Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/OXzobDNuEmWYH6vyyTW3rDz0dS0.roa
File: OXzobDNuEmWYH6vyyTW3rDz0dS0.roa (raw, json)
Hash identifier: Y3u6hHe/f44Fj4DI5fKq6A4TaMh5t1RengpMvcgp9qc=
Subject key identifier: 39:7C:E8:6C:33:6E:12:65:98:1F:AB:F2:C9:35:B7:AC:3C:F4:75:2D
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1845
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/OXzobDNuEmWYH6vyyTW3rDz0dS0.roa
Signing time: Fri 17 Jan 2025 01:24:49 +0000
ROA not before: Fri 17 Jan 2025 01:24:49 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59083
IP address blocks: 202.89.108.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6213 (0x1845)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:49 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=397CE86C336E1265981FABF2C935B7AC3CF4752D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ef:1f:d4:1b:64:30:6d:b4:b1:79:73:19:79:
83:1d:de:ff:b7:69:30:08:60:3b:f4:bc:23:7b:78:
99:37:3b:65:55:b6:95:5f:4f:84:f9:f0:4f:77:4c:
c7:2c:40:9c:82:16:8f:8e:9d:96:4d:3f:78:e0:1e:
08:d4:a4:fe:61:da:06:80:cb:d8:03:f7:1f:04:fd:
4f:03:a5:7a:15:de:60:c7:1f:da:6d:ce:82:72:8d:
51:3c:0a:ef:60:d7:0b:b3:79:82:97:7b:72:13:b5:
c3:3a:57:e7:dc:c2:9f:33:06:60:a1:19:35:10:a6:
4e:81:99:5d:42:5a:ba:40:99:c3:bc:26:c7:61:40:
cd:6b:c2:cd:d9:cf:39:55:5b:92:d5:e3:5e:48:ae:
05:2e:58:d3:7e:46:90:a4:35:2a:35:82:b7:20:ee:
fb:fc:bb:9f:53:66:83:86:3a:a6:6c:af:b6:97:e1:
13:cb:b1:d6:d5:b9:31:5b:6d:5d:84:d3:fb:ef:a7:
19:25:ea:28:fe:71:d4:e7:eb:8f:db:39:1f:98:eb:
5b:06:58:89:87:6f:fc:03:4f:5f:f5:42:47:60:66:
a1:fc:cd:ad:31:ca:6c:b7:8b:9d:b2:37:45:61:e5:
e7:c5:45:16:4e:fb:74:dc:a0:57:75:d0:d6:cb:56:
ff:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:7C:E8:6C:33:6E:12:65:98:1F:AB:F2:C9:35:B7:AC:3C:F4:75:2D
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/OXzobDNuEmWYH6vyyTW3rDz0dS0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.89.108.0/23
Signature Algorithm: sha256WithRSAEncryption
91:9d:a5:bd:6c:c7:9a:11:d5:64:7c:bf:e3:62:36:69:c7:3a:
09:64:e8:bd:9b:80:8d:f8:a4:e7:e9:57:36:ff:0b:93:5a:67:
7f:9d:23:a7:08:45:19:fb:a7:48:37:82:a4:2c:e7:ca:b1:b0:
b1:c2:da:37:38:7f:f1:1e:b4:d5:7f:c4:25:04:6d:34:17:21:
bf:c8:8d:ac:e8:b5:b8:d9:16:96:37:2f:85:35:74:04:31:cf:
2d:76:47:8e:fc:34:d9:20:b0:a3:31:fe:98:6e:95:57:4b:60:
6d:66:95:48:c4:d0:15:f5:98:f5:5c:1a:89:3c:0a:c5:69:6d:
a5:3a:0d:0b:ee:2c:f5:17:01:f2:0e:3f:aa:11:f2:fb:f5:3f:
3e:01:55:db:11:51:f6:37:ed:5f:a4:15:e5:3d:27:ed:f6:01:
99:41:d2:12:0a:99:07:00:01:22:93:cd:75:05:77:b8:a1:49:
50:f3:a8:02:05:cf:28:a5:a1:ad:16:5e:cd:91:1e:f2:08:92:
ba:16:ee:3a:3f:66:08:68:39:0a:d3:2f:18:06:2b:a6:7f:fc:
74:f1:82:6a:e4:04:c6:ac:59:31:4f:68:39:eb:a3:3e:9f:c0:
f0:bf:41:c4:ff:d5:02:3f:ba:a3:af:44:85:c3:2e:f5:7f:56:
5e:6d:45:04
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGEUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0NDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM5N0NFODZDMzM2RTEy
NjU5ODFGQUJGMkM5MzVCN0FDM0NGNDc1MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH7x/UG2QwbbSxeXMZeYMd3v+3aTAIYDv0vCN7eJk3O2VVtpVf
T4T58E93TMcsQJyCFo+OnZZNP3jgHgjUpP5h2gaAy9gD9x8E/U8DpXoV3mDHH9pt
zoJyjVE8Cu9g1wuzeYKXe3ITtcM6V+fcwp8zBmChGTUQpk6BmV1CWrpAmcO8Jsdh
QM1rws3ZzzlVW5LV415IrgUuWNN+RpCkNSo1grcg7vv8u59TZoOGOqZsr7aX4RPL
sdbVuTFbbV2E0/vvpxkl6ij+cdTn64/bOR+Y61sGWImHb/wDT1/1QkdgZqH8za0x
ymy3i52yN0Vh5efFRRZO+3TcoFd10NbLVv//AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUOXzobDNuEmWYH6vyyTW3rDz0dS0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L09Yem9iRE51RW1XWUg2
dnl5VFczckR6MGRTMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHKWWwwDQYJKoZIhvcNAQELBQADggEBAJGdpb1sx5oR1WR8v+NiNmnHOglk6L2b
gI34pOfpVzb/C5NaZ3+dI6cIRRn7p0g3gqQs58qxsLHC2jc4f/EetNV/xCUEbTQX
Ib/IjazotbjZFpY3L4U1dAQxzy12R478NNkgsKMx/phulVdLYG1mlUjE0BX1mPVc
Gok8CsVpbaU6DQvuLPUXAfIOP6oR8vv1Pz4BVdsRUfY37V+kFeU9J+32AZlB0hIK
mQcAASKTzXUFd7ihSVDzqAIFzyiloa0WXs2RHvIIkroW7jo/ZghoOQrTLxgGK6Z/
/HTxgmrkBMasWTFPaDnroz6fwPC/QcT/1QI/uqOvRIXDLvV/Vl5tRQQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:16 2025 by rpki-client