Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/PBVsMcA0-YxNjMAy_RJZs8F-Pn8.roa
File: PBVsMcA0-YxNjMAy_RJZs8F-Pn8.roa (raw, json)
Hash identifier: lTBQolTGMMhlcWji7mUZ/iICAULUNnlhhldnSHFcS3k=
Subject key identifier: 3C:15:6C:31:C0:34:F9:8C:4D:8C:C0:32:FD:12:59:B3:C1:7E:3E:7F
Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Certificate serial: 1BCD
Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/PBVsMcA0-YxNjMAy_RJZs8F-Pn8.roa
Signing time: Fri 17 Jan 2025 01:30:09 +0000
ROA not before: Fri 17 Jan 2025 01:30:09 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4808
IP address blocks: 211.155.88.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7117 (0x1bcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Validity
Not Before: Jan 17 01:30:09 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=3C156C31C034F98C4D8CC032FD1259B3C17E3E7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:23:8b:40:bc:f7:fa:1e:69:34:9a:dc:06:2f:
53:89:44:6c:c9:9d:26:51:cc:39:1e:18:87:bc:7a:
e1:44:ed:a0:8e:3c:9e:a2:ee:df:40:91:3e:6f:5d:
6a:9c:c1:33:45:0b:2a:b0:cc:5f:cc:d9:ed:73:0b:
cf:1e:88:d9:20:84:f7:10:4a:3b:e0:19:c8:e5:7b:
1d:a4:28:38:cc:a0:39:67:2b:b4:93:7b:87:38:4b:
0d:82:31:02:44:37:95:85:29:80:1b:01:be:6c:35:
61:b6:e3:7b:2f:14:73:48:07:97:91:d4:a5:0b:e7:
98:81:f8:97:03:07:23:a0:d0:89:b7:0c:85:74:5b:
49:14:31:8e:b6:04:28:69:df:9a:cb:d9:e0:74:21:
a8:d9:5b:e1:81:fb:76:24:d3:f9:e4:7e:1a:5d:5a:
38:50:c3:4e:f6:9e:64:21:21:e1:fd:a2:f0:bb:c6:
e3:74:0e:b2:5b:2d:bc:35:f6:d1:8d:89:63:bb:90:
07:4c:0f:f5:06:47:41:a6:56:85:89:9b:c7:6a:65:
8b:a4:5a:71:a6:4f:38:65:d6:75:ef:28:b8:c4:33:
3b:88:49:1a:05:61:a0:ea:5c:75:36:47:94:1a:61:
09:b6:61:db:fc:9d:2f:8e:da:d8:d2:df:f9:af:c3:
4a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:15:6C:31:C0:34:F9:8C:4D:8C:C0:32:FD:12:59:B3:C1:7E:3E:7F
X509v3 Authority Key Identifier:
keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/PBVsMcA0-YxNjMAy_RJZs8F-Pn8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.155.88.0/21
Signature Algorithm: sha256WithRSAEncryption
00:95:ef:6d:ba:e3:07:2f:7d:42:51:4a:e1:f1:91:59:f2:39:
dc:eb:17:37:f1:2d:a6:59:8c:5a:f1:d2:7c:e9:36:87:fd:88:
a3:aa:49:dd:1d:71:6b:cd:09:db:c4:9a:db:a0:35:e5:30:0e:
50:57:02:65:d9:9c:c1:f8:c8:76:76:91:5c:e1:e8:ba:bb:3e:
f4:71:af:28:30:ee:90:9e:50:06:ea:c0:a2:b2:a6:08:28:87:
1f:70:9c:fc:9e:b1:56:ec:47:e9:10:e5:b2:5c:ca:a7:dc:d9:
ba:5f:19:6a:56:59:71:56:18:4b:d8:5a:67:78:c0:0b:20:71:
26:89:d2:09:08:1d:0f:fc:b1:32:8d:db:88:14:cd:09:f5:f4:
87:3e:31:72:7c:bf:cf:17:41:ec:69:79:bf:1c:bf:64:db:50:
90:4d:0f:f7:c4:95:54:42:e1:63:a2:c2:a5:03:fc:d8:88:a5:
5c:6f:b2:21:57:ee:e2:8b:d7:e3:1a:b1:ec:d6:de:34:53:2e:
00:5a:51:64:f8:0d:67:aa:ba:70:cc:c9:ee:20:07:3c:85:66:
c7:aa:31:21:75:77:ed:7d:41:fe:8d:57:85:d6:fb:c3:f1:c9:
36:d8:b0:8a:63:4e:35:cc:28:0a:95:37:b5:8c:79:af:b4:e6:
a7:b8:16:f6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICG80wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF
NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTAxMTcw
MTMwMDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDNDMTU2QzMxQzAzNEY5
OEM0RDhDQzAzMkZEMTI1OUIzQzE3RTNFN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNI4tAvPf6Hmk0mtwGL1OJRGzJnSZRzDkeGIe8euFE7aCOPJ6i
7t9AkT5vXWqcwTNFCyqwzF/M2e1zC88eiNkghPcQSjvgGcjlex2kKDjMoDlnK7ST
e4c4Sw2CMQJEN5WFKYAbAb5sNWG243svFHNIB5eR1KUL55iB+JcDByOg0Im3DIV0
W0kUMY62BChp35rL2eB0IajZW+GB+3Yk0/nkfhpdWjhQw072nmQhIeH9ovC7xuN0
DrJbLbw19tGNiWO7kAdMD/UGR0GmVoWJm8dqZYukWnGmTzhl1nXvKLjEMzuISRoF
YaDqXHU2R5QaYQm2Ydv8nS+O2tjS3/mvw0rLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUPBVsMcA0+YxNjMAy/RJZs8F+Pn8wHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow
7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx
L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL1BCVnNNY0EwLVl4TmpN
QXlfUkpaczhGLVBuOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPTm1gwDQYJKoZIhvcNAQELBQADggEBAACV72264wcvfUJRSuHxkVnyOdzrFzfx
LaZZjFrx0nzpNof9iKOqSd0dcWvNCdvEmtugNeUwDlBXAmXZnMH4yHZ2kVzh6Lq7
PvRxrygw7pCeUAbqwKKypggohx9wnPyesVbsR+kQ5bJcyqfc2bpfGWpWWXFWGEvY
Wmd4wAsgcSaJ0gkIHQ/8sTKN24gUzQn19Ic+MXJ8v88XQexpeb8cv2TbUJBND/fE
lVRC4WOiwqUD/NiIpVxvsiFX7uKL1+MasezW3jRTLgBaUWT4DWequnDMye4gBzyF
ZseqMSF1d+19Qf6NV4XW+8PxyTbYsIpjTjXMKAqVN7WMea+05qe4FvY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:31 2025 by rpki-client