Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/oPf69_h0GstzbvC9j522tKS7rFU.roa
File: oPf69_h0GstzbvC9j522tKS7rFU.roa (raw, json)
Hash identifier: U4e4Ig2bNk/jd24S4NgOKIS8ymfG/ZySfMr7N6mJRss=
Subject key identifier: A0:F7:FA:F7:F8:74:1A:CB:73:6E:F0:BD:8F:9D:B6:B4:A4:BB:AC:55
Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Certificate serial: 0FFF
Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/oPf69_h0GstzbvC9j522tKS7rFU.roa
Signing time: Fri 17 Jan 2025 01:28:31 +0000
ROA not before: Fri 17 Jan 2025 01:28:31 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 23853
IP address blocks: 211.147.79.0/24 maxlen: 32
211.147.92.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4095 (0xfff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Validity
Not Before: Jan 17 01:28:31 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=A0F7FAF7F8741ACB736EF0BD8F9DB6B4A4BBAC55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b3:f4:15:d5:62:77:6f:47:87:26:f0:5f:a1:
c6:4b:50:cc:f6:a6:6d:48:ee:f0:52:25:1e:67:b2:
70:3e:5b:e4:52:1d:4b:e5:bc:8d:07:b0:47:89:1c:
7a:33:35:3a:d6:1a:46:fa:5d:6b:23:a3:8b:0d:2d:
ca:1e:50:8e:76:59:52:31:3e:4b:b2:73:46:ad:98:
97:4c:e9:72:e4:29:c5:a0:28:45:73:50:6c:a3:48:
d8:71:59:79:58:65:dd:ca:43:6e:7c:e1:0d:54:ca:
29:2d:fa:c2:e8:21:59:ae:2b:6e:e4:6c:ee:64:b0:
82:86:23:2d:a5:c2:1a:c0:aa:c8:18:67:c7:a6:95:
8f:65:b1:9e:f8:e1:8e:86:d7:2f:85:da:fe:9a:40:
cd:30:54:d4:cf:c1:0d:b4:a6:fa:b1:dd:87:51:1e:
ba:58:9b:c0:5b:81:9a:d3:cf:82:d0:c7:42:89:22:
be:6b:76:02:b4:0d:f1:94:5c:98:f4:51:a3:37:51:
d1:dc:eb:6b:92:07:3a:a5:50:93:fc:75:c8:84:9c:
f6:44:56:e5:29:83:3d:8b:de:e3:1e:41:0f:69:31:
46:b1:63:64:7a:d1:91:f4:45:32:b6:39:1e:93:f6:
f7:24:30:51:d7:b0:9a:c8:08:40:c2:8e:cd:17:36:
61:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F7:FA:F7:F8:74:1A:CB:73:6E:F0:BD:8F:9D:B6:B4:A4:BB:AC:55
X509v3 Authority Key Identifier:
keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/oPf69_h0GstzbvC9j522tKS7rFU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.147.79.0/24
211.147.92.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:01:0b:f4:08:61:e3:24:0b:ee:2f:f8:17:bf:dc:0a:55:38:
14:b7:c7:54:2c:af:78:82:d3:46:c1:c5:c9:fb:8e:e5:07:b5:
a0:3f:5e:55:32:54:50:5b:15:21:b4:a8:41:17:12:51:a7:71:
24:59:24:7a:8f:fa:09:91:22:3c:c6:4c:df:e1:47:fc:23:db:
14:17:62:af:e3:0c:8c:e9:25:3b:fb:03:62:39:4e:30:55:58:
2b:63:13:dd:d1:86:bf:b9:c8:8e:1a:2b:e5:c3:69:44:be:f1:
94:28:f5:ca:ba:e1:06:04:8b:ce:27:ca:0d:0a:f8:14:44:11:
43:02:67:c4:88:c6:6b:e0:e2:fc:c7:fd:d8:ab:0c:31:fa:e8:
68:24:f3:09:f5:31:fb:9b:8d:70:42:27:3b:da:20:8f:01:91:
bf:b8:e2:ca:0f:0d:e9:5c:48:bc:60:dc:67:4e:2c:fa:0b:76:
12:66:dd:d7:bd:77:f5:3a:9b:91:8a:b3:ea:61:6c:c1:9a:9d:
da:b1:ff:47:85:25:66:5c:75:4e:eb:57:b4:0c:7e:78:fc:b4:
90:0d:89:6d:31:a3:74:d3:48:0d:73:3b:9c:12:2e:0c:68:30:
19:f4:8a:07:b6:3c:9d:20:6b:26:9e:fa:43:40:34:e0:c5:de:
18:70:7a:2a
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICD/8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy
NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTAxMTcw
MTI4MzFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEEwRjdGQUY3Rjg3NDFB
Q0I3MzZFRjBCRDhGOURCNkI0QTRCQkFDNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2s/QV1WJ3b0eHJvBfocZLUMz2pm1I7vBSJR5nsnA+W+RSHUvl
vI0HsEeJHHozNTrWGkb6XWsjo4sNLcoeUI52WVIxPkuyc0atmJdM6XLkKcWgKEVz
UGyjSNhxWXlYZd3KQ2584Q1Uyikt+sLoIVmuK27kbO5ksIKGIy2lwhrAqsgYZ8em
lY9lsZ744Y6G1y+F2v6aQM0wVNTPwQ20pvqx3YdRHrpYm8BbgZrTz4LQx0KJIr5r
dgK0DfGUXJj0UaM3UdHc62uSBzqlUJP8dciEnPZEVuUpgz2L3uMeQQ9pMUaxY2R6
0ZH0RTK2OR6T9vckMFHXsJrICEDCjs0XNmGrAgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQUoPf69/h0GstzbvC9j522tKS7rFUwHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7
wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv
bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS9vUGY2OV9oMEdzdHpidkM5
ajUyMnRLUzdyRlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA
05NPAwQA05NcMA0GCSqGSIb3DQEBCwUAA4IBAQCpAQv0CGHjJAvuL/gXv9wKVTgU
t8dULK94gtNGwcXJ+47lB7WgP15VMlRQWxUhtKhBFxJRp3EkWSR6j/oJkSI8xkzf
4Uf8I9sUF2Kv4wyM6SU7+wNiOU4wVVgrYxPd0Ya/uciOGivlw2lEvvGUKPXKuuEG
BIvOJ8oNCvgURBFDAmfEiMZr4OL8x/3Yqwwx+uhoJPMJ9TH7m41wQic72iCPAZG/
uOLKDw3pXEi8YNxnTiz6C3YSZt3XvXf1OpuRirPqYWzBmp3asf9HhSVmXHVO61e0
DH54/LSQDYltMaN000gNczucEi4MaDAZ9IoHtjydIGsmnvpDQDTgxd4YcHoq
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:03 2025 by rpki-client