3:80:5f:b4:b8:fa:e1:17:
3d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:81:77:85:10:5B:E9:44:07:77:D4:56:F6:69:EC:5A:62:7F:AE:39
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/54F3hRBb6UQHd9RW9mnsWmJ_rjk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.232.52.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:a1:8a:7b:96:ff:ef:6f:3f:f1:be:2c:39:f0:35:48:34:f6:
22:fd:df:77:cb:34:8d:2e:ad:9e:74:6b:cf:90:72:ca:af:36:
3e:83:9a:38:74:27:fc:a4:cf:1f:56:33:dc:b4:20:4b:79:66:
94:86:2a:9d:37:81:c7:73:49:8d:ba:d3:bd:3f:52:42:a3:3a:
06:5c:c3:ac:09:5a:62:ca:d2:e4:f6:4b:c7:5b:92:58:96:50:
de:e1:bf:4e:ca:c9:50:72:cc:05:3d:dd:64:fd:4c:f0:df:9c:
8f:de:2f:21:2f:d7:f9:f9:f1:b9:60:c9:40:52:3f:c4:93:2f:
e9:5a:9e:e8:39:87:a0:7e:30:32:ff:19:0b:de:bf:5e:ee:bf:
e0:8c:c5:4d:66:fa:fd:62:56:e2:81:b2:31:9e:33:df:e8:34:
70:a5:d3:e7:f6:08:6f:96:0b:83:17:40:4d:0e:4e:78:00:19:
04:22:ab:9c:e6:bf:2c:a5:04:9b:91:da:d1:af:b2:80:c9:87:
49:44:4c:0e:6f:e0:2c:1a:62:05:e3:ba:e9:ce:d5:74:97:2f:
9f:ee:0d:38:44:67:a9:31:da:a6:34:9c:b1:8c:29:d0:7d:dc:
05:63:73:85:9b:64:1e:6d:cf:97:f4:f6:4c:19:69:31:f1:66:
20:a8:de:56
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICECEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTAyMDUw
OTM3MjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEU3ODE3Nzg1MTA1QkU5
NDQwNzc3RDQ1NkY2NjlFQzVBNjI3RkFFMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1DdshXIN/z1AfiVwBkY/cS+vCbweRhv4LxDFg67Sb5nCh/C7r
sYC4wJtjbQHAAUpH90+fW+8FD7E7kqrr1r2WNAZxVJsdUZkXERFzcBCHFGcRDsnz
JDU0vKFbbkAlfENuSY/Hghdb2L51YdsCsoBEKAIj1uKsznI+hMFZu4TE2FMUIH2g
vrcMCsONjAQuI3TX3N7pb8pNo1ZyTcfwfeOxZDk9C4cFZFp+Smwg1y0yXnr3Xvz5
lh17IPI/EOLDw7uvg8luc+5g4aX7P6difytEi517Krr0asuhNen0W6mpvQENkcrA
bl/rLcLMmxuqBxgLvqg3hpPzgF+0uPrhFz27AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU54F3hRBb6UQHd9RW9mnsWmJ/rjkwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzU0RjNoUkJiNlVRSGQ5
Ulc5bW5zV21KX3Jqay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJl6DQwDQYJKoZIhvcNAQELBQADggEBADqhinuW/+9vP/G+LDnwNUg09iL933fL
NI0urZ50a8+QcsqvNj6Dmjh0J/ykzx9WM9y0IEt5ZpSGKp03gcdzSY26070/UkKj
OgZcw6wJWmLK0uT2S8dbkliWUN7hv07KyVByzAU93WT9TPDfnI/eLyEv1/n58blg
yUBSP8STL+lanug5h6B+MDL/GQvev17uv+CMxU1m+v1iVuKBsjGeM9/oNHCl0+f2
CG+WC4MXQE0OTngAGQQiq5zmvyylBJuR2tGvsoDJh0lETA5v4CwaYgXjuunO1XSX
L5/uDThEZ6kx2qY0nLGMKdB93AVjc4WbZB5tz5f09kwZaTHxZiCo3lY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:11 2025 by rpki-client