Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/1h7MjSQkDHW0g0wxTf5pE-fkqNg.roa
File: 1h7MjSQkDHW0g0wxTf5pE-fkqNg.roa (raw, json)
Hash identifier: s33f7SFvTxJ40vJ42UpvBavXht/UaSIuqUD5A0fKGlg=
Subject key identifier: D6:1E:CC:8D:24:24:0C:75:B4:83:4C:31:4D:FE:69:13:E7:E4:A8:D8
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1703
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/1h7MjSQkDHW0g0wxTf5pE-fkqNg.roa
Signing time: Wed 13 Mar 2024 01:21:53 +0000
ROA not before: Wed 13 Mar 2024 01:21:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4812
IP address blocks: 106.75.224.0/20 maxlen: 20
106.75.240.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5891 (0x1703)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Mar 13 01:21:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D61ECC8D24240C75B4834C314DFE6913E7E4A8D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c4:d7:6f:09:f9:00:a3:93:07:c2:29:f7:31:
2b:2f:0e:33:d5:d0:c6:0f:1c:2e:16:2a:b6:0b:63:
f9:b0:b8:53:2d:d8:99:7e:5d:4c:2a:18:b9:61:a2:
f3:8f:4f:c1:d6:d4:72:5b:54:53:ec:d3:46:fa:a8:
36:37:65:90:e3:4a:4c:a4:15:09:df:88:67:d1:1b:
1f:1a:85:99:45:ee:55:6d:59:1e:37:6d:d8:c3:85:
14:be:df:8f:55:e9:5b:cc:0b:d0:ec:25:8a:f6:6c:
fb:48:93:00:53:40:98:88:d7:05:88:d0:d7:ff:7f:
1c:50:a3:33:81:54:54:7e:15:2c:69:ca:1d:96:95:
eb:2a:c4:0a:16:94:71:da:f0:c3:4b:4b:e8:86:71:
37:9e:35:8f:d8:50:fd:e4:ce:ca:f2:3f:35:a6:8b:
c4:50:64:ce:d2:ae:0d:72:90:cd:ac:29:8d:b3:ad:
88:c4:37:6d:e2:5e:d3:23:17:5e:57:01:ca:16:f4:
b0:fa:7a:68:ae:e4:d1:3e:eb:e9:4b:73:09:63:84:
96:15:98:67:a6:eb:62:cc:10:71:0a:19:26:e2:a9:
d1:89:85:a1:77:d7:78:55:d9:ea:d1:ee:41:d7:99:
47:64:5b:30:dc:ac:c7:f6:47:d7:eb:36:c4:81:38:
90:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:1E:CC:8D:24:24:0C:75:B4:83:4C:31:4D:FE:69:13:E7:E4:A8:D8
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/1h7MjSQkDHW0g0wxTf5pE-fkqNg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.75.224.0/19
Signature Algorithm: sha256WithRSAEncryption
83:50:8b:f4:f5:b1:b4:4c:dc:f3:71:40:4e:79:93:cd:eb:8f:
6a:bf:a6:6b:8b:d5:0d:85:c4:e5:39:eb:91:26:f0:4d:0b:6d:
02:36:bc:bf:bf:d7:05:3f:41:22:31:91:fd:80:1d:04:32:18:
3a:74:32:59:c4:7b:0a:67:d7:f8:36:19:b4:b8:dd:b6:11:16:
2c:3e:14:66:1d:00:3a:57:20:33:0a:30:c6:11:aa:fe:6d:17:
a1:a8:a5:47:2e:29:38:16:08:07:cc:33:fe:1b:8c:ee:ea:b1:
48:e1:07:28:2a:d5:1c:1c:79:f7:c8:1e:be:1c:52:ea:22:ef:
34:c4:29:c2:58:48:36:de:fb:af:74:cc:06:d9:67:96:5b:30:
9d:4e:f9:c7:0f:f5:f9:76:af:99:9f:89:b2:fd:7d:0c:65:20:
43:93:88:6d:98:42:c8:31:96:7f:09:15:69:27:e6:61:b7:23:
63:f5:63:d8:f9:18:01:6d:8e:9e:48:3b:60:d1:7c:27:b4:38:
42:cb:69:00:a3:af:c1:5e:78:9e:80:f1:e0:46:33:ff:11:fd:
6a:1d:ac:86:3d:59:cd:42:83:0e:99:64:e0:90:a3:2a:f8:af:
b7:ab:6d:43:da:bf:81:cf:3c:10:9c:e5:dc:a0:fd:59:1b:b1:
a0:bb:b8:51
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFwMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNDAzMTMw
MTIxNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ2MUVDQzhEMjQyNDBD
NzVCNDgzNEMzMTRERkU2OTEzRTdFNEE4RDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1xNdvCfkAo5MHwin3MSsvDjPV0MYPHC4WKrYLY/mwuFMt2Jl+
XUwqGLlhovOPT8HW1HJbVFPs00b6qDY3ZZDjSkykFQnfiGfRGx8ahZlF7lVtWR43
bdjDhRS+349V6VvMC9DsJYr2bPtIkwBTQJiI1wWI0Nf/fxxQozOBVFR+FSxpyh2W
lesqxAoWlHHa8MNLS+iGcTeeNY/YUP3kzsryPzWmi8RQZM7Srg1ykM2sKY2zrYjE
N23iXtMjF15XAcoW9LD6emiu5NE+6+lLcwljhJYVmGem62LMEHEKGSbiqdGJhaF3
13hV2erR7kHXmUdkWzDcrMf2R9frNsSBOJC9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU1h7MjSQkDHW0g0wxTf5pE+fkqNgwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3LzFoN01qU1FrREhXMGcw
d3hUZjVwRS1ma3FOZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAVqS+AwDQYJKoZIhvcNAQELBQADggEBAINQi/T1sbRM3PNxQE55k83rj2q/pmuL
1Q2FxOU565Em8E0LbQI2vL+/1wU/QSIxkf2AHQQyGDp0MlnEewpn1/g2GbS43bYR
Fiw+FGYdADpXIDMKMMYRqv5tF6GopUcuKTgWCAfMM/4bjO7qsUjhBygq1RwceffI
Hr4cUuoi7zTEKcJYSDbe+690zAbZZ5ZbMJ1O+ccP9fl2r5mfibL9fQxlIEOTiG2Y
Qsgxln8JFWkn5mG3I2P1Y9j5GAFtjp5IO2DRfCe0OELLaQCjr8FeeJ6A8eBGM/8R
/WodrIY9Wc1Cgw6ZZOCQoyr4r7erbUPav4HPPBCc5dyg/VkbsaC7uFE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:18 2025 by rpki-client