Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/64/BGCbOZwpkKD5E0P8hWdQ13q5fSU.roa
File: BGCbOZwpkKD5E0P8hWdQ13q5fSU.roa (raw, json)
Hash identifier: QmZSFrCfvUqR9rdmgL3SulO2eqVYu/w7rlDsSP+a0QE=
Subject key identifier: 04:60:9B:39:9C:29:90:A0:F9:13:43:FC:85:67:50:D7:7A:B9:7D:25
Certificate issuer: /CN=5EB8C57D72F7946DD7B2420599288ECA153CB709
Certificate serial: 0A
Authority key identifier: 5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/BGCbOZwpkKD5E0P8hWdQ13q5fSU.roa
Signing time: Mon 26 May 2025 00:46:38 +0000
ROA not before: Mon 26 May 2025 00:46:38 +0000
ROA not after: Tue 26 May 2026 00:40:26 +0000
asID: 9803
IP address blocks: 211.150.128.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5EB8C57D72F7946DD7B2420599288ECA153CB709
Validity
Not Before: May 26 00:46:38 2025 GMT
Not After : May 26 00:40:26 2026 GMT
Subject: CN=04609B399C2990A0F91343FC856750D77AB97D25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:44:19:2b:1f:5e:e1:2a:94:c1:50:bf:46:55:
66:f5:df:b7:b1:19:01:02:ea:ad:2a:87:aa:59:6c:
d2:30:d3:21:f6:76:71:95:f5:77:12:90:dc:af:7d:
bf:57:25:43:a1:f1:4c:15:f9:4b:99:06:15:0e:5c:
1d:a1:08:25:a3:87:f4:5c:da:4c:0a:84:d6:0e:db:
90:fa:7e:d1:42:d9:bb:19:f9:38:d5:f7:1f:6e:19:
d3:4f:11:92:de:18:63:a9:37:19:5b:38:e8:e3:12:
63:42:ea:5a:cf:33:79:93:18:e1:02:6a:cd:56:87:
76:cf:b2:14:f3:f9:f9:25:87:1c:bc:bd:b0:29:61:
5c:8e:72:69:e3:8e:e6:6b:a5:81:48:3c:c5:00:52:
a2:0d:23:80:af:21:65:e0:9f:ae:6b:b9:fa:fc:3b:
09:bb:3d:44:9a:ae:d6:fa:71:c9:f4:cb:92:42:0d:
a0:bb:fc:7b:48:5c:a9:d1:01:9b:67:08:d9:23:9f:
cf:a8:ba:dd:0e:f5:44:73:a5:79:1d:c8:53:ff:5f:
b8:23:53:46:93:86:76:7f:6e:68:01:9a:66:62:ee:
36:97:b8:61:13:ab:8c:75:c4:e3:c6:5c:ca:c8:a7:
d9:b2:a7:62:78:7e:98:a7:7b:41:cb:3d:99:18:95:
af:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:60:9B:39:9C:29:90:A0:F9:13:43:FC:85:67:50:D7:7A:B9:7D:25
X509v3 Authority Key Identifier:
keyid:5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/BGCbOZwpkKD5E0P8hWdQ13q5fSU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.150.128.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:79:78:97:1b:2c:f0:4e:63:6f:26:3a:a3:56:d8:3c:71:e7:
f0:60:fc:b1:b0:94:9a:9b:23:bb:20:38:16:ec:77:d5:bb:79:
69:a6:25:3b:6b:61:23:ec:e4:ac:aa:cc:6c:15:5f:46:63:61:
ae:a0:04:20:03:09:11:ed:40:ec:e5:06:91:92:1f:98:c6:98:
ca:79:80:90:a1:a3:74:12:92:db:24:b1:0f:e8:1f:f1:12:d6:
ca:6c:7e:61:5f:10:85:e4:95:f6:51:1d:a4:6b:32:7d:ad:f0:
5d:19:f5:44:15:df:37:8f:2f:f0:6e:27:a7:ef:74:98:0c:1b:
4f:45:a3:53:0e:b9:7a:97:f3:16:07:1d:77:43:72:47:06:17:
9d:5d:6b:5a:84:2c:89:d3:d6:bf:b8:ae:5c:1e:55:a2:d0:0b:
5a:04:48:1d:44:9a:6e:bc:bd:15:e6:60:ac:77:a9:4e:61:d3:
c4:ca:b1:d3:a0:85:e8:dc:c8:7a:b1:64:41:21:92:d6:99:28:
01:c1:15:bd:ad:19:cd:25:0d:33:4f:6f:46:d8:82:ee:fd:75:
0a:6f:cc:51:2a:9b:7d:4e:b3:4f:8f:d4:7f:4b:8d:44:af:8b:
19:85:df:26:f0:14:9f:0e:a2:e9:b2:5d:a9:b9:fb:5a:5d:dc:
31:09:9a:ef
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgIBCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1RUI4
QzU3RDcyRjc5NDZERDdCMjQyMDU5OTI4OEVDQTE1M0NCNzA5MB4XDTI1MDUyNjAw
NDYzOFoXDTI2MDUyNjAwNDAyNlowMzExMC8GA1UEAxMoMDQ2MDlCMzk5QzI5OTBB
MEY5MTM0M0ZDODU2NzUwRDc3QUI5N0QyNTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKxEGSsfXuEqlMFQv0ZVZvXft7EZAQLqrSqHqlls0jDTIfZ2cZX1
dxKQ3K99v1clQ6HxTBX5S5kGFQ5cHaEIJaOH9FzaTAqE1g7bkPp+0ULZuxn5ONX3
H24Z008Rkt4YY6k3GVs46OMSY0LqWs8zeZMY4QJqzVaHds+yFPP5+SWHHLy9sClh
XI5yaeOO5mulgUg8xQBSog0jgK8hZeCfrmu5+vw7Cbs9RJqu1vpxyfTLkkINoLv8
e0hcqdEBm2cI2SOfz6i63Q71RHOleR3IU/9fuCNTRpOGdn9uaAGaZmLuNpe4YROr
jHXE48Zcysin2bKnYnh+mKd7Qcs9mRiVrxkCAwEAAaOCAe8wggHrMB0GA1UdDgQW
BBQEYJs5nCmQoPkTQ/yFZ1DXerl9JTAfBgNVHSMEGDAWgBReuMV9cveUbdeyQgWZ
KI7KFTy3CTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NC9Y
cmpGZlhMM2xHM1hza0lGbVNpT3loVTh0d2suY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL1hyakZmWEwzbEczWHNrSUZtU2lPeWhVOHR3ay5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzY0L0JHQ2JPWndwa0tENUUwUDho
V2RRMTNxNWZTVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j
bi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHT
loAwDQYJKoZIhvcNAQELBQADggEBAKJ5eJcbLPBOY28mOqNW2Dxx5/Bg/LGwlJqb
I7sgOBbsd9W7eWmmJTtrYSPs5KyqzGwVX0ZjYa6gBCADCRHtQOzlBpGSH5jGmMp5
gJCho3QSktsksQ/oH/ES1spsfmFfEIXklfZRHaRrMn2t8F0Z9UQV3zePL/BuJ6fv
dJgMG09Fo1MOuXqX8xYHHXdDckcGF51da1qELInT1r+4rlweVaLQC1oESB1Emm68
vRXmYKx3qU5h08TKsdOghejcyHqxZEEhktaZKAHBFb2tGc0lDTNPb0bYgu79dQpv
zFEqm31Os0+P1H9LjUSvixmF3ybwFJ8OoumyXam5+1pd3DEJmu8=
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:54:37 2025 by rpki-client