Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/knea_guurQPWdld5SzfqtcbzNmE.roa
File: knea_guurQPWdld5SzfqtcbzNmE.roa (raw, json)
Hash identifier: tJDN52rg3zB5XjhcEhZzd1YJ3m0MZChQ9fmLGQNXXyg=
Subject key identifier: 92:77:9A:FE:0B:AE:AD:03:D6:76:57:79:4B:37:EA:B5:C6:F3:36:61
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18FF
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/knea_guurQPWdld5SzfqtcbzNmE.roa
Signing time: Fri 17 Jan 2025 01:25:54 +0000
ROA not before: Fri 17 Jan 2025 01:25:54 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59083
IP address blocks: 202.89.108.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6399 (0x18ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:54 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=92779AFE0BAEAD03D67657794B37EAB5C6F33661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:37:86:8d:1b:a0:68:c2:92:a1:73:31:ff:8f:
a9:75:f9:1d:c9:e5:0c:74:29:23:9b:c2:33:25:24:
f8:68:b7:35:d5:cd:90:47:20:fb:66:f3:aa:d5:ab:
49:28:c8:c5:90:d7:fc:42:94:83:5d:ed:09:c2:66:
e5:1c:0c:20:12:08:40:99:ad:50:86:3d:d3:c1:c0:
98:59:82:c5:98:75:c6:ec:56:cf:bd:52:3f:0f:66:
da:7e:d5:89:ba:8e:23:21:60:1c:2b:7c:02:cd:a7:
a1:1a:5b:56:1f:81:b5:f5:41:47:19:8e:c3:fe:c4:
b9:94:41:b9:4a:21:d8:82:18:6d:3f:84:2f:3c:60:
b8:3f:1c:f6:17:1f:a4:5a:40:b0:74:8f:fa:7e:88:
a4:29:9f:e2:e3:32:f3:af:4c:7e:8c:2f:71:f5:4f:
f0:06:c7:79:b3:7e:47:66:4d:a5:d2:ed:aa:4d:63:
75:e9:db:8f:ba:1d:dd:40:47:15:56:6c:3e:b5:d5:
74:42:20:f3:37:be:15:8b:4d:59:12:dc:42:79:1b:
00:98:bd:2f:4e:2c:38:d0:6e:c0:3b:7d:1f:58:45:
ba:42:ac:04:43:bf:ae:bf:45:da:ba:ff:ff:d9:e2:
27:42:47:71:d2:b5:54:8f:7a:a3:2f:a8:ee:2e:02:
2a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:77:9A:FE:0B:AE:AD:03:D6:76:57:79:4B:37:EA:B5:C6:F3:36:61
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/knea_guurQPWdld5SzfqtcbzNmE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.89.108.0/22
Signature Algorithm: sha256WithRSAEncryption
65:c3:d4:22:98:ed:7c:35:b4:04:ae:37:ca:df:78:c6:61:cd:
02:e7:1f:50:3f:d0:15:b3:ef:82:36:8e:a2:db:0a:72:11:26:
ae:f7:9e:37:9b:ca:87:66:ce:af:e9:2c:b7:78:43:62:0f:eb:
f5:75:f4:20:7f:e8:7e:e1:20:6f:0a:7d:8c:eb:90:4c:89:bd:
3d:ea:6f:85:97:bb:19:1e:b8:60:89:11:2c:ed:5e:0d:8f:68:
d6:f3:11:31:49:6a:46:4e:19:e8:32:37:05:63:d0:08:83:44:
a0:8a:5d:54:58:a8:b2:b3:e5:88:10:46:6c:12:1f:8b:5a:08:
97:63:0f:59:9c:f9:1e:5d:72:ed:2f:b6:06:1d:e9:07:f3:ff:
21:ae:3e:d9:61:27:d9:7b:5c:1d:38:92:f3:69:28:b1:df:d7:
8d:f1:54:16:cf:33:84:9a:ac:a7:44:da:71:07:b2:a4:ea:83:
0d:f8:e4:fc:57:73:64:fc:29:b1:0f:59:e1:44:e9:b3:ec:86:
70:74:ba:3f:00:24:0f:d5:9b:4c:f0:fc:b0:a7:ff:cd:ea:e8:
5b:77:29:e0:f3:3d:82:7c:f0:67:47:7d:14:4a:f0:64:13:8e:
42:8f:b8:c7:d7:94:c6:e2:7e:2d:1d:d0:be:7d:b7:86:b5:e6:
5c:51:e0:dc
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGP8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NTRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDkyNzc5QUZFMEJBRUFE
MDNENjc2NTc3OTRCMzdFQUI1QzZGMzM2NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7N4aNG6BowpKhczH/j6l1+R3J5Qx0KSObwjMlJPhotzXVzZBH
IPtm86rVq0koyMWQ1/xClINd7QnCZuUcDCASCECZrVCGPdPBwJhZgsWYdcbsVs+9
Uj8PZtp+1Ym6jiMhYBwrfALNp6EaW1YfgbX1QUcZjsP+xLmUQblKIdiCGG0/hC88
YLg/HPYXH6RaQLB0j/p+iKQpn+LjMvOvTH6ML3H1T/AGx3mzfkdmTaXS7apNY3Xp
24+6Hd1ARxVWbD611XRCIPM3vhWLTVkS3EJ5GwCYvS9OLDjQbsA7fR9YRbpCrARD
v66/Rdq6///Z4idCR3HStVSPeqMvqO4uAioJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUknea/guurQPWdld5SzfqtcbzNmEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2tuZWFfZ3V1clFQV2Rs
ZDVTemZxdGNiek5tRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALKWWwwDQYJKoZIhvcNAQELBQADggEBAGXD1CKY7Xw1tASuN8rfeMZhzQLnH1A/
0BWz74I2jqLbCnIRJq73njebyodmzq/pLLd4Q2IP6/V19CB/6H7hIG8KfYzrkEyJ
vT3qb4WXuxkeuGCJESztXg2PaNbzETFJakZOGegyNwVj0AiDRKCKXVRYqLKz5YgQ
RmwSH4taCJdjD1mc+R5dcu0vtgYd6Qfz/yGuPtlhJ9l7XB04kvNpKLHf143xVBbP
M4SarKdE2nEHsqTqgw345PxXc2T8KbEPWeFE6bPshnB0uj8AJA/Vm0zw/LCn/83q
6Ft3KeDzPYJ88GdHfRRK8GQTjkKPuMfXlMbifi0d0L59t4a15lxR4Nw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:00 2025 by rpki-client