Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/hrcHky2l5gbvGbGGPLqztSGSUaY.roa
File: hrcHky2l5gbvGbGGPLqztSGSUaY.roa (raw, json)
Hash identifier: hioE+ivTUoBeFjl/0h6l2oB1uDNDo/ITf2XiAmNM3rI=
Subject key identifier: 86:B7:07:93:2D:A5:E6:06:EF:19:B1:86:3C:BA:B3:B5:21:92:51:A6
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1817
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hrcHky2l5gbvGbGGPLqztSGSUaY.roa
Signing time: Fri 17 Jan 2025 01:24:34 +0000
ROA not before: Fri 17 Jan 2025 01:24:34 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59083
IP address blocks: 202.136.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6167 (0x1817)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:34 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=86B707932DA5E606EF19B1863CBAB3B5219251A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7e:3d:87:b5:cc:81:a1:72:16:1a:aa:a2:75:
28:c5:3b:e7:5f:95:76:15:7f:0c:01:f3:cf:08:d4:
24:94:bf:28:c9:15:4e:65:af:30:ac:67:76:1e:9c:
2e:83:85:e0:aa:2c:21:c7:1a:75:78:64:0a:e6:02:
bc:98:31:0b:c8:10:c6:d5:75:51:7f:8e:0c:e7:cc:
91:23:e8:bc:55:3d:6e:9a:d6:ce:46:2a:50:47:aa:
1a:ef:a7:c5:92:02:dd:54:77:68:c0:07:96:ba:c6:
b9:60:3a:1b:b6:c5:90:b5:13:07:7f:fe:c9:d3:c9:
36:74:d6:01:1e:bc:23:e9:43:3b:53:1a:a3:e4:1d:
5d:e6:29:54:0f:98:11:33:b3:52:7e:40:d1:ba:b6:
c9:c2:f0:48:bf:5e:cc:11:84:ce:d1:49:9a:d9:bb:
a8:2e:69:86:eb:6c:8c:2a:2a:35:f3:b8:1a:31:57:
02:da:88:73:f6:ba:50:f6:6c:18:62:9a:73:00:73:
f5:32:3b:69:35:01:2e:ca:4e:ca:3c:a7:3d:84:7d:
76:d7:fa:ca:62:b8:6d:68:b5:e8:7f:18:09:4d:b4:
55:a2:94:7e:80:be:26:2e:a9:54:f2:17:a2:be:91:
bd:89:fb:2d:dd:60:fd:20:f7:4e:c9:11:1e:de:3e:
f2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B7:07:93:2D:A5:E6:06:EF:19:B1:86:3C:BA:B3:B5:21:92:51:A6
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hrcHky2l5gbvGbGGPLqztSGSUaY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.136.249.0/24
Signature Algorithm: sha256WithRSAEncryption
53:6f:7e:87:98:63:fd:8f:1a:98:09:a5:f0:cf:8d:ab:d4:8c:
e8:6a:fd:76:ef:29:8a:46:dc:1f:56:41:1a:4a:2c:7f:ed:04:
f8:a0:df:94:93:63:5f:ca:90:97:bb:4e:8f:4b:d4:4c:25:7e:
16:88:13:fe:e6:ad:29:d1:2d:ab:7c:f2:5f:81:cf:fc:d8:c7:
e6:53:19:76:88:f9:4c:a2:ed:bf:ad:e6:41:2c:a1:39:d9:68:
cd:bf:f4:f3:51:f0:d6:52:60:e0:42:b5:e9:ba:da:08:82:05:
0b:a5:a7:a0:00:19:c4:b8:e7:6f:f9:b6:5e:a3:2f:1e:86:45:
96:43:4b:2e:c9:69:1e:10:51:c1:a6:da:1b:86:ef:56:c8:6f:
2b:32:e3:d1:a6:ed:da:d2:65:c2:e4:cd:4e:49:01:97:a6:ea:
60:d8:2f:50:8b:89:c1:d3:18:94:24:f8:a0:2d:b7:68:f4:e0:
17:d5:9f:17:8c:24:79:e4:c2:88:ab:f5:f8:de:02:74:f3:90:
4c:08:94:d6:e9:cc:35:8b:39:5e:8f:87:50:5c:69:6f:2c:02:
21:9e:6c:1a:3a:d5:e1:76:2f:21:90:83:ca:39:f5:3d:0b:0e:
c3:41:69:27:07:2b:46:19:ec:76:5a:dd:24:ab:cc:a6:64:a7:
71:48:f2:c2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGBcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0MzRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg2QjcwNzkzMkRBNUU2
MDZFRjE5QjE4NjNDQkFCM0I1MjE5MjUxQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5fj2HtcyBoXIWGqqidSjFO+dflXYVfwwB888I1CSUvyjJFU5l
rzCsZ3YenC6DheCqLCHHGnV4ZArmAryYMQvIEMbVdVF/jgznzJEj6LxVPW6a1s5G
KlBHqhrvp8WSAt1Ud2jAB5a6xrlgOhu2xZC1Ewd//snTyTZ01gEevCPpQztTGqPk
HV3mKVQPmBEzs1J+QNG6tsnC8Ei/XswRhM7RSZrZu6guaYbrbIwqKjXzuBoxVwLa
iHP2ulD2bBhimnMAc/UyO2k1AS7KTso8pz2EfXbX+spiuG1oteh/GAlNtFWilH6A
viYuqVTyF6K+kb2J+y3dYP0g907JER7ePvK3AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUhrcHky2l5gbvGbGGPLqztSGSUaYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2hyY0hreTJsNWdidkdi
R0dQTHF6dFNHU1VhWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADKiPkwDQYJKoZIhvcNAQELBQADggEBAFNvfoeYY/2PGpgJpfDPjavUjOhq/Xbv
KYpG3B9WQRpKLH/tBPig35STY1/KkJe7To9L1EwlfhaIE/7mrSnRLat88l+Bz/zY
x+ZTGXaI+Uyi7b+t5kEsoTnZaM2/9PNR8NZSYOBCtem62giCBQulp6AAGcS452/5
tl6jLx6GRZZDSy7JaR4QUcGm2huG71bIbysy49Gm7drSZcLkzU5JAZem6mDYL1CL
icHTGJQk+KAtt2j04BfVnxeMJHnkwoir9fjeAnTzkEwIlNbpzDWLOV6Ph1BcaW8s
AiGebBo61eF2LyGQg8o59T0LDsNBaScHK0YZ7HZa3SSrzKZkp3FI8sI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:35 2025 by rpki-client