Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/N3DwrOCSm7kSDKPio412jyc7bx4.roa
File: N3DwrOCSm7kSDKPio412jyc7bx4.roa (raw, json)
Hash identifier: qbzcizT++3eiJYl3/M3eLugGKfV9tRlYdrH5zOl184g=
Subject key identifier: 37:70:F0:AC:E0:92:9B:B9:12:0C:A3:E2:A3:8D:76:8F:27:3B:6F:1E
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0C4D
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/N3DwrOCSm7kSDKPio412jyc7bx4.roa
Signing time: Wed 28 Aug 2024 08:53:54 +0000
ROA not before: Wed 28 Aug 2024 08:53:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 62387
IP address blocks: 119.59.244.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3149 (0xc4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Aug 28 08:53:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3770F0ACE0929BB9120CA3E2A38D768F273B6F1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1f:3e:fc:0c:c3:cf:41:1e:6f:6c:64:05:3e:
10:18:e1:3d:ad:27:26:ff:80:83:72:1f:99:15:45:
f8:20:a0:18:4c:44:18:6c:f2:b9:39:7b:85:0b:fe:
74:8a:78:53:75:c4:38:2c:4d:71:78:03:06:22:50:
c6:ba:85:f9:45:7b:ec:4d:78:f9:c2:6e:04:83:df:
4a:5c:c7:5e:7c:bf:93:ae:81:11:f7:cf:b4:78:05:
4a:6f:19:36:c6:5a:5e:40:22:15:e1:d2:d9:5d:2b:
ac:76:40:a1:aa:26:53:e4:51:3d:24:3f:cb:e3:fb:
ee:fb:26:a0:50:85:b8:2a:e3:df:ca:46:de:b8:21:
36:d0:80:89:61:69:14:15:0e:c1:d0:c3:63:e0:02:
1e:5f:5c:68:6b:45:08:0a:ff:fd:64:d7:91:3e:4a:
40:52:e9:c3:98:57:93:84:7a:d9:30:27:36:81:4c:
a8:61:33:15:4e:76:10:77:6c:ee:45:85:b5:f2:bc:
ca:5d:80:5a:25:7e:e0:9d:aa:9f:9e:89:73:03:5f:
76:1a:7f:15:1f:03:eb:ce:90:72:74:ad:0d:4f:0f:
09:43:4f:c8:23:1f:30:eb:49:a3:99:e4:9b:9a:ad:
bc:5f:74:b9:73:a7:f3:30:51:db:91:e0:94:0b:fa:
ad:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:70:F0:AC:E0:92:9B:B9:12:0C:A3:E2:A3:8D:76:8F:27:3B:6F:1E
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/N3DwrOCSm7kSDKPio412jyc7bx4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.59.244.0/22
Signature Algorithm: sha256WithRSAEncryption
91:b6:e0:c9:aa:a1:33:33:e7:a9:16:ca:0a:f2:a0:59:9d:00:
e1:35:2e:eb:ae:58:3d:fd:f1:aa:a4:18:6c:d6:f5:6d:d0:89:
3c:1d:5b:74:15:a1:99:41:6c:f6:53:4d:ee:45:eb:11:c7:43:
be:9f:79:28:58:c5:e3:f4:a7:4c:38:ca:54:17:e7:db:4d:41:
72:0c:fe:56:f7:80:1f:78:db:b8:ef:15:3d:48:b9:e1:50:26:
bf:4e:29:34:fc:a5:ed:21:da:f3:7c:1f:97:c1:9e:f6:8f:7c:
7e:16:13:66:7b:7c:7d:4b:a3:dc:d4:81:68:7b:f2:4b:fd:05:
d2:18:3c:87:7b:7c:f9:5d:3b:2f:8d:b9:84:1a:bb:5f:85:5c:
eb:cf:1f:f6:6b:dd:a5:a0:7b:d8:0b:e2:e0:fc:c9:7a:e6:57:
fe:b6:9f:ed:57:2c:a5:cb:34:d9:03:86:e6:84:7a:48:69:bd:
7f:b0:51:01:1a:49:47:8c:d1:f8:be:08:9c:5f:87:2a:43:ab:
95:b9:56:b4:e9:be:e6:26:9c:f8:e3:2b:ab:b3:fd:11:5a:7f:
4c:d6:db:65:de:f6:a5:17:ea:b5:cf:f2:65:da:da:37:40:0e:
5d:dd:d8:b8:0b:15:00:c5:62:61:43:65:b7:94:cf:a5:92:b1:
4b:4a:54:2e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDE0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw
ODUzNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM3NzBGMEFDRTA5MjlC
QjkxMjBDQTNFMkEzOEQ3NjhGMjczQjZGMUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAHz78DMPPQR5vbGQFPhAY4T2tJyb/gINyH5kVRfggoBhMRBhs
8rk5e4UL/nSKeFN1xDgsTXF4AwYiUMa6hflFe+xNePnCbgSD30pcx158v5OugRH3
z7R4BUpvGTbGWl5AIhXh0tldK6x2QKGqJlPkUT0kP8vj++77JqBQhbgq49/KRt64
ITbQgIlhaRQVDsHQw2PgAh5fXGhrRQgK//1k15E+SkBS6cOYV5OEetkwJzaBTKhh
MxVOdhB3bO5FhbXyvMpdgFolfuCdqp+eiXMDX3YafxUfA+vOkHJ0rQ1PDwlDT8gj
HzDrSaOZ5JuarbxfdLlzp/MwUduR4JQL+q33AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUN3DwrOCSm7kSDKPio412jyc7bx4wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL04zRHdyT0NTbTdrU0RL
UGlvNDEyanljN2J4NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ3O/QwDQYJKoZIhvcNAQELBQADggEBAJG24MmqoTMz56kWygryoFmdAOE1Luuu
WD398aqkGGzW9W3QiTwdW3QVoZlBbPZTTe5F6xHHQ76feShYxeP0p0w4ylQX59tN
QXIM/lb3gB9427jvFT1IueFQJr9OKTT8pe0h2vN8H5fBnvaPfH4WE2Z7fH1Lo9zU
gWh78kv9BdIYPId7fPldOy+NuYQau1+FXOvPH/Zr3aWge9gL4uD8yXrmV/62n+1X
LKXLNNkDhuaEekhpvX+wUQEaSUeM0fi+CJxfhypDq5W5VrTpvuYmnPjjK6uz/RFa
f0zW22Xe9qUX6rXP8mXa2jdADl3d2LgLFQDFYmFDZbeUz6WSsUtKVC4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:06 2025 by rpki-client