Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/ERJ4ZQmOKZWoIaY-XUq47ePPW8E.roa
File: ERJ4ZQmOKZWoIaY-XUq47ePPW8E.roa (raw, json)
Hash identifier: tK2zEk6GVSNiqaFhgWyde3Br5IA+HhMCVF8coBM7RBw=
Subject key identifier: 11:12:78:65:09:8E:29:95:A8:21:A6:3E:5D:4A:B8:ED:E3:CF:5B:C1
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 16FF
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/ERJ4ZQmOKZWoIaY-XUq47ePPW8E.roa
Signing time: Wed 13 Mar 2024 01:21:52 +0000
ROA not before: Wed 13 Mar 2024 01:21:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 135377
IP address blocks: 106.75.192.0/24 maxlen: 24
106.75.193.0/24 maxlen: 24
106.75.194.0/24 maxlen: 24
106.75.195.0/24 maxlen: 24
106.75.196.0/24 maxlen: 24
106.75.197.0/24 maxlen: 24
106.75.198.0/24 maxlen: 24
106.75.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5887 (0x16ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Mar 13 01:21:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=11127865098E2995A821A63E5D4AB8EDE3CF5BC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1b:97:16:58:c1:ac:e2:60:35:f2:06:0c:ae:
b1:be:cc:5c:ef:7a:53:5e:e7:f6:ba:3a:26:15:7f:
20:05:d5:4d:74:4f:a8:28:d3:9f:59:1d:5c:11:47:
64:94:31:5a:5a:fb:46:3e:93:88:55:df:df:b9:e0:
26:41:a6:3e:4a:1d:27:8c:cd:80:8c:73:3f:2e:94:
f7:32:f3:a3:8b:9d:dc:5e:90:8d:70:8d:d5:b7:cb:
5f:5f:6b:ab:0b:e0:9b:fa:ef:ad:f2:4c:8a:bc:7a:
e1:1e:79:e1:81:77:78:bf:58:fa:80:81:e7:c4:2f:
c6:26:28:7c:58:08:c5:7a:83:04:ac:e3:d0:df:dc:
37:24:75:47:32:0c:f7:a2:ff:d4:1d:38:53:9d:71:
b5:6a:0f:cb:85:3e:50:fc:5c:da:60:7e:29:3d:df:
9c:95:41:3e:c7:a5:12:5b:db:32:27:5c:8b:f9:c1:
5f:25:ff:35:54:af:90:46:0e:05:1c:58:41:d3:31:
d5:2a:d3:ba:4e:74:ce:1c:cd:88:87:4e:49:cb:27:
2a:4c:83:ba:26:b2:97:66:93:6e:a8:1f:7a:c0:b3:
9c:7a:e2:29:aa:78:91:84:f6:f6:7d:c6:bb:af:59:
79:a0:3a:d0:47:15:23:76:d6:18:91:f7:59:c8:2c:
e7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:12:78:65:09:8E:29:95:A8:21:A6:3E:5D:4A:B8:ED:E3:CF:5B:C1
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/ERJ4ZQmOKZWoIaY-XUq47ePPW8E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.75.192.0/21
Signature Algorithm: sha256WithRSAEncryption
34:65:b4:f5:c9:5c:d5:da:bf:3c:f1:d3:95:a6:cb:b2:e2:d9:
f4:04:20:41:bc:f7:53:11:b0:16:c8:19:c3:af:83:a8:85:17:
1e:2b:e0:31:30:ca:a0:8d:17:cb:02:9a:d9:f2:b0:cf:b3:84:
1d:3a:d7:43:00:aa:a5:16:de:d8:81:88:ec:e1:c0:21:f0:4a:
2a:51:6f:ba:05:4a:f0:86:b7:7b:dc:73:0f:a0:ee:c9:8c:5c:
6b:bd:36:5c:b9:a1:61:31:4c:37:91:bc:e2:8c:09:1a:ee:99:
fb:be:75:0d:ab:7a:f3:ac:d0:f6:fd:59:23:fb:60:a7:1b:03:
c6:d4:c5:9a:b5:be:b1:30:47:c3:7c:e2:98:b1:ec:9a:02:e8:
28:b8:da:20:e9:fa:7f:29:3a:d0:2f:c6:c8:80:7e:8d:98:c6:
4b:5f:f5:4f:dc:60:14:b8:ac:a2:af:f7:50:5d:86:82:6b:47:
36:1d:1b:35:7f:37:c1:8a:59:b2:0a:96:2e:5b:41:24:80:44:
e4:13:ce:ee:f9:33:60:f4:07:4f:03:4d:69:b0:35:f1:d8:9d:
a9:ac:13:43:fb:40:9b:a5:87:d8:1e:55:8d:e8:3e:c9:90:31:
41:8e:52:b4:97:c2:2a:3b:21:27:3a:19:f2:8f:a0:73:d6:93:
ff:f6:a9:13
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFv8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNDAzMTMw
MTIxNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDExMTI3ODY1MDk4RTI5
OTVBODIxQTYzRTVENEFCOEVERTNDRjVCQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqG5cWWMGs4mA18gYMrrG+zFzvelNe5/a6OiYVfyAF1U10T6go
059ZHVwRR2SUMVpa+0Y+k4hV39+54CZBpj5KHSeMzYCMcz8ulPcy86OLndxekI1w
jdW3y19fa6sL4Jv6763yTIq8euEeeeGBd3i/WPqAgefEL8YmKHxYCMV6gwSs49Df
3DckdUcyDPei/9QdOFOdcbVqD8uFPlD8XNpgfik935yVQT7HpRJb2zInXIv5wV8l
/zVUr5BGDgUcWEHTMdUq07pOdM4czYiHTknLJypMg7omspdmk26oH3rAs5x64imq
eJGE9vZ9xruvWXmgOtBHFSN21hiR91nILOfNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUERJ4ZQmOKZWoIaY+XUq47ePPW8EwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0VSSjRaUW1PS1pXb0lh
WS1YVXE0N2VQUFc4RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BANqS8AwDQYJKoZIhvcNAQELBQADggEBADRltPXJXNXavzzx05Wmy7Li2fQEIEG8
91MRsBbIGcOvg6iFFx4r4DEwyqCNF8sCmtnysM+zhB0610MAqqUW3tiBiOzhwCHw
SipRb7oFSvCGt3vccw+g7smMXGu9Nly5oWExTDeRvOKMCRrumfu+dQ2revOs0Pb9
WSP7YKcbA8bUxZq1vrEwR8N84pix7JoC6Ci42iDp+n8pOtAvxsiAfo2Yxktf9U/c
YBS4rKKv91BdhoJrRzYdGzV/N8GKWbIKli5bQSSAROQTzu75M2D0B08DTWmwNfHY
namsE0P7QJulh9geVY3oPsmQMUGOUrSXwio7ISc6GfKPoHPWk//2qRM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:06 2025 by rpki-client