Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/xELsDwOEjMpbJ2v6QXudwkTBEXM.roa
File: xELsDwOEjMpbJ2v6QXudwkTBEXM.roa (raw, json)
Hash identifier: 8IHGdfpyspT3bvcHLJiP4yF48+QU9ekIHg07KdVWB7Y=
Subject key identifier: C4:42:EC:0F:03:84:8C:CA:5B:27:6B:FA:41:7B:9D:C2:44:C1:11:73
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 1079
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xELsDwOEjMpbJ2v6QXudwkTBEXM.roa
Signing time: Thu 20 Feb 2025 05:07:18 +0000
ROA not before: Thu 20 Feb 2025 05:07:18 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 62387
IP address blocks: 101.232.60.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4217 (0x1079)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Feb 20 05:07:18 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=C442EC0F03848CCA5B276BFA417B9DC244C11173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:59:21:07:39:bd:ec:1f:7b:d9:7f:eb:52:b7:
31:ee:87:b1:46:3a:5f:8c:40:23:8a:2b:c3:5f:8b:
23:6f:e5:7b:e6:85:37:5c:b0:c7:bd:65:09:1c:b2:
41:00:41:5b:b2:a3:b4:38:04:99:4a:c4:69:ac:b4:
78:6b:dd:98:8f:74:17:71:e1:0d:6d:13:23:13:3d:
be:0f:04:3c:8b:7f:da:7a:53:13:38:11:59:59:76:
2a:c5:fb:1d:2b:aa:34:34:1d:0a:dc:0a:58:ca:d9:
25:2d:5e:48:11:95:60:8f:cc:4a:50:d1:59:65:49:
28:1f:5c:e7:c1:eb:68:36:aa:b3:81:81:1e:32:58:
aa:8b:34:4c:b0:d6:f5:d1:5c:d0:62:02:80:c3:ff:
40:74:bf:97:10:88:b3:11:eb:0d:80:32:56:68:09:
c5:ac:51:6b:86:db:fd:34:e7:31:59:ff:f1:41:99:
ad:98:b3:59:00:ac:cf:a3:da:48:52:c3:08:ae:b5:
1b:3e:7b:b8:7b:64:64:99:0a:f8:a7:8c:3b:14:b8:
13:ab:9d:61:3c:7d:26:a3:d0:19:74:46:b1:fd:c4:
05:dc:05:0a:04:ac:9f:6c:31:41:2e:35:3e:e9:4b:
c8:51:7c:a7:6a:25:78:2c:d4:02:c8:1d:85:43:c9:
e0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:42:EC:0F:03:84:8C:CA:5B:27:6B:FA:41:7B:9D:C2:44:C1:11:73
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xELsDwOEjMpbJ2v6QXudwkTBEXM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.232.60.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:d2:04:70:5c:f7:30:c3:a0:4f:b0:b9:c9:c4:7b:2e:b2:e2:
a2:96:f6:13:78:8b:0e:96:63:01:14:6e:c8:e2:c5:d8:4e:e1:
b5:96:0a:c3:02:84:34:3d:94:70:c9:db:97:78:c2:1a:de:4c:
cd:2b:c7:42:39:ce:a2:bb:36:5d:ad:45:fd:6e:a6:dc:b6:78:
03:3d:a5:41:58:a0:ef:0d:d6:80:90:1d:b7:24:a9:65:7c:5d:
fa:f1:87:c6:10:5c:bb:9f:91:1d:2e:7e:7d:40:21:1d:06:f6:
45:9d:47:d5:6f:0a:33:9d:35:b2:6f:89:40:10:01:6d:b3:a8:
8c:b2:37:4a:c0:dc:2b:66:4e:0a:5f:24:4b:c2:e5:1f:65:9c:
0c:89:ce:02:21:23:39:ac:ee:87:3d:bf:4b:6f:ae:57:b3:f0:
6e:a7:5c:23:34:e8:24:e9:6e:8f:a4:84:98:61:96:49:7a:58:
18:e0:d8:68:af:86:d0:64:1c:e1:de:26:d3:b7:c3:1e:40:aa:
00:b9:4b:3f:bb:00:8c:e1:8c:e7:f9:a5:51:f9:fc:a7:c4:31:
25:fd:46:de:a9:58:48:0c:af:5a:29:88:28:0a:e8:d0:43:8a:
25:15:40:da:75:ef:9d:a1:8b:53:fe:d9:50:1b:e1:e0:8a:2a:
11:2b:0f:be
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEHkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTAyMjAw
NTA3MThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM0NDJFQzBGMDM4NDhD
Q0E1QjI3NkJGQTQxN0I5REMyNDRDMTExNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDpWSEHOb3sH3vZf+tStzHuh7FGOl+MQCOKK8NfiyNv5XvmhTdc
sMe9ZQkcskEAQVuyo7Q4BJlKxGmstHhr3ZiPdBdx4Q1tEyMTPb4PBDyLf9p6UxM4
EVlZdirF+x0rqjQ0HQrcCljK2SUtXkgRlWCPzEpQ0VllSSgfXOfB62g2qrOBgR4y
WKqLNEyw1vXRXNBiAoDD/0B0v5cQiLMR6w2AMlZoCcWsUWuG2/005zFZ//FBma2Y
s1kArM+j2khSwwiutRs+e7h7ZGSZCvinjDsUuBOrnWE8fSaj0Bl0RrH9xAXcBQoE
rJ9sMUEuNT7pS8hRfKdqJXgs1ALIHYVDyeCPAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUxELsDwOEjMpbJ2v6QXudwkTBEXMwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL3hFTHNEd09Fak1wYkoy
djZRWHVkd2tUQkVYTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJl6DwwDQYJKoZIhvcNAQELBQADggEBAG3SBHBc9zDDoE+wucnEey6y4qKW9hN4
iw6WYwEUbsjixdhO4bWWCsMChDQ9lHDJ25d4whreTM0rx0I5zqK7Nl2tRf1upty2
eAM9pUFYoO8N1oCQHbckqWV8Xfrxh8YQXLufkR0ufn1AIR0G9kWdR9VvCjOdNbJv
iUAQAW2zqIyyN0rA3CtmTgpfJEvC5R9lnAyJzgIhIzms7oc9v0tvrlez8G6nXCM0
6CTpbo+khJhhlkl6WBjg2GivhtBkHOHeJtO3wx5AqgC5Sz+7AIzhjOf5pVH5/KfE
MSX9Rt6pWEgMr1opiCgK6NBDiiUVQNp1752hi1P+2VAb4eCKKhErD74=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:36 2025 by rpki-client