Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/656/ZFT0Nr7FJszD0x3KRvs8oSTm7Cs.roa
File: ZFT0Nr7FJszD0x3KRvs8oSTm7Cs.roa (raw, json)
Hash identifier: R+23mIIohwsx/bQza1Y8jqIuDcIyVzjppKRbRnMAGvM=
Subject key identifier: 64:54:F4:36:BE:C5:26:CC:C3:D3:1D:CA:46:FB:3C:A1:24:E6:EC:2B
Certificate issuer: /CN=64DC20D9612C5B77499A6D223A652B2E38B11647
Certificate serial: 1786
Authority key identifier: 64:DC:20:D9:61:2C:5B:77:49:9A:6D:22:3A:65:2B:2E:38:B1:16:47
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZNwg2WEsW3dJmm0iOmUrLjixFkc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/ZFT0Nr7FJszD0x3KRvs8oSTm7Cs.roa
Signing time: Fri 17 Jan 2025 01:28:18 +0000
ROA not before: Fri 17 Jan 2025 01:28:18 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 132203
IP address blocks: 49.51.128.0/19 maxlen: 24
49.51.146.0/23 maxlen: 24
49.51.160.0/20 maxlen: 24
119.28.164.0/24 maxlen: 24
119.28.165.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6022 (0x1786)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64DC20D9612C5B77499A6D223A652B2E38B11647
Validity
Not Before: Jan 17 01:28:18 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=6454F436BEC526CCC3D31DCA46FB3CA124E6EC2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1e:31:7a:c5:90:82:06:f7:05:de:7f:27:13:
4d:82:cf:d7:f2:b3:38:76:d1:0c:15:49:cf:f2:a5:
b2:1f:ca:ca:1c:50:42:37:16:22:f0:e8:15:97:4a:
5d:aa:75:9f:e4:c7:af:70:f8:86:7a:42:b8:b8:66:
dd:13:24:6a:91:18:61:c1:b8:a9:7c:bc:92:b6:9d:
55:f5:24:3b:cf:a9:a3:56:8a:82:5a:f0:d3:43:f3:
ec:0d:ed:91:75:f8:ee:6d:58:8d:90:de:d1:77:14:
1a:3f:21:43:c7:30:59:12:c1:0d:78:62:17:cb:53:
37:80:4c:55:59:85:32:98:f0:e8:6c:b2:2a:43:5f:
36:31:b9:ad:99:a3:13:ac:06:e6:e5:65:10:31:79:
e6:75:2e:f6:ac:c0:d7:92:cf:93:f2:5c:ca:6c:46:
5e:17:c2:d2:b4:72:92:b4:2e:bb:e7:aa:60:1a:9a:
09:21:37:4a:70:ec:43:ad:95:19:e0:7e:d5:db:0c:
d7:68:c0:aa:f0:ca:3d:ec:4a:b8:e7:0b:2f:ff:3b:
0c:8f:46:97:63:fa:f0:d9:09:f9:e7:ac:77:41:db:
d2:ec:92:92:fc:dd:40:d4:81:d2:32:07:a0:cf:f6:
81:4d:ae:c7:1e:dc:98:90:d6:ef:b2:15:9c:e5:37:
ff:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:54:F4:36:BE:C5:26:CC:C3:D3:1D:CA:46:FB:3C:A1:24:E6:EC:2B
X509v3 Authority Key Identifier:
keyid:64:DC:20:D9:61:2C:5B:77:49:9A:6D:22:3A:65:2B:2E:38:B1:16:47
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/ZNwg2WEsW3dJmm0iOmUrLjixFkc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZNwg2WEsW3dJmm0iOmUrLjixFkc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/ZFT0Nr7FJszD0x3KRvs8oSTm7Cs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.51.128.0-49.51.175.255
