Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/wfz_PGiNFuTyHj8FjusdXAytmzs.roa
File: wfz_PGiNFuTyHj8FjusdXAytmzs.roa (raw, json)
Hash identifier: J5dvfXbsTsTry7/TBVEr0+geAE4UNU/tysYWDj8ORHM=
Subject key identifier: C1:FC:FF:3C:68:8D:16:E4:F2:1E:3F:05:8E:EB:1D:5C:0C:AD:9B:3B
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 149E
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/wfz_PGiNFuTyHj8FjusdXAytmzs.roa
Signing time: Wed 11 Sep 2024 02:23:34 +0000
ROA not before: Wed 11 Sep 2024 02:23:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 59083
IP address blocks: 202.89.110.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5278 (0x149e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C1FCFF3C688D16E4F21E3F058EEB1D5C0CAD9B3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9a:53:67:09:7d:83:c2:0a:fe:41:c0:5c:a8:
39:be:9d:0a:96:d9:c2:39:f3:98:fb:f7:f8:c4:7a:
b5:d3:37:e9:1c:c1:cf:c6:7e:f9:8f:9d:6d:1d:cc:
95:e4:e0:50:b2:69:e6:bc:ad:35:4a:00:7a:31:b6:
56:58:29:a5:5c:ce:8e:f6:93:81:ce:21:1c:fe:ae:
3f:00:97:6c:d3:d2:60:d3:a0:ac:aa:a5:cc:2c:ee:
28:c2:29:c4:54:ee:e6:0f:48:e9:0a:7f:61:79:7e:
60:d9:68:eb:9d:ba:68:23:a2:b8:71:30:2c:c6:95:
8b:23:49:83:d3:78:fc:9d:a8:50:12:58:81:2b:c5:
a7:10:54:72:28:00:da:2b:25:0d:3d:b7:d9:a6:6f:
8f:8b:37:12:32:2f:09:b6:25:99:ea:97:bc:7e:62:
92:b0:6c:73:3a:43:c8:40:a2:3a:5b:08:3c:e9:eb:
32:4a:c2:e1:b9:da:28:94:c5:f0:9e:8e:11:d1:08:
95:ab:f3:c8:bf:79:3d:71:ca:33:13:35:97:74:db:
c9:c7:57:8a:82:2a:0a:0a:f5:92:f5:02:93:c0:16:
b4:86:be:31:82:22:8e:d3:f7:5c:f1:7a:4a:e2:ba:
43:5e:a5:28:7d:a5:f9:5d:19:47:23:14:4c:8e:67:
57:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:FC:FF:3C:68:8D:16:E4:F2:1E:3F:05:8E:EB:1D:5C:0C:AD:9B:3B
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/wfz_PGiNFuTyHj8FjusdXAytmzs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.89.110.0/23
Signature Algorithm: sha256WithRSAEncryption
37:20:39:04:de:33:9a:d4:fe:86:e8:3b:ab:8e:88:bf:d5:3e:
c5:d0:7f:a9:b1:2f:93:ce:fc:1a:79:49:58:6a:a5:2e:8a:4e:
2e:af:09:1e:bc:a9:c0:1c:e4:e3:b6:4e:65:6d:ab:59:5d:f0:
85:86:5d:af:99:dc:a4:f5:50:f9:38:38:dd:f0:2f:bb:8a:86:
99:d5:81:6c:35:47:ab:66:f8:92:79:6a:1f:17:a3:77:89:de:
07:5c:64:9a:e3:e1:e3:3d:c1:ee:ab:28:f4:2f:35:a4:bc:a3:
73:b2:e2:f0:e4:44:a1:6b:c4:6f:af:96:82:78:b6:32:47:f3:
7b:cc:6a:72:e4:6b:94:b3:f3:64:8d:7a:e2:54:9e:cc:9c:5b:
5e:57:4c:6d:39:55:1e:e6:5a:03:a0:ae:06:10:f7:3e:fa:4d:
98:09:ec:a4:d5:33:09:0d:57:4d:40:4f:30:a8:47:e0:4b:e7:
55:06:b8:5c:f2:88:ac:fe:ec:2f:20:b1:04:a5:37:28:e7:e0:
4b:e9:07:24:8a:ed:de:f8:1d:f2:b6:a1:e7:bd:db:78:77:f5:
2d:a7:7d:22:00:44:c2:c9:5e:e5:74:0e:fa:71:3f:ca:17:d2:
15:b1:21:b1:aa:4b:c2:94:e4:8e:d1:f3:f6:72:1f:55:b3:5a:
00:96:03:87
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFJ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMxRkNGRjNDNjg4RDE2
RTRGMjFFM0YwNThFRUIxRDVDMENBRDlCM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBmlNnCX2Dwgr+QcBcqDm+nQqW2cI585j79/jEerXTN+kcwc/G
fvmPnW0dzJXk4FCyaea8rTVKAHoxtlZYKaVczo72k4HOIRz+rj8Al2zT0mDToKyq
pcws7ijCKcRU7uYPSOkKf2F5fmDZaOudumgjorhxMCzGlYsjSYPTePydqFASWIEr
xacQVHIoANorJQ09t9mmb4+LNxIyLwm2JZnql7x+YpKwbHM6Q8hAojpbCDzp6zJK
wuG52iiUxfCejhHRCJWr88i/eT1xyjMTNZd028nHV4qCKgoK9ZL1ApPAFrSGvjGC
Io7T91zxekriukNepSh9pfldGUcjFEyOZ1e/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUwfz/PGiNFuTyHj8FjusdXAytmzswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3dmel9QR2lORnVUeUhq
OEZqdXNkWEF5dG16cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHKWW4wDQYJKoZIhvcNAQELBQADggEBADcgOQTeM5rU/oboO6uOiL/VPsXQf6mx
L5PO/Bp5SVhqpS6KTi6vCR68qcAc5OO2TmVtq1ld8IWGXa+Z3KT1UPk4ON3wL7uK
hpnVgWw1R6tm+JJ5ah8Xo3eJ3gdcZJrj4eM9we6rKPQvNaS8o3Oy4vDkRKFrxG+v
loJ4tjJH83vManLka5Sz82SNeuJUnsycW15XTG05VR7mWgOgrgYQ9z76TZgJ7KTV
MwkNV01ATzCoR+BL51UGuFzyiKz+7C8gsQSlNyjn4EvpBySK7d74HfK2oee923h3
9S2nfSIARMLJXuV0DvpxP8oX0hWxIbGqS8KU5I7R8/ZyH1WzWgCWA4c=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:15 2025 by rpki-client