Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/y8lNW3xUkTBeT2X7lQAac2-7aH8.roa
File: y8lNW3xUkTBeT2X7lQAac2-7aH8.roa (raw, json)
Hash identifier: 2UWjO85z8oLLWcu+U77gzQ/FeQg6Ra6mfCDytlCGC4s=
Subject key identifier: CB:C9:4D:5B:7C:54:91:30:5E:4F:65:FB:95:00:1A:73:6F:BB:68:7F
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0FB4
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/y8lNW3xUkTBeT2X7lQAac2-7aH8.roa
Signing time: Fri 17 Jan 2025 01:27:53 +0000
ROA not before: Fri 17 Jan 2025 01:27:53 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 62387
IP address blocks: 119.59.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4020 (0xfb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Jan 17 01:27:53 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=CBC94D5B7C5491305E4F65FB95001A736FBB687F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:59:84:ca:d9:8a:e6:5e:15:55:7f:ea:00:d4:
16:91:18:6a:3b:b1:ac:0f:ba:65:3b:04:4e:b2:1d:
18:24:ce:ea:7c:65:35:b8:64:d2:84:6f:09:33:99:
5f:31:2f:f2:76:e4:3e:47:28:ed:01:a3:fd:24:77:
a7:a0:02:37:5d:6d:fe:3c:56:a7:eb:e4:e7:8e:35:
43:ed:ac:a5:e3:2e:7c:52:b2:5e:8d:aa:8d:20:37:
d3:b1:73:47:33:ea:e8:db:03:08:e9:60:f9:0c:d4:
e1:e8:db:5f:66:36:af:9e:6f:e0:65:c7:13:df:d9:
07:73:1e:5b:76:69:ea:4c:ce:e1:6f:1b:e1:fd:cd:
d9:7a:e5:c9:5f:b7:32:11:4b:36:68:86:fb:71:35:
98:11:ed:b9:da:8b:54:a9:e1:ec:a5:1d:da:ed:50:
58:08:c8:22:40:5a:34:41:a0:6d:4f:60:11:25:af:
8c:e7:90:a3:10:54:31:6e:9b:17:96:3a:65:c8:28:
2d:2c:d2:4f:0e:c8:6e:7d:5e:ef:17:7f:9e:dd:f8:
6b:e6:79:bc:a1:df:ab:c2:f9:40:73:bb:4c:71:22:
6d:fd:b1:b5:2c:da:cf:02:c2:6f:f1:b4:9f:29:a9:
fd:85:32:34:6f:f8:1e:df:2d:f0:6c:7e:2d:21:bd:
a1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C9:4D:5B:7C:54:91:30:5E:4F:65:FB:95:00:1A:73:6F:BB:68:7F
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/y8lNW3xUkTBeT2X7lQAac2-7aH8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.59.252.0/22
Signature Algorithm: sha256WithRSAEncryption
d8:cd:b9:75:4c:07:af:13:93:a7:67:b3:d3:c9:20:0d:d6:3d:
17:aa:a7:12:b4:cd:f4:67:47:17:29:fa:21:1c:19:d8:30:a9:
52:d5:88:fd:f4:5c:db:fd:64:b0:3b:a9:a6:3b:b1:5e:c1:d4:
4e:1d:92:98:4e:49:ca:f2:be:93:d6:2e:63:38:1a:19:15:5b:
2f:33:66:14:65:27:1f:8a:43:e0:88:7d:d4:89:b7:db:02:6a:
51:00:e8:d3:91:37:b7:4a:6c:d8:8f:5f:ff:84:a1:91:eb:f3:
28:a2:c9:57:38:f6:a3:5d:90:21:5b:fd:5c:d0:e6:c6:e2:bc:
e5:0a:1b:3a:a1:73:9c:72:b7:a3:cb:39:70:80:c8:87:58:4d:
8d:36:22:58:6d:27:52:0f:c2:0e:5b:0b:e1:db:28:d2:03:b3:
64:fb:59:c8:c2:35:27:4b:4b:a9:c4:cd:e0:3f:2e:81:1d:25:
e7:05:e5:1c:0e:b8:db:cc:60:b0:7b:d2:6a:de:92:70:cd:ac:
8b:09:b8:b9:68:fd:87:43:5c:8f:97:e0:d8:52:a1:bb:0e:19:
06:4e:f2:79:6c:c3:0f:73:76:93:39:3c:f4:a8:b3:a9:84:46:
84:bb:cb:f3:ee:c0:58:24:ef:17:9b:b0:3c:da:23:1e:2a:65:
86:0f:98:cc
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICD7QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTAxMTcw
MTI3NTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKENCQzk0RDVCN0M1NDkx
MzA1RTRGNjVGQjk1MDAxQTczNkZCQjY4N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD3WYTK2YrmXhVVf+oA1BaRGGo7sawPumU7BE6yHRgkzup8ZTW4
ZNKEbwkzmV8xL/J25D5HKO0Bo/0kd6egAjddbf48Vqfr5OeONUPtrKXjLnxSsl6N
qo0gN9Oxc0cz6ujbAwjpYPkM1OHo219mNq+eb+BlxxPf2QdzHlt2aepMzuFvG+H9
zdl65clftzIRSzZohvtxNZgR7bnai1Sp4eylHdrtUFgIyCJAWjRBoG1PYBElr4zn
kKMQVDFumxeWOmXIKC0s0k8OyG59Xu8Xf57d+Gvmebyh36vC+UBzu0xxIm39sbUs
2s8Cwm/xtJ8pqf2FMjRv+B7fLfBsfi0hvaGnAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUy8lNW3xUkTBeT2X7lQAac2+7aH8wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL3k4bE5XM3hVa1RCZVQy
WDdsUUFhYzItN2FIOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ3O/wwDQYJKoZIhvcNAQELBQADggEBANjNuXVMB68Tk6dns9PJIA3WPReqpxK0
zfRnRxcp+iEcGdgwqVLViP30XNv9ZLA7qaY7sV7B1E4dkphOScryvpPWLmM4GhkV
Wy8zZhRlJx+KQ+CIfdSJt9sCalEA6NORN7dKbNiPX/+EoZHr8yiiyVc49qNdkCFb
/VzQ5sbivOUKGzqhc5xyt6PLOXCAyIdYTY02IlhtJ1IPwg5bC+HbKNIDs2T7WcjC
NSdLS6nEzeA/LoEdJecF5RwOuNvMYLB70mreknDNrIsJuLlo/YdDXI+X4NhSobsO
GQZO8nlsww9zdpM5PPSos6mERoS7y/PuwFgk7xebsDzaIx4qZYYPmMw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:10 2025 by rpki-client