119.28.164.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:41:b4:ec:ce:1c:1a:d2:fe:80:c4:4d:05:07:56:96:16:52:
b1:c4:e6:22:8c:dd:d0:d5:69:45:48:ae:b3:bc:a4:af:47:11:
e8:45:d9:c4:56:83:5b:bc:d0:8a:7b:a6:80:84:ee:16:0f:a5:
30:c8:cd:51:6f:ad:60:9d:ab:e4:d0:0a:08:d5:30:1a:c9:5c:
20:38:e2:9b:70:4c:4b:68:6e:fc:27:a2:1e:c5:4d:df:64:5d:
94:d0:39:fd:b1:06:93:90:ea:b3:a9:76:f6:4f:aa:a6:0e:df:
d9:f6:3b:58:5e:eb:c4:1e:43:98:25:71:86:f5:53:80:7e:b2:
06:a8:29:5d:44:0f:59:3e:85:6a:46:2c:0b:f5:73:30:1c:c1:
4e:13:2d:ab:4e:c5:9b:2b:a7:c2:67:9a:62:73:9e:a3:d8:b2:
5d:24:2d:b4:d0:e6:7d:d3:8d:7c:4f:f3:39:d2:93:e2:08:d5:
27:0f:81:75:7c:2b:1a:1c:ee:fe:9b:4c:c1:f3:9e:56:6b:12:
28:d7:2e:b7:2f:5c:bc:69:49:c7:fe:98:d6:a0:b3:3a:dd:97:
19:27:15:b5:f2:03:a7:53:7c:e9:dd:f4:4c:ac:fe:34:20:01:
af:6d:79:0d:7e:62:88:dc:ed:67:cf:1f:5e:91:83:0f:b4:0d:
57:a7:46:54
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgICF4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjRE
QzIwRDk2MTJDNUI3NzQ5OUE2RDIyM0E2NTJCMkUzOEIxMTY0NzAeFw0yNTAxMTcw
MTI4MThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY0NTRGNDM2QkVDNTI2
Q0NDM0QzMURDQTQ2RkIzQ0ExMjRFNkVDMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDHjF6xZCCBvcF3n8nE02Cz9fyszh20QwVSc/ypbIfysocUEI3
FiLw6BWXSl2qdZ/kx69w+IZ6Qri4Zt0TJGqRGGHBuKl8vJK2nVX1JDvPqaNWioJa
8NND8+wN7ZF1+O5tWI2Q3tF3FBo/IUPHMFkSwQ14YhfLUzeATFVZhTKY8OhssipD
XzYxua2ZoxOsBublZRAxeeZ1LvaswNeSz5PyXMpsRl4XwtK0cpK0LrvnqmAamgkh
N0pw7EOtlRngftXbDNdowKrwyj3sSrjnCy//OwyPRpdj+vDZCfnnrHdB29LskpL8
3UDUgdIyB6DP9oFNrsce3JiQ1u+yFZzlN/9dAgMBAAGjggH/MIIB+zAdBgNVHQ4E
FgQUZFT0Nr7FJszD0x3KRvs8oSTm7CswHwYDVR0jBBgwFoAUZNwg2WEsW3dJmm0i
OmUrLjixFkcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU2
L1pOd2cyV0VzVzNkSm1tMGlPbVVyTGppeEZrYy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvWk53ZzJXRXNXM2RKbW0waU9tVXJMaml4RmtjLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU2L1pGVDBOcjdGSnN6RDB4
M0tSdnM4b1NUbTdDcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQw
DAMEBzEzgAMEBDEzoAMEAXccpDANBgkqhkiG9w0BAQsFAAOCAQEAO0G07M4cGtL+
gMRNBQdWlhZSscTmIozd0NVpRUius7ykr0cR6EXZxFaDW7zQinumgITuFg+lMMjN
UW+tYJ2r5NAKCNUwGslcIDjim3BMS2hu/CeiHsVN32RdlNA5/bEGk5Dqs6l29k+q
pg7f2fY7WF7rxB5DmCVxhvVTgH6yBqgpXUQPWT6FakYsC/VzMBzBThMtq07Fmyun
wmeaYnOeo9iyXSQttNDmfdONfE/zOdKT4gjVJw+BdXwrGhzu/ptMwfOeVmsSKNcu
ty9cvGlJx/6Y1qCzOt2XGScVtfIDp1N86d30TKz+NCABr215DX5iiNztZ88fXpGD
D7QNV6dGVA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:56:07 2025 by rpki-client