Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/puk7qV1IA8WGE7-uMRA6VJBCmfo.roa
File: puk7qV1IA8WGE7-uMRA6VJBCmfo.roa (raw, json)
Hash identifier: rj7pjmyfQeQkOZRupb32bJgd9wIXMz6GCV+uWL5+LOc=
Subject key identifier: A6:E9:3B:A9:5D:48:03:C5:86:13:BF:AE:31:10:3A:54:90:42:99:FA
Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Certificate serial: 13
Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/puk7qV1IA8WGE7-uMRA6VJBCmfo.roa
Signing time: Wed 15 Jan 2025 05:26:37 +0000
ROA not before: Wed 15 Jan 2025 05:26:37 +0000
ROA not after: Tue 13 Jan 2026 01:35:26 +0000
asID: 142132
IP address blocks: 114.28.203.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A
Validity
Not Before: Jan 15 05:26:37 2025 GMT
Not After : Jan 13 01:35:26 2026 GMT
Subject: CN=A6E93BA95D4803C58613BFAE31103A54904299FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bb:7b:c3:02:25:0a:e3:8d:6e:f1:d9:09:99:
ae:14:ad:4f:2d:f8:56:30:e0:b6:53:d5:4e:1f:e0:
a1:35:b5:ac:49:a5:4c:07:12:6e:bd:1d:9d:1c:66:
60:3b:fc:a1:3c:c6:e7:e2:b8:63:c3:ab:76:c9:d2:
23:f0:38:1a:8f:2b:8a:b6:f5:cc:4b:09:9f:8d:84:
b1:66:f5:63:b6:f7:5a:81:af:4e:be:58:79:6f:13:
95:41:88:35:9e:c9:70:37:6e:32:e0:6d:1d:02:85:
ba:ed:0e:8a:5e:8c:1b:9d:f7:cc:0b:a8:8c:73:08:
60:1d:87:4c:c0:b8:66:33:f4:8b:71:db:cc:96:2f:
2b:f9:e6:8a:be:ea:a5:7a:34:54:18:12:9d:2f:1f:
a3:b2:89:cf:e2:ca:69:fc:2b:45:c6:e6:54:b1:9f:
73:a5:4c:13:19:e9:c8:95:e3:70:8c:60:ef:ca:e5:
e9:dd:71:70:b1:8f:79:4c:33:a6:e4:78:d9:0f:c9:
f2:77:48:95:a4:a4:c2:e4:03:01:84:95:bc:40:98:
69:30:55:fe:13:b5:97:9f:82:e0:6c:1e:25:c6:68:
97:2b:fe:b6:c6:26:a5:66:91:83:43:f7:ba:28:0e:
ff:5e:ea:b7:bc:89:48:5b:7e:8c:d8:bd:0d:94:1d:
65:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E9:3B:A9:5D:48:03:C5:86:13:BF:AE:31:10:3A:54:90:42:99:FA
X509v3 Authority Key Identifier:
keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/puk7qV1IA8WGE7-uMRA6VJBCmfo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.28.203.0/24
Signature Algorithm: sha256WithRSAEncryption
35:d3:4f:fd:52:49:3b:10:2f:44:48:ee:60:2a:6a:6e:11:9c:
3d:91:94:c2:d7:a1:22:31:a9:19:7d:48:9a:e0:c2:32:4f:b1:
da:06:48:17:31:f8:b6:e0:ab:b0:d1:fe:75:c5:bd:43:e6:4e:
d7:c0:b1:1e:b4:e6:f1:d5:7a:4e:21:44:82:0d:51:bd:f8:97:
7d:0e:95:f3:36:0b:ec:75:c6:eb:c9:d5:7d:ad:c6:c7:57:d2:
e6:46:94:50:9e:36:81:7c:14:43:6c:eb:eb:bf:74:f6:fd:dc:
df:55:8b:b4:28:17:1d:6f:8c:59:db:76:51:96:40:dc:cf:0a:
31:d8:20:37:f0:ee:31:9d:3d:e7:d3:0e:4d:ab:f4:b9:eb:3f:
89:16:c0:a3:45:f1:12:45:19:4f:30:4d:9d:fe:71:b0:ca:3a:
90:d2:a4:7b:58:bb:5f:92:1e:b0:76:c9:a3:da:cd:37:44:7c:
c5:f3:5b:e6:d8:8b:f3:3d:f2:32:ce:5f:63:b7:e1:ce:52:04:
93:2b:4e:94:c0:4f:a1:c6:3a:eb:ba:f1:62:81:05:b6:48:a3:
e3:65:a6:fa:75:c0:75:7d:44:23:c1:d1:1a:ea:d8:1a:6f:ae:
67:2c:50:db:89:eb:3b:89:1f:e5:ef:43:5a:8c:ff:9b:07:5f:
55:7b:37:40
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIBEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzMDlD
MkE5NDNCMjhEQzA4NThDMzlCOTIwOEExNjA5QzA5NzNFNDlBMB4XDTI1MDExNTA1
MjYzN1oXDTI2MDExMzAxMzUyNlowMzExMC8GA1UEAxMoQTZFOTNCQTk1RDQ4MDND
NTg2MTNCRkFFMzExMDNBNTQ5MDQyOTlGQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKq7e8MCJQrjjW7x2QmZrhStTy34VjDgtlPVTh/goTW1rEmlTAcS
br0dnRxmYDv8oTzG5+K4Y8OrdsnSI/A4Go8rirb1zEsJn42EsWb1Y7b3WoGvTr5Y
eW8TlUGINZ7JcDduMuBtHQKFuu0Oil6MG533zAuojHMIYB2HTMC4ZjP0i3HbzJYv
K/nmir7qpXo0VBgSnS8fo7KJz+LKafwrRcbmVLGfc6VMExnpyJXjcIxg78rl6d1x
cLGPeUwzpuR42Q/J8ndIlaSkwuQDAYSVvECYaTBV/hO1l5+C4GweJcZolyv+tsYm
pWaRg0P3uigO/17qt7yJSFt+jNi9DZQdZZ0CAwEAAaOCAfEwggHtMB0GA1UdDgQW
BBSm6TupXUgDxYYTv64xEDpUkEKZ+jAfBgNVHSMEGDAWgBQwnCqUOyjcCFjDm5II
oWCcCXPkmjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82MjAv
TUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9NSndxbERzbzNBaFl3NXVTQ0tGZ25BbHo1Sm8uY2VyMA4GA1UdDwEB/wQE
AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82MjAvcHVrN3FWMUlBOFdHRTct
dU1SQTZWSkJDbWZvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj
LmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AHIcyzANBgkqhkiG9w0BAQsFAAOCAQEANdNP/VJJOxAvREjuYCpqbhGcPZGUwteh
IjGpGX1ImuDCMk+x2gZIFzH4tuCrsNH+dcW9Q+ZO18CxHrTm8dV6TiFEgg1RvfiX
fQ6V8zYL7HXG68nVfa3Gx1fS5kaUUJ42gXwUQ2zr67909v3c31WLtCgXHW+MWdt2
UZZA3M8KMdggN/DuMZ0959MOTav0ues/iRbAo0XxEkUZTzBNnf5xsMo6kNKke1i7
X5IesHbJo9rNN0R8xfNb5tiL8z3yMs5fY7fhzlIEkytOlMBPocY667rxYoEFtkij
42Wm+nXAdX1EI8HRGurYGm+uZyxQ24nrO4kf5e9DWoz/mwdfVXs3QA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:34:41 2025 by rpki-client