Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/kFdv23cMAs1A4DbC2fKI0D5BpM8.roa
File: kFdv23cMAs1A4DbC2fKI0D5BpM8.roa (raw, json)
Hash identifier: wtJvkAJRVnfirv0gVqhVAsJYuxcKPvxG14TekmWqWt0=
Subject key identifier: 90:57:6F:DB:77:0C:02:CD:40:E0:36:C2:D9:F2:88:D0:3E:41:A4:CF
Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Certificate serial: 15CD
Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/kFdv23cMAs1A4DbC2fKI0D5BpM8.roa
Signing time: Wed 13 Mar 2024 01:24:00 +0000
ROA not before: Wed 13 Mar 2024 01:24:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4808
IP address blocks: 211.155.88.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5581 (0x15cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Validity
Not Before: Mar 13 01:24:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=90576FDB770C02CD40E036C2D9F288D03E41A4CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:9f:67:09:07:b3:73:d1:22:ec:7e:e1:d5:08:
8c:53:8d:48:10:78:40:df:86:88:97:77:2c:b2:40:
fe:47:96:86:eb:06:b1:67:0b:96:9e:ef:ba:44:62:
2a:02:03:54:e9:1e:ea:53:ad:21:26:ee:10:cb:fb:
33:54:a1:e3:db:bf:78:d6:9b:69:2d:63:8f:5a:6a:
c3:20:a9:38:60:3a:10:e8:7b:95:a8:ec:43:21:e7:
a0:c5:39:8e:d9:19:c0:30:73:fc:27:72:21:97:03:
e7:82:65:45:da:5b:48:3c:b4:7e:12:81:cd:cc:3f:
c2:4e:33:a0:2a:9d:be:4e:b7:64:98:ee:d5:df:56:
06:53:d3:44:0e:8b:f1:07:3a:d9:22:a2:ce:6c:37:
cf:ee:7c:6f:98:b8:0e:21:4a:95:7a:c3:59:05:d7:
14:fa:f1:46:ea:64:d6:8a:63:cf:a1:4a:ec:a3:b8:
38:28:d2:42:4e:37:89:cd:af:2a:5c:50:98:1f:87:
0f:20:02:aa:60:97:95:1f:ac:7c:d7:9e:b3:7b:39:
28:35:a9:d5:95:60:ea:ba:c1:3f:89:2b:10:e9:cd:
db:eb:33:1c:7e:11:a4:d3:cc:1d:fd:80:50:8a:6e:
a4:0c:dc:c5:49:fd:19:19:2e:65:09:2f:36:a5:13:
7d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:57:6F:DB:77:0C:02:CD:40:E0:36:C2:D9:F2:88:D0:3E:41:A4:CF
X509v3 Authority Key Identifier:
keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/kFdv23cMAs1A4DbC2fKI0D5BpM8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.155.88.0/21
Signature Algorithm: sha256WithRSAEncryption
9b:8e:5c:12:76:36:4a:c0:26:3b:0a:1a:ce:0b:e8:86:78:41:
fc:60:01:c5:df:f7:86:ca:96:62:5a:3c:af:6a:91:24:9a:e3:
9c:6f:5b:29:47:c2:ae:85:ac:e0:2e:ae:c9:6f:f1:b5:0a:1a:
cd:4f:ef:e6:9f:11:3d:6f:ef:c0:f6:e7:0f:8e:88:af:92:c3:
a0:46:f9:3d:2b:a7:9a:b3:47:dc:63:ee:58:e7:43:41:d5:31:
f9:62:0c:ff:42:e6:9d:77:5b:98:d1:c5:5c:14:04:16:b6:1a:
d7:3a:66:5e:f2:2f:34:e0:50:b4:b6:e8:a6:82:fb:65:15:d0:
e9:45:d6:e3:ef:8e:b1:3a:13:62:1a:be:13:39:33:74:7d:88:
5d:1b:dc:e6:f0:a2:3d:4b:97:37:22:b6:87:99:15:96:47:8c:
a7:24:71:fd:a0:27:4b:63:c5:ec:b6:38:43:3a:03:90:4f:b3:
e0:76:c8:0f:a4:57:07:85:00:ea:80:9f:dc:23:c6:11:b1:b3:
68:ec:73:1d:34:8f:c4:87:65:62:6a:f2:0d:8b:53:7e:3f:5c:
04:f9:c9:40:b1:22:e2:9b:33:66:2d:29:09:0a:ca:e9:43:c9:
81:35:52:57:89:c8:e4:23:0e:e6:13:8f:a8:95:77:0f:4b:75:
f5:0b:e3:50
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFc0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF
NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNDAzMTMw
MTI0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwNTc2RkRCNzcwQzAy
Q0Q0MEUwMzZDMkQ5RjI4OEQwM0U0MUE0Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfn2cJB7Nz0SLsfuHVCIxTjUgQeEDfhoiXdyyyQP5HlobrBrFn
C5ae77pEYioCA1TpHupTrSEm7hDL+zNUoePbv3jWm2ktY49aasMgqThgOhDoe5Wo
7EMh56DFOY7ZGcAwc/wnciGXA+eCZUXaW0g8tH4Sgc3MP8JOM6Aqnb5Ot2SY7tXf
VgZT00QOi/EHOtkios5sN8/ufG+YuA4hSpV6w1kF1xT68UbqZNaKY8+hSuyjuDgo
0kJON4nNrypcUJgfhw8gAqpgl5UfrHzXnrN7OSg1qdWVYOq6wT+JKxDpzdvrMxx+
EaTTzB39gFCKbqQM3MVJ/RkZLmUJLzalE31bAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUkFdv23cMAs1A4DbC2fKI0D5BpM8wHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow
7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx
L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL2tGZHYyM2NNQXMxQTRE
YkMyZktJMEQ1QnBNOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPTm1gwDQYJKoZIhvcNAQELBQADggEBAJuOXBJ2NkrAJjsKGs4L6IZ4QfxgAcXf
94bKlmJaPK9qkSSa45xvWylHwq6FrOAurslv8bUKGs1P7+afET1v78D25w+OiK+S
w6BG+T0rp5qzR9xj7ljnQ0HVMfliDP9C5p13W5jRxVwUBBa2Gtc6Zl7yLzTgULS2
6KaC+2UV0OlF1uPvjrE6E2IavhM5M3R9iF0b3Obwoj1LlzcitoeZFZZHjKckcf2g
J0tjxey2OEM6A5BPs+B2yA+kVweFAOqAn9wjxhGxs2jscx00j8SHZWJq8g2LU34/
XAT5yUCxIuKbM2YtKQkKyulDyYE1UleJyOQjDuYTj6iVdw9LdfUL41A=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:29 2025 by rpki-client