Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/64/cWImJWVYwJtT2DVZSvess2PB44g.roa
File: cWImJWVYwJtT2DVZSvess2PB44g.roa (raw, json)
Hash identifier: pCWOv2JcjWI9GgoFfSf2ihbHQ73eRrecxsMYo6WEBk4=
Subject key identifier: 71:62:26:25:65:58:C0:9B:53:D8:35:59:4A:F7:AC:B3:63:C1:E3:88
Certificate issuer: /CN=5EB8C57D72F7946DD7B2420599288ECA153CB709
Certificate serial: 13
Authority key identifier: 5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/cWImJWVYwJtT2DVZSvess2PB44g.roa
Signing time: Mon 26 May 2025 00:56:40 +0000
ROA not before: Mon 26 May 2025 00:56:40 +0000
ROA not after: Tue 26 May 2026 00:40:26 +0000
asID: 23724
IP address blocks: 211.157.192.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5EB8C57D72F7946DD7B2420599288ECA153CB709
Validity
Not Before: May 26 00:56:40 2025 GMT
Not After : May 26 00:40:26 2026 GMT
Subject: CN=716226256558C09B53D835594AF7ACB363C1E388
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:46:b8:fd:af:66:91:25:60:c3:3e:5c:b8:a9:
c0:6b:a5:e7:fc:e9:80:ac:8f:f2:d7:3a:4c:1a:7f:
b1:37:7a:1b:49:e0:3c:fb:6d:8a:ef:4c:4d:32:ac:
ef:0c:ab:b9:6f:78:9a:6d:94:c4:08:9a:cf:d3:f0:
1a:85:72:cf:51:4a:d2:7e:e1:08:98:59:10:50:fa:
42:6c:fc:d0:0e:09:5d:95:f8:49:5d:2e:cf:d4:fd:
2b:1c:5a:0a:04:a5:74:2d:9a:42:db:a7:30:c1:5a:
73:d1:a1:36:15:d0:25:3d:1b:75:26:a5:37:ca:e6:
44:91:78:f3:da:ac:eb:d1:c9:0a:50:f0:9b:c4:ab:
16:fa:df:4a:e4:d9:1c:f5:dd:8f:b9:58:a3:84:8c:
25:e2:68:6e:f3:a1:2a:70:c4:75:fb:cd:c6:c6:47:
38:25:ac:9f:f4:fe:47:aa:f2:31:c5:03:1a:a6:b3:
2b:1e:a4:19:73:0a:80:7c:b9:be:85:17:f3:21:7d:
70:48:17:7e:f2:57:51:25:c2:95:cf:19:60:cf:65:
10:72:8b:b4:20:1e:b7:a6:4a:61:01:d3:3b:70:c1:
4d:34:ec:18:17:f4:c0:ac:cd:04:f4:fc:04:c2:65:
31:e8:d6:62:3d:13:58:fd:c6:c6:93:b2:1a:eb:ec:
bd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:62:26:25:65:58:C0:9B:53:D8:35:59:4A:F7:AC:B3:63:C1:E3:88
X509v3 Authority Key Identifier:
keyid:5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/cWImJWVYwJtT2DVZSvess2PB44g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.157.192.0/20
Signature Algorithm: sha256WithRSAEncryption
2b:68:f9:ec:06:58:08:78:8d:83:07:f6:ca:c9:af:42:1f:82:
51:22:8f:53:b5:32:a6:20:eb:6b:58:85:94:92:63:87:b4:b5:
02:8d:4d:ee:b1:02:7e:92:64:a6:7b:1b:f5:88:d4:ce:23:5a:
a9:e0:93:08:e4:4a:5f:2f:89:01:b4:d0:ed:52:0b:db:14:b4:
c5:fd:a0:24:6d:ee:17:7c:19:87:8c:db:3d:6b:9e:96:96:f8:
d6:9a:48:27:90:2c:8a:1b:a6:ab:0b:7f:d4:dd:75:df:03:41:
86:9f:2a:55:2a:2e:09:02:b5:31:ce:81:03:28:b8:1b:6e:1b:
3a:a9:3b:91:2a:3a:de:66:9f:23:ae:86:6b:f1:cb:cb:4e:24:
dc:52:bc:57:93:05:cd:20:83:fb:8b:53:b7:4d:25:a0:4e:60:
52:f6:12:fc:18:41:39:cd:84:d1:fa:df:56:df:56:dc:d6:02:
b2:f0:16:7a:dc:21:60:76:7e:83:03:b2:c4:59:b4:99:62:2c:
a4:19:b0:ab:80:c9:ca:2a:3b:cb:82:d9:8d:09:46:f3:2b:c6:
5a:f8:04:16:d4:c0:ed:2e:03:23:c8:f4:0e:06:70:17:52:98:
ef:79:2c:1d:2c:cc:54:53:ed:05:3d:a6:05:10:88:3d:9d:88:
8d:d3:6f:75
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgIBEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1RUI4
QzU3RDcyRjc5NDZERDdCMjQyMDU5OTI4OEVDQTE1M0NCNzA5MB4XDTI1MDUyNjAw
NTY0MFoXDTI2MDUyNjAwNDAyNlowMzExMC8GA1UEAxMoNzE2MjI2MjU2NTU4QzA5
QjUzRDgzNTU5NEFGN0FDQjM2M0MxRTM4ODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMdGuP2vZpElYMM+XLipwGul5/zpgKyP8tc6TBp/sTd6G0ngPPtt
iu9MTTKs7wyruW94mm2UxAiaz9PwGoVyz1FK0n7hCJhZEFD6Qmz80A4JXZX4SV0u
z9T9KxxaCgSldC2aQtunMMFac9GhNhXQJT0bdSalN8rmRJF489qs69HJClDwm8Sr
FvrfSuTZHPXdj7lYo4SMJeJobvOhKnDEdfvNxsZHOCWsn/T+R6ryMcUDGqazKx6k
GXMKgHy5voUX8yF9cEgXfvJXUSXClc8ZYM9lEHKLtCAet6ZKYQHTO3DBTTTsGBf0
wKzNBPT8BMJlMejWYj0TWP3GxpOyGuvsvZUCAwEAAaOCAe8wggHrMB0GA1UdDgQW
BBRxYiYlZVjAm1PYNVlK96yzY8HjiDAfBgNVHSMEGDAWgBReuMV9cveUbdeyQgWZ
KI7KFTy3CTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NC9Y
cmpGZlhMM2xHM1hza0lGbVNpT3loVTh0d2suY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL1hyakZmWEwzbEczWHNrSUZtU2lPeWhVOHR3ay5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzY0L2NXSW1KV1ZZd0p0VDJEVlpT
dmVzczJQQjQ0Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j
bi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATT
ncAwDQYJKoZIhvcNAQELBQADggEBACto+ewGWAh4jYMH9srJr0IfglEij1O1MqYg
62tYhZSSY4e0tQKNTe6xAn6SZKZ7G/WI1M4jWqngkwjkSl8viQG00O1SC9sUtMX9
oCRt7hd8GYeM2z1rnpaW+NaaSCeQLIobpqsLf9Tddd8DQYafKlUqLgkCtTHOgQMo
uBtuGzqpO5EqOt5mnyOuhmvxy8tOJNxSvFeTBc0gg/uLU7dNJaBOYFL2EvwYQTnN
hNH631bfVtzWArLwFnrcIWB2foMDssRZtJliLKQZsKuAycoqO8uC2Y0JRvMrxlr4
BBbUwO0uAyPI9A4GcBdSmO95LB0szFRT7QU9pgUQiD2diI3Tb3U=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:02:34 2025 by rpki-client