Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/e-RcNvHXkaYJsLZSaWMpPMFmaZE.roa
File: e-RcNvHXkaYJsLZSaWMpPMFmaZE.roa (raw, json)
Hash identifier: NYEeAcBUsCB/ll8/IHHqbGto+nzHjpAiEbkf5GDxZjk=
Subject key identifier: 7B:E4:5C:36:F1:D7:91:A6:09:B0:B6:52:69:63:29:3C:C1:66:69:91
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1D0A
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/e-RcNvHXkaYJsLZSaWMpPMFmaZE.roa
Signing time: Fri 17 Jan 2025 01:26:47 +0000
ROA not before: Fri 17 Jan 2025 01:26:47 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 136958
IP address blocks: 42.240.128.0/20 maxlen: 20
42.240.144.0/20 maxlen: 20
42.240.160.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7434 (0x1d0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Jan 17 01:26:47 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=7BE45C36F1D791A609B0B6526963293CC1666991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5b:88:66:e2:9d:4b:49:e9:f9:9d:0f:1b:a3:
da:5d:35:23:fa:f0:1d:aa:57:14:2d:ec:dc:f4:2b:
8d:8a:9e:09:79:6b:2a:ed:06:7e:ac:a3:20:9d:6a:
79:6f:c8:31:e8:02:24:b5:92:64:a2:36:11:1f:69:
ed:fb:b0:15:d3:f4:12:c0:b1:2f:d2:22:32:42:bc:
36:66:d4:9b:74:12:cd:9d:39:41:ef:f8:ed:a9:ad:
15:61:47:f6:9c:0d:44:cd:fd:21:43:5d:11:f1:df:
95:2a:a1:5c:70:69:fa:b4:9a:0f:a6:24:bc:20:c2:
51:86:c6:13:ff:d6:f3:a3:09:24:b5:1f:5c:52:fc:
ee:78:0b:29:64:6c:e8:26:bf:0d:63:d4:4f:64:84:
6d:15:46:76:26:b0:12:f8:c6:58:fa:68:5b:5d:82:
1e:31:d5:29:4a:5b:48:69:51:4d:f3:d5:bb:5f:b6:
6d:58:36:63:28:61:46:d0:39:4e:fe:10:83:26:95:
d8:e2:da:b3:74:21:33:e5:4c:00:93:e2:d3:2e:fe:
5b:3f:b7:3c:2d:1a:a6:11:c0:88:a1:ee:00:9a:20:
73:dd:d3:dd:4e:5e:66:e7:60:bf:9d:74:05:7f:2f:
f9:b5:c1:fa:d6:39:d8:aa:ff:6c:b3:5f:9d:3c:0a:
66:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:E4:5C:36:F1:D7:91:A6:09:B0:B6:52:69:63:29:3C:C1:66:69:91
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/e-RcNvHXkaYJsLZSaWMpPMFmaZE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
42.240.128.0-42.240.175.255
Signature Algorithm: sha256WithRSAEncryption
43:5a:f3:c0:72:43:5f:da:32:05:e6:67:b0:11:62:b3:29:ba:
29:13:0c:df:df:0a:9d:ec:63:d0:51:5c:d5:fb:1c:8e:4a:fa:
41:9c:02:ca:cc:c3:ce:3a:78:ae:86:c2:4f:b8:b3:47:d2:b2:
5e:33:70:87:30:53:7a:fc:5d:72:16:ca:d5:bd:48:ab:a5:bf:
6b:8f:63:92:08:d6:76:01:b4:7e:06:19:b2:96:63:b1:2c:3a:
ac:67:3f:c3:02:47:d1:10:c1:9b:f3:70:78:98:51:59:a4:4c:
f6:b0:c4:45:9e:1f:e4:b0:cc:1b:1b:0f:29:d5:b6:6c:a7:34:
0c:55:2c:c3:ed:c2:81:e3:fd:ac:2b:c8:8e:87:a9:f4:60:16:
30:49:7e:a6:11:c0:03:9b:de:77:6f:76:5c:c6:fe:ee:ee:65:
19:14:9a:b8:a4:be:5b:c9:1f:2f:c0:67:97:4e:29:a1:16:95:
5a:51:55:97:54:b7:b8:86:13:c9:05:10:ff:36:45:34:a9:df:
3f:46:0b:6d:16:58:13:f5:5b:f9:7c:3f:2d:8a:5c:19:db:fe:
60:34:54:c1:28:ad:56:72:d7:7e:b7:fc:1d:67:9d:8a:e7:4f:
45:31:2a:60:f5:2e:15:dc:70:e5:0e:f9:d1:ff:22:a7:4d:68:
00:a6:e8:31
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICHQowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTAxMTcw
MTI2NDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDdCRTQ1QzM2RjFENzkx
QTYwOUIwQjY1MjY5NjMyOTNDQzE2NjY5OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDW4hm4p1LSen5nQ8bo9pdNSP68B2qVxQt7Nz0K42Kngl5ayrt
Bn6soyCdanlvyDHoAiS1kmSiNhEfae37sBXT9BLAsS/SIjJCvDZm1Jt0Es2dOUHv
+O2prRVhR/acDUTN/SFDXRHx35UqoVxwafq0mg+mJLwgwlGGxhP/1vOjCSS1H1xS
/O54CylkbOgmvw1j1E9khG0VRnYmsBL4xlj6aFtdgh4x1SlKW0hpUU3z1btftm1Y
NmMoYUbQOU7+EIMmldji2rN0ITPlTACT4tMu/ls/tzwtGqYRwIih7gCaIHPd091O
XmbnYL+ddAV/L/m1wfrWOdiq/2yzX508CmaDAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUe+RcNvHXkaYJsLZSaWMpPMFmaZEwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2UtUmNOdkhYa2FZSnNM
WlNhV01wUE1GbWFaRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4w
DAMEByrwgAMEBCrwoDANBgkqhkiG9w0BAQsFAAOCAQEAQ1rzwHJDX9oyBeZnsBFi
sym6KRMM398Knexj0FFc1fscjkr6QZwCyszDzjp4robCT7izR9KyXjNwhzBTevxd
chbK1b1Iq6W/a49jkgjWdgG0fgYZspZjsSw6rGc/wwJH0RDBm/NweJhRWaRM9rDE
RZ4f5LDMGxsPKdW2bKc0DFUsw+3CgeP9rCvIjoep9GAWMEl+phHAA5ved292XMb+
7u5lGRSauKS+W8kfL8Bnl04poRaVWlFVl1S3uIYTyQUQ/zZFNKnfP0YLbRZYE/Vb
+Xw/LYpcGdv+YDRUwSitVnLXfrf8HWediudPRTEqYPUuFdxw5Q750f8ip01oAKbo
MQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:17:28 2025 by rpki-client