Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/HlNm1_Dj9LjUQX3yA8UhZaYDmds.roa
File: HlNm1_Dj9LjUQX3yA8UhZaYDmds.roa (raw, json)
Hash identifier: jYr6JXqWJskt/a6Y1IbmQi0IewwErtm5yBKxd5r/q8E=
Subject key identifier: 1E:53:66:D7:F0:E3:F4:B8:D4:41:7D:F2:03:C5:21:65:A6:03:99:DB
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1855
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/HlNm1_Dj9LjUQX3yA8UhZaYDmds.roa
Signing time: Fri 17 Jan 2025 01:24:56 +0000
ROA not before: Fri 17 Jan 2025 01:24:56 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59083
IP address blocks: 59.153.168.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6229 (0x1855)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:56 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=1E5366D7F0E3F4B8D4417DF203C52165A60399DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b9:ce:79:5e:a1:ed:96:28:2e:7f:33:12:34:
0b:3c:a6:00:b2:c9:17:8f:cc:8f:d1:7d:79:15:a6:
21:0c:40:97:fc:ab:6e:61:9c:49:33:33:24:07:7c:
7a:12:1b:67:4e:ae:c7:05:26:dd:e2:db:36:25:23:
ab:6c:6f:07:27:4e:cb:99:05:76:a5:f3:d7:67:20:
74:99:77:b3:58:22:0f:ed:0f:6c:9c:66:fd:59:bf:
a5:37:13:7d:05:db:cc:07:bb:0c:a7:9f:b7:33:5b:
7d:fb:1b:d9:74:ff:15:61:18:c0:93:b9:6c:33:a7:
10:4c:be:af:74:bd:60:10:0c:c7:c5:c0:c2:4a:a4:
ad:7c:5e:25:42:76:fb:00:98:8e:57:e7:a5:d4:d9:
f0:60:57:26:f5:3f:82:3f:76:ca:48:48:01:b5:1c:
61:a5:8a:9d:c7:8e:77:18:81:ce:e1:76:56:6f:67:
c0:eb:74:1b:15:8f:ec:7d:dd:1c:11:ed:51:7a:ec:
15:f5:8e:5f:45:33:8e:74:81:b7:51:d3:f2:bc:03:
ae:25:e9:65:4a:1e:64:7a:a5:38:4b:b2:ec:c1:54:
85:ab:6c:7a:3d:04:04:8a:dc:09:59:53:95:a7:67:
3c:49:4f:b4:50:05:19:7d:83:35:59:f5:10:b9:50:
70:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:53:66:D7:F0:E3:F4:B8:D4:41:7D:F2:03:C5:21:65:A6:03:99:DB
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/HlNm1_Dj9LjUQX3yA8UhZaYDmds.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.168.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:6f:39:93:b9:94:0f:5f:23:3b:a1:81:42:da:ac:27:aa:2c:
c1:99:be:6d:db:b1:b3:fc:0f:a0:76:0f:75:f6:c0:b9:29:fc:
36:e2:6b:19:5e:10:2a:41:a3:06:cb:ef:9a:54:51:62:01:20:
4e:22:34:72:4a:1f:54:53:ad:4b:a0:fe:29:b3:01:26:ba:cf:
34:8b:7b:ba:ff:c3:ca:7b:2e:73:f4:d9:5e:9a:4b:96:a5:82:
a5:e9:8d:62:9d:98:0c:31:c6:c0:40:45:9f:85:63:d0:26:6d:
c1:d0:d4:0a:8d:71:f9:91:0b:fb:b1:67:01:e7:eb:90:7e:cd:
33:ff:b2:09:e2:22:05:d1:42:ea:23:35:8d:95:fa:52:10:1d:
ba:b9:f5:0c:f4:fe:73:e8:25:de:a9:28:4b:b9:6e:9e:e9:e0:
fd:05:ce:0c:38:f0:f9:9e:c8:d5:77:4e:24:5a:a4:91:49:bc:
16:2c:5f:14:7a:bc:24:e8:af:f1:48:67:8a:d5:06:2f:04:c0:
ac:5c:53:f2:9c:a3:0c:c5:98:67:60:2f:7c:c7:c8:88:9b:5c:
a0:3d:af:bd:0e:0b:41:3f:bc:fd:ef:c2:19:05:00:fe:a6:a4:
e1:c5:00:d9:b1:45:de:f9:1d:15:2a:19:ae:0b:a2:72:6a:0e:
4c:df:e6:ab
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGFUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0NTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFFNTM2NkQ3RjBFM0Y0
QjhENDQxN0RGMjAzQzUyMTY1QTYwMzk5REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkuc55XqHtligufzMSNAs8pgCyyRePzI/RfXkVpiEMQJf8q25h
nEkzMyQHfHoSG2dOrscFJt3i2zYlI6tsbwcnTsuZBXal89dnIHSZd7NYIg/tD2yc
Zv1Zv6U3E30F28wHuwynn7czW337G9l0/xVhGMCTuWwzpxBMvq90vWAQDMfFwMJK
pK18XiVCdvsAmI5X56XU2fBgVyb1P4I/dspISAG1HGGlip3HjncYgc7hdlZvZ8Dr
dBsVj+x93RwR7VF67BX1jl9FM450gbdR0/K8A64l6WVKHmR6pThLsuzBVIWrbHo9
BASK3AlZU5WnZzxJT7RQBRl9gzVZ9RC5UHAbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUHlNm1/Dj9LjUQX3yA8UhZaYDmdswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0hsTm0xX0RqOUxqVVFY
M3lBOFVoWmFZRG1kcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAE7magwDQYJKoZIhvcNAQELBQADggEBAA1vOZO5lA9fIzuhgULarCeqLMGZvm3b
sbP8D6B2D3X2wLkp/DbiaxleECpBowbL75pUUWIBIE4iNHJKH1RTrUug/imzASa6
zzSLe7r/w8p7LnP02V6aS5algqXpjWKdmAwxxsBARZ+FY9AmbcHQ1AqNcfmRC/ux
ZwHn65B+zTP/sgniIgXRQuojNY2V+lIQHbq59Qz0/nPoJd6pKEu5bp7p4P0Fzgw4
8PmeyNV3TiRapJFJvBYsXxR6vCTor/FIZ4rVBi8EwKxcU/KcowzFmGdgL3zHyIib
XKA9r70OC0E/vP3vwhkFAP6mpOHFANmxRd75HRUqGa4LonJqDkzf5qs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:14:35 2025 by rpki-client