Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/vZ3GPZNapKxE0qMHFiVznpBfbxg.roa
File: vZ3GPZNapKxE0qMHFiVznpBfbxg.roa (raw, json)
Hash identifier: V+V/kMqL1ejai8YrlAsPR9y7RcUTQz/1TIXSnShFcck=
Subject key identifier: BD:9D:C6:3D:93:5A:A4:AC:44:D2:A3:07:16:25:73:9E:90:5F:6F:18
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18AC
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/vZ3GPZNapKxE0qMHFiVznpBfbxg.roa
Signing time: Fri 17 Jan 2025 01:25:24 +0000
ROA not before: Fri 17 Jan 2025 01:25:24 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59083
IP address blocks: 202.89.110.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6316 (0x18ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:24 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=BD9DC63D935AA4AC44D2A3071625739E905F6F18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6e:12:74:83:30:1e:89:98:1a:fa:9e:7f:9d:
97:63:3f:c3:0b:49:51:d9:e5:c0:79:b4:5b:f6:97:
39:31:c5:d9:83:50:48:49:0c:1d:d4:b5:bc:ef:2c:
dc:dd:4e:2c:39:48:a5:19:dd:89:f5:17:b3:5f:ab:
0e:60:7c:5d:b2:d2:80:de:d3:2d:fa:74:10:d6:69:
84:a8:5b:fd:9e:9e:d0:3d:ab:38:1e:e6:f6:e9:73:
75:b0:18:c0:f5:46:1c:58:5c:0a:13:f3:1f:b7:30:
05:9a:85:37:ea:f1:02:db:3c:51:fd:c0:c7:9f:1d:
a1:a8:e0:bf:83:5b:75:4f:9f:e2:a5:67:03:6b:d9:
7a:6c:61:2e:0a:34:16:7a:5e:1c:15:02:c6:10:0d:
51:89:13:d4:99:fa:27:f0:70:28:ed:98:1b:fa:08:
a4:09:61:3e:90:41:cc:c7:29:2e:91:c3:01:ef:0e:
23:99:7c:c9:72:1f:80:08:73:c9:d0:a1:fa:e0:b4:
7a:e1:84:ea:87:c0:70:92:41:f7:e5:f2:59:73:3a:
1b:7f:ee:15:37:f8:27:fc:08:36:2e:77:40:87:7f:
48:98:5d:ac:64:b2:0e:78:99:ea:56:07:53:88:49:
a9:4a:6b:2e:7b:63:f9:8a:18:59:66:f6:19:7f:46:
58:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:9D:C6:3D:93:5A:A4:AC:44:D2:A3:07:16:25:73:9E:90:5F:6F:18
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/vZ3GPZNapKxE0qMHFiVznpBfbxg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.89.110.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:2e:d9:f1:44:19:e0:a3:c0:f6:17:53:67:ed:c8:98:5f:af:
01:ae:59:35:38:9e:ea:6c:6b:85:ac:2b:28:47:26:f1:0d:ae:
56:c9:19:8b:86:d4:64:5f:e5:d3:00:37:b5:68:a5:81:8a:6e:
47:e5:bb:7a:a9:52:2d:88:07:b2:21:dd:2d:90:77:bf:4b:ee:
1b:c3:9c:42:92:43:6d:d7:d4:36:44:51:9a:dd:b4:43:d9:b5:
a0:6e:2e:ec:60:06:5f:3a:ba:6e:52:65:c2:10:12:8f:c4:fc:
6c:a9:c4:6c:cf:f2:f7:8e:af:df:66:7f:7d:48:d5:50:ed:5b:
97:b1:27:f3:a3:24:29:aa:f7:3f:92:e9:3d:d9:23:7d:f2:a9:
db:54:9f:f8:dd:5f:5d:c6:c7:3c:e1:25:ff:b5:df:a0:fb:7b:
1f:c0:ff:2b:68:f6:38:c3:98:4a:e4:d0:db:7a:7a:a9:e9:91:
82:83:94:3c:0a:96:5d:d3:8e:1f:b6:fe:01:b8:c3:a5:23:02:
d5:87:6c:47:3a:1b:f2:56:c2:94:29:9d:4a:ff:62:05:22:22:
55:24:41:26:7a:71:4f:ab:f8:08:4a:92:94:d6:34:ee:cd:12:
87:31:64:f4:7e:4d:24:c4:c6:40:9a:08:e5:cc:ce:df:46:8b:
df:3d:cf:31
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGKwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MjRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJEOURDNjNEOTM1QUE0
QUM0NEQyQTMwNzE2MjU3MzlFOTA1RjZGMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCibhJ0gzAeiZga+p5/nZdjP8MLSVHZ5cB5tFv2lzkxxdmDUEhJ
DB3UtbzvLNzdTiw5SKUZ3Yn1F7Nfqw5gfF2y0oDe0y36dBDWaYSoW/2entA9qzge
5vbpc3WwGMD1RhxYXAoT8x+3MAWahTfq8QLbPFH9wMefHaGo4L+DW3VPn+KlZwNr
2XpsYS4KNBZ6XhwVAsYQDVGJE9SZ+ifwcCjtmBv6CKQJYT6QQczHKS6RwwHvDiOZ
fMlyH4AIc8nQofrgtHrhhOqHwHCSQffl8llzOht/7hU3+Cf8CDYud0CHf0iYXaxk
sg54mepWB1OISalKay57Y/mKGFlm9hl/RlgrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUvZ3GPZNapKxE0qMHFiVznpBfbxgwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3ZaM0dQWk5hcEt4RTBx
TUhGaVZ6bnBCZmJ4Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHKWW4wDQYJKoZIhvcNAQELBQADggEBAHsu2fFEGeCjwPYXU2ftyJhfrwGuWTU4
nupsa4WsKyhHJvENrlbJGYuG1GRf5dMAN7VopYGKbkflu3qpUi2IB7Ih3S2Qd79L
7hvDnEKSQ23X1DZEUZrdtEPZtaBuLuxgBl86um5SZcIQEo/E/GypxGzP8veOr99m
f31I1VDtW5exJ/OjJCmq9z+S6T3ZI33yqdtUn/jdX13GxzzhJf+136D7ex/A/yto
9jjDmErk0Nt6eqnpkYKDlDwKll3Tjh+2/gG4w6UjAtWHbEc6G/JWwpQpnUr/YgUi
IlUkQSZ6cU+r+AhKkpTWNO7NEocxZPR+TSTExkCaCOXMzt9Gi989zzE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:27:37 2025 by rpki-client