Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/UPxeLp83esL6XFwzWB7AGfxYl-o.roa
File: UPxeLp83esL6XFwzWB7AGfxYl-o.roa (raw, json)
Hash identifier: fS8fV6qCGL62t+Pg2mrdH3cOLpC1KHGgnynYm2XXBxc=
Subject key identifier: 50:FC:5E:2E:9F:37:7A:C2:FA:5C:5C:33:58:1E:C0:19:FC:58:97:EA
Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Certificate serial: 128E
Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/UPxeLp83esL6XFwzWB7AGfxYl-o.roa
Signing time: Fri 23 May 2025 11:37:39 +0000
ROA not before: Fri 23 May 2025 11:37:39 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 17621
IP address blocks: 120.136.184.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4750 (0x128e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Validity
Not Before: May 23 11:37:39 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=50FC5E2E9F377AC2FA5C5C33581EC019FC5897EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:40:10:54:1f:90:ea:48:89:de:4c:6c:3f:d8:
34:d9:56:bb:07:76:86:9d:62:d9:5d:fa:c9:3b:07:
44:e2:cb:a3:bb:9b:85:21:bd:f8:fb:6b:a5:15:93:
87:64:68:9c:f5:d5:10:cd:5e:d3:50:99:61:56:6c:
99:02:5f:42:cf:ac:36:d3:c9:ef:b6:19:61:5d:80:
e0:9b:5d:a6:76:60:47:6b:44:17:d1:84:c9:1d:91:
4a:59:12:a0:f4:08:c7:ab:c1:d8:f9:bd:5a:75:8c:
8c:09:b8:cc:de:2b:8c:ab:16:36:06:05:fa:38:aa:
95:3c:79:bf:3a:60:09:bb:88:4e:02:b9:3b:73:84:
32:14:a1:21:e9:c9:9d:26:8c:62:93:9f:02:bb:bd:
a8:e2:04:8a:9d:46:f7:86:d8:0e:90:bb:02:e8:39:
7c:ea:e4:de:8b:6a:3a:96:92:bb:45:85:01:5c:50:
a0:43:19:ee:9f:f6:df:cc:0f:4b:ae:1c:e3:b5:10:
32:c1:d9:cd:4c:7a:20:28:2c:f8:11:33:f2:9f:3a:
73:0b:82:90:84:4c:37:8f:d9:46:cd:8c:1a:74:09:
88:68:c3:c0:d6:22:b4:fb:1c:67:37:45:b9:98:86:
ba:f2:4d:68:e2:8c:f1:e2:78:62:c2:58:a3:fd:93:
e9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:FC:5E:2E:9F:37:7A:C2:FA:5C:5C:33:58:1E:C0:19:FC:58:97:EA
X509v3 Authority Key Identifier:
keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/UPxeLp83esL6XFwzWB7AGfxYl-o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
120.136.184.0/22
Signature Algorithm: sha256WithRSAEncryption
66:9b:f3:d2:e9:87:a1:89:d3:2c:35:7c:4b:fb:f1:f0:9f:1a:
90:79:ec:0e:3b:19:bf:ee:34:67:be:ad:ee:10:a1:4a:62:49:
47:d6:77:ee:9c:90:5d:cc:2c:1c:ea:70:9c:ad:9f:1a:44:3e:
ee:a8:f9:74:62:c0:47:1d:0c:1a:ba:35:50:4f:c8:2c:df:f0:
a3:c5:6d:f1:89:2c:96:43:7c:a0:cc:cf:2b:a5:fc:be:eb:29:
cf:d8:2f:f3:42:1b:d7:ad:d1:48:18:55:a4:8e:da:1a:bb:cf:
17:ad:e3:2b:65:a0:98:99:47:16:a7:b7:06:d7:67:7e:13:3a:
45:0f:39:cb:d8:74:c7:21:06:c1:f3:a8:24:4b:7f:aa:24:06:
31:83:ea:7e:37:f3:09:c8:ed:96:8e:e2:d9:1c:8a:d3:20:42:
5e:2d:30:3e:2f:bb:18:20:8a:b5:0f:21:a6:89:e5:97:1f:6c:
33:f0:0a:43:0d:7c:81:ef:8a:a3:cd:22:f3:54:9e:ff:ab:05:
9f:56:a5:ce:a7:5d:b8:8a:0c:36:c9:dd:60:f5:b8:95:d6:03:
81:32:3d:d4:1c:bf:f1:e4:18:6a:70:5d:cc:a7:b2:45:af:22:
36:32:89:ec:11:cd:47:c9:fc:de:6c:32:36:a0:91:41:e5:00:
ad:f8:3a:e5
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICEo4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy
NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA1MjMx
MTM3MzlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDUwRkM1RTJFOUYzNzdB
QzJGQTVDNUMzMzU4MUVDMDE5RkM1ODk3RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeQBBUH5DqSIneTGw/2DTZVrsHdoadYtld+sk7B0Tiy6O7m4Uh
vfj7a6UVk4dkaJz11RDNXtNQmWFWbJkCX0LPrDbTye+2GWFdgOCbXaZ2YEdrRBfR
hMkdkUpZEqD0CMerwdj5vVp1jIwJuMzeK4yrFjYGBfo4qpU8eb86YAm7iE4CuTtz
hDIUoSHpyZ0mjGKTnwK7vajiBIqdRveG2A6QuwLoOXzq5N6LajqWkrtFhQFcUKBD
Ge6f9t/MD0uuHOO1EDLB2c1MeiAoLPgRM/KfOnMLgpCETDeP2UbNjBp0CYhow8DW
IrT7HGc3RbmYhrryTWjijPHieGLCWKP9k+kXAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUUPxeLp83esL6XFwzWB7AGfxYl+owHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7
wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv
bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS9VUHhlTHA4M2VzTDZYRnd6
V0I3QUdmeFlsLW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
eIi4MA0GCSqGSIb3DQEBCwUAA4IBAQBmm/PS6YehidMsNXxL+/HwnxqQeewOOxm/
7jRnvq3uEKFKYklH1nfunJBdzCwc6nCcrZ8aRD7uqPl0YsBHHQwaujVQT8gs3/Cj
xW3xiSyWQ3ygzM8rpfy+6ynP2C/zQhvXrdFIGFWkjtoau88XreMrZaCYmUcWp7cG
12d+EzpFDznL2HTHIQbB86gkS3+qJAYxg+p+N/MJyO2WjuLZHIrTIEJeLTA+L7sY
IIq1DyGmieWXH2wz8ApDDXyB74qjzSLzVJ7/qwWfVqXOp124igw2yd1g9biV1gOB
Mj3UHL/x5BhqcF3Mp7JFryI2MonsEc1HyfzebDI2oJFB5QCt+Drl
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:07:55 2025 by rpki-client