Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/I3CibKUcWIZEosrsl2sYhBjQj0M.roa
File: I3CibKUcWIZEosrsl2sYhBjQj0M.roa (raw, json)
Hash identifier: aVZzsm4/5YrreXTCwwyC2JhQhMucx57dh1TgW0osbu8=
Subject key identifier: 23:70:A2:6C:A5:1C:58:86:44:A2:CA:EC:97:6B:18:84:18:D0:8F:43
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 02D6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/I3CibKUcWIZEosrsl2sYhBjQj0M.roa
Signing time: Sat 10 May 2025 20:37:51 +0000
ROA not before: Sat 10 May 2025 20:37:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 726 (0x2d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 20:37:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2370A26CA51C588644A2CAEC976B188418D08F43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c0:84:f1:30:66:5d:77:9c:a9:93:25:71:de:
36:44:24:5b:94:92:de:a4:fa:0a:67:7f:bc:68:b3:
d3:57:47:ef:b1:d3:16:04:86:e0:8b:8e:9f:a0:f2:
bd:e5:e3:6c:75:dc:3a:49:c3:fa:26:39:92:bd:0c:
5d:b7:99:58:0f:ce:42:47:7f:d0:63:50:43:8d:e9:
6c:b5:b1:0e:d9:6a:5a:d8:52:e2:b5:11:e6:e2:5b:
46:af:8d:ab:7f:f5:2e:c7:0f:3e:09:2d:fa:71:44:
b3:38:ac:5f:35:31:fa:43:e5:2d:6c:ea:11:e3:e2:
ce:ec:9c:b5:f0:34:b5:a3:b1:e5:41:f3:09:a0:6e:
cc:d1:37:55:94:2d:aa:7d:aa:90:38:cb:cc:07:a5:
09:cb:37:7e:56:0d:6f:11:12:c8:c0:80:dc:03:4d:
55:1f:a2:aa:af:e9:b8:30:14:53:a1:4a:28:a5:73:
8b:86:90:93:c3:0f:62:49:74:17:7e:51:d3:d0:af:
4d:5f:64:c6:4a:83:45:4d:9b:48:ca:d0:5f:22:c2:
13:dc:ed:62:2e:2f:c5:36:ac:3c:95:a1:2f:57:a4:
dd:28:7e:ca:b7:c0:50:d8:a3:00:ca:6f:2c:6f:cc:
da:eb:ed:a9:82:cf:ef:3c:34:75:2e:1d:a4:be:0b:
3d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:70:A2:6C:A5:1C:58:86:44:A2:CA:EC:97:6B:18:84:18:D0:8F:43
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/I3CibKUcWIZEosrsl2sYhBjQj0M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:c4:dc:b4:b2:c6:cf:f6:9f:1d:f5:70:5b:47:bc:1d:d2:28:
53:5b:39:2a:fc:c0:55:d0:25:79:46:70:2a:27:49:03:4a:5c:
fc:7e:8d:a7:9d:80:d9:a6:0a:3e:8f:d0:d6:b9:0d:ab:51:38:
be:c1:99:6d:c4:fb:20:32:23:38:e4:89:c0:97:de:8e:36:46:
56:cb:23:c8:7e:9d:fd:22:a7:ca:f8:07:30:db:5c:5b:b7:21:
31:7d:26:05:fd:0e:de:34:ef:23:8c:e2:ca:c2:33:7e:51:a1:
26:3e:c8:54:7e:f3:54:b2:a0:7f:90:e1:d6:f3:9e:03:4d:b6:
f6:41:76:47:27:e5:90:06:ff:41:bb:49:d4:bb:d2:56:9b:ce:
64:8e:27:c9:38:95:b3:d2:5e:da:53:33:93:85:c5:04:10:6a:
04:f0:af:ab:7c:6e:8c:f5:93:3a:94:fa:ab:a3:57:5d:d6:0b:
4e:6e:8f:46:38:83:79:04:d4:c1:de:03:1c:b0:ea:d3:1d:4d:
5a:4b:b3:04:f8:3a:f5:b4:1a:41:ed:88:87:82:6c:20:bd:76:
17:55:29:1e:f0:f7:b7:11:f0:4c:55:99:81:1f:3a:ef:2a:4b:
36:b7:bd:c7:92:ad:55:b6:c3:50:5c:ce:1d:76:1f:b0:8c:d4:
ed:c3:dd:09
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAtYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAy
MDM3NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIzNzBBMjZDQTUxQzU4
ODY0NEEyQ0FFQzk3NkIxODg0MThEMDhGNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFwITxMGZdd5ypkyVx3jZEJFuUkt6k+gpnf7xos9NXR++x0xYE
huCLjp+g8r3l42x13DpJw/omOZK9DF23mVgPzkJHf9BjUEON6Wy1sQ7ZalrYUuK1
EebiW0avjat/9S7HDz4JLfpxRLM4rF81MfpD5S1s6hHj4s7snLXwNLWjseVB8wmg
bszRN1WULap9qpA4y8wHpQnLN35WDW8REsjAgNwDTVUfoqqv6bgwFFOhSiilc4uG
kJPDD2JJdBd+UdPQr01fZMZKg0VNm0jK0F8iwhPc7WIuL8U2rDyVoS9XpN0ofsq3
wFDYowDKbyxvzNrr7amCz+88NHUuHaS+Cz0jAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUI3CibKUcWIZEosrsl2sYhBjQj0MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JM0NpYktVY1dJWkVvc3Jz
bDJzWWhCalFqME0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAF7E3LSyxs/2nx31cFtHvB3SKFNbOSr8wFXQ
JXlGcConSQNKXPx+jaedgNmmCj6P0Na5DatROL7BmW3E+yAyIzjkicCX3o42RlbL
I8h+nf0ip8r4BzDbXFu3ITF9JgX9Dt407yOM4srCM35RoSY+yFR+81SyoH+Q4dbz
ngNNtvZBdkcn5ZAG/0G7SdS70labzmSOJ8k4lbPSXtpTM5OFxQQQagTwr6t8boz1
kzqU+qujV13WC05uj0Y4g3kE1MHeAxyw6tMdTVpLswT4OvW0GkHtiIeCbCC9dhdV
KR7w97cR8ExVmYEfOu8qSza3vceSrVW2w1Bczh12H7CM1O3D3Qk=
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:56:08 2025 by rpki-client