Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/721/pCD7g6xZIOYEt3L4B5Kw69Iijwg.roa
File: pCD7g6xZIOYEt3L4B5Kw69Iijwg.roa (raw, json)
Hash identifier: GqobMFyHZb/uTGS5by9T74r2Dh3iM+3w+uYHclash2A=
Subject key identifier: A4:20:FB:83:AC:59:20:E6:04:B7:72:F8:07:92:B0:EB:D2:22:8F:08
Certificate issuer: /CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A
Certificate serial: 17C2
Authority key identifier: EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/pCD7g6xZIOYEt3L4B5Kw69Iijwg.roa
Signing time: Tue 24 Sep 2024 00:18:54 +0000
ROA not before: Tue 24 Sep 2024 00:18:54 +0000
ROA not after: Sat 20 Sep 2025 07:41:26 +0000
asID: 56040
IP address blocks: 43.255.212.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6082 (0x17c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A
Validity
Not Before: Sep 24 00:18:54 2024 GMT
Not After : Sep 20 07:41:26 2025 GMT
Subject: CN=A420FB83AC5920E604B772F80792B0EBD2228F08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ae:e3:08:0e:35:25:7e:84:ce:af:15:2d:21:
b8:5d:83:4c:e9:23:d2:01:61:70:ec:2b:81:4b:a9:
cf:a3:d7:25:2c:30:92:d2:b4:05:96:83:90:99:b2:
e4:97:95:17:e3:dd:dc:cc:bc:f6:4a:e7:eb:d3:4b:
ae:a1:1d:85:4f:ba:f3:42:4f:62:9f:b8:57:b6:a8:
23:77:2b:69:89:da:27:d3:bf:81:1b:a4:58:8a:c8:
5e:56:e7:10:a6:fa:0c:12:66:f8:35:36:2d:c2:89:
d2:f3:b6:07:9e:03:a5:eb:d1:fd:a5:98:5f:72:20:
75:d8:d2:96:ee:ff:df:f7:b5:b1:36:b7:19:43:a4:
12:10:5a:e3:b8:af:39:3d:29:c6:ab:7a:05:c7:9f:
f1:59:1f:d5:df:91:74:f1:e1:08:0f:c1:37:c6:c7:
35:6e:2c:c1:bd:e6:fe:d6:e6:e5:07:4b:4d:6d:c6:
72:a0:c3:70:7b:40:ea:8f:2e:c0:9c:d2:ac:b4:c5:
56:55:9a:4a:15:12:d7:ad:d1:fa:cc:a0:a9:35:52:
d5:ab:27:23:ef:1c:ae:73:38:a0:7e:b3:80:0e:b8:
fc:a4:e1:b4:f8:12:e7:20:fb:9f:b6:e3:54:18:ea:
dc:2e:63:86:96:33:01:a5:72:cb:f3:dc:d9:d9:59:
36:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:20:FB:83:AC:59:20:E6:04:B7:72:F8:07:92:B0:EB:D2:22:8F:08
X509v3 Authority Key Identifier:
keyid:EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/pCD7g6xZIOYEt3L4B5Kw69Iijwg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.212.0/22
Signature Algorithm: sha256WithRSAEncryption
45:4f:cf:56:de:bb:bf:a6:21:c3:53:5c:73:6a:f1:cf:5f:62:
e3:71:25:80:f9:51:be:d3:30:70:3b:91:1c:22:70:b5:85:37:
f8:db:62:a8:dd:1e:8c:b9:a6:a8:3a:7e:74:66:01:bc:7e:17:
7d:1a:6e:58:c3:4d:63:db:51:e3:11:54:0d:f3:f9:75:e4:f0:
3f:1c:2f:a2:d4:89:5a:d6:39:65:27:c6:ce:4a:fb:21:51:9b:
83:68:cc:e1:12:26:4f:09:91:86:a0:46:f0:d3:ec:a9:90:6f:
37:04:a7:95:4f:39:10:f2:27:bc:ba:b6:92:a4:4f:8a:0c:42:
b3:f1:18:7b:b6:66:de:df:31:4d:49:94:26:07:5c:6c:89:4a:
43:d8:c9:c4:c6:f8:08:f7:6e:40:5a:72:0a:f0:eb:6f:10:ee:
77:a9:b8:a3:bb:aa:48:37:36:1a:99:c8:9d:18:3b:b2:ba:2d:
59:2b:a1:a1:28:ba:14:4e:9d:1a:af:8d:9b:67:7d:63:d4:e3:
1c:9f:3d:26:5b:2c:1c:58:ed:4f:43:54:f5:80:56:a6:f0:ae:
ca:bc:21:3b:0f:6e:e8:2c:4c:c1:0a:e9:95:48:4a:41:1b:ca:
01:ff:f9:15:a5:de:76:eb:dd:df:38:97:67:3d:fe:f0:f5:88:
c8:31:08:8a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICF8IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUU4
ODdBQ0M3Q0U0QjVGNjZDQ0Y0OTQ2RjAyQkZBQ0JERTI4Qjc2QTAeFw0yNDA5MjQw
MDE4NTRaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKEE0MjBGQjgzQUM1OTIw
RTYwNEI3NzJGODA3OTJCMEVCRDIyMjhGMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKruMIDjUlfoTOrxUtIbhdg0zpI9IBYXDsK4FLqc+j1yUsMJLS
tAWWg5CZsuSXlRfj3dzMvPZK5+vTS66hHYVPuvNCT2KfuFe2qCN3K2mJ2ifTv4Eb
pFiKyF5W5xCm+gwSZvg1Ni3CidLztgeeA6Xr0f2lmF9yIHXY0pbu/9/3tbE2txlD
pBIQWuO4rzk9KcaregXHn/FZH9XfkXTx4QgPwTfGxzVuLMG95v7W5uUHS01txnKg
w3B7QOqPLsCc0qy0xVZVmkoVEtet0frMoKk1UtWrJyPvHK5zOKB+s4AOuPyk4bT4
Eucg+5+241QY6twuY4aWMwGlcsvz3NnZWTaVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUpCD7g6xZIOYEt3L4B5Kw69IijwgwHwYDVR0jBBgwFoAU7oh6zHzktfZsz0lG
8Cv6y94ot2owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIx
LzdvaDZ6SHprdGZac3owbEc4Q3Y2eTk0b3Qyby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvN29oNnpIemt0ZlpzejBsRzhDdjZ5OTRvdDJvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIxL3BDRDdnNnhaSU9ZRXQz
TDRCNUt3NjlJaWp3Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIr/9QwDQYJKoZIhvcNAQELBQADggEBAEVPz1beu7+mIcNTXHNq8c9fYuNxJYD5
Ub7TMHA7kRwicLWFN/jbYqjdHoy5pqg6fnRmAbx+F30abljDTWPbUeMRVA3z+XXk
8D8cL6LUiVrWOWUnxs5K+yFRm4NozOESJk8JkYagRvDT7KmQbzcEp5VPORDyJ7y6
tpKkT4oMQrPxGHu2Zt7fMU1JlCYHXGyJSkPYycTG+Aj3bkBacgrw628Q7nepuKO7
qkg3NhqZyJ0YO7K6LVkroaEouhROnRqvjZtnfWPU4xyfPSZbLBxY7U9DVPWAVqbw
rsq8ITsPbugsTMEK6ZVISkEbygH/+RWl3nbr3d84l2c9/vD1iMgxCIo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:17 2025 by rpki-client