Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/tAnhg4BJ1r-Z0aPsvgfSfv05_uM.roa
File: tAnhg4BJ1r-Z0aPsvgfSfv05_uM.roa (raw, json)
Hash identifier: TKSbqNRQLaSRmFQzXCOJrUcJtIWlA3O/TfKP/kECfpw=
Subject key identifier: B4:09:E1:83:80:49:D6:BF:99:D1:A3:EC:BE:07:D2:7E:FD:39:FE:E3
Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Certificate serial: 1BCA
Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/tAnhg4BJ1r-Z0aPsvgfSfv05_uM.roa
Signing time: Fri 17 Jan 2025 01:30:09 +0000
ROA not before: Fri 17 Jan 2025 01:30:09 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 23724
IP address blocks: 211.155.88.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7114 (0x1bca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Validity
Not Before: Jan 17 01:30:09 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=B409E1838049D6BF99D1A3ECBE07D27EFD39FEE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:da:4b:d0:42:85:f3:26:9a:59:3f:80:a8:89:
bc:76:6c:aa:6c:08:f4:42:65:66:40:40:95:a8:13:
a2:cb:4e:e8:e5:e5:aa:8c:c2:c2:93:54:a0:fc:b2:
78:59:fb:f9:4b:7b:03:f2:ad:a6:3a:f4:cb:81:e4:
85:d0:70:69:a7:94:a8:4d:58:e1:24:e9:c0:f3:26:
47:4c:08:53:d5:e7:92:a8:a1:1a:c8:04:c5:fa:6f:
1d:82:3d:9e:ea:34:ec:48:a1:22:7d:1a:9b:81:1e:
66:b2:e6:bd:9b:4b:b1:c1:4c:61:a5:a8:12:fe:63:
b3:ce:41:c1:ce:6a:1a:3c:dc:d3:23:b1:1e:30:65:
3b:19:45:ff:4c:a3:2b:68:3c:97:c0:3e:23:f9:89:
f4:53:b0:95:68:0d:b9:63:43:da:4b:24:67:0d:14:
b3:8f:98:9f:7f:2b:c1:6a:b8:69:1b:2b:26:0b:98:
1b:a2:5b:96:57:c1:f2:d3:97:3a:8b:a4:2a:4a:22:
20:ff:65:71:41:d7:f5:0b:2d:3e:54:a1:fe:58:d9:
28:9f:1c:3a:20:dd:7c:c7:df:ed:b8:ed:81:67:e3:
c3:54:26:a4:1f:f0:71:a2:55:87:9c:e7:89:02:76:
cc:47:4d:44:fd:03:3c:36:69:60:02:09:14:31:67:
cd:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:09:E1:83:80:49:D6:BF:99:D1:A3:EC:BE:07:D2:7E:FD:39:FE:E3
X509v3 Authority Key Identifier:
keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/tAnhg4BJ1r-Z0aPsvgfSfv05_uM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.155.88.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:50:9c:8f:08:84:32:77:35:30:ea:09:a0:7d:1f:76:aa:2f:
dc:26:86:8c:ae:e8:ca:37:e1:ac:da:ae:a7:a7:62:94:a1:62:
29:61:c2:3e:e0:43:74:a7:54:c6:37:2a:73:9d:88:33:c7:71:
d6:aa:cf:71:b1:f3:93:9b:66:35:6b:09:b4:00:18:95:1c:3c:
07:69:04:05:9d:db:4b:b3:cc:5d:ee:9c:e5:08:2e:d7:fc:60:
f3:6a:81:f3:65:40:97:d7:a7:47:05:0b:af:ee:09:bf:7c:25:
3f:6c:0a:99:43:aa:71:bd:24:0a:a3:f7:c0:eb:6b:1e:1e:d2:
97:c1:25:50:4e:cd:49:56:38:30:ad:27:6a:98:ee:fc:24:c5:
7c:43:c1:06:a8:db:6a:fa:36:31:43:de:57:aa:c8:7b:5d:03:
8b:bd:cc:d7:dc:ec:35:a2:c9:82:d2:75:96:6a:48:0d:20:cc:
0b:8f:fd:4b:0c:b2:17:81:d8:2d:9b:02:0f:7b:06:b0:a8:b3:
fe:04:94:5c:bc:c9:cb:45:79:b9:d7:6b:5c:4e:eb:ab:bb:00:
55:74:72:17:3d:37:ee:19:74:05:11:05:83:ba:5a:8e:ba:26:
bf:aa:0c:46:de:7e:c9:b6:e0:93:14:84:05:f6:53:26:0b:a7:
39:69:ba:dc
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICG8owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF
NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTAxMTcw
MTMwMDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEI0MDlFMTgzODA0OUQ2
QkY5OUQxQTNFQ0JFMDdEMjdFRkQzOUZFRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC02kvQQoXzJppZP4Coibx2bKpsCPRCZWZAQJWoE6LLTujl5aqM
wsKTVKD8snhZ+/lLewPyraY69MuB5IXQcGmnlKhNWOEk6cDzJkdMCFPV55KooRrI
BMX6bx2CPZ7qNOxIoSJ9GpuBHmay5r2bS7HBTGGlqBL+Y7POQcHOaho83NMjsR4w
ZTsZRf9MoytoPJfAPiP5ifRTsJVoDbljQ9pLJGcNFLOPmJ9/K8FquGkbKyYLmBui
W5ZXwfLTlzqLpCpKIiD/ZXFB1/ULLT5Uof5Y2SifHDog3XzH3+247YFn48NUJqQf
8HGiVYec54kCdsxHTUT9Azw2aWACCRQxZ80VAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUtAnhg4BJ1r+Z0aPsvgfSfv05/uMwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow
7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx
L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL3RBbmhnNEJKMXItWjBh
UHN2Z2ZTZnYwNV91TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPTm1gwDQYJKoZIhvcNAQELBQADggEBAF9QnI8IhDJ3NTDqCaB9H3aqL9wmhoyu
6Mo34azarqenYpShYilhwj7gQ3SnVMY3KnOdiDPHcdaqz3Gx85ObZjVrCbQAGJUc
PAdpBAWd20uzzF3unOUILtf8YPNqgfNlQJfXp0cFC6/uCb98JT9sCplDqnG9JAqj
98Drax4e0pfBJVBOzUlWODCtJ2qY7vwkxXxDwQao22r6NjFD3leqyHtdA4u9zNfc
7DWiyYLSdZZqSA0gzAuP/UsMsheB2C2bAg97BrCos/4ElFy8yctFebnXa1xO66u7
AFV0chc9N+4ZdAURBYO6Wo66Jr+qDEbefsm24JMUhAX2UyYLpzlputw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:56:11 2025 by rpki-client