Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/mZ4wa3h5VnP3HhPa70W14S6h7_4.roa
File: mZ4wa3h5VnP3HhPa70W14S6h7_4.roa (raw, json)
Hash identifier: lcRoNbfxH5p4M1W+4xZaSBgfZt5WaNW+2CNCqFsymZU=
Subject key identifier: 99:9E:30:6B:78:79:56:73:F7:1E:13:DA:EF:45:B5:E1:2E:A1:EF:FE
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1D08
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/mZ4wa3h5VnP3HhPa70W14S6h7_4.roa
Signing time: Fri 17 Jan 2025 01:26:47 +0000
ROA not before: Fri 17 Jan 2025 01:26:47 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 58466
IP address blocks: 42.240.128.0/20 maxlen: 20
42.240.144.0/20 maxlen: 20
42.240.160.0/20 maxlen: 20
106.75.128.0/20 maxlen: 20
106.75.144.0/20 maxlen: 20
106.75.160.0/20 maxlen: 20
106.75.176.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7432 (0x1d08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Jan 17 01:26:47 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=999E306B78795673F71E13DAEF45B5E12EA1EFFE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ca:aa:6d:47:76:af:63:21:ec:79:be:f2:f9:
32:3e:69:ac:1e:ae:c4:97:7c:16:b9:97:32:ec:7e:
f6:66:81:ee:13:3c:e2:45:c1:36:58:a3:b5:e1:b8:
62:c0:ee:0f:f1:9a:18:80:12:29:a3:96:1f:8c:6d:
bd:19:1d:dc:b4:80:03:9c:7d:ec:ae:e3:5f:33:71:
a4:37:fb:92:1a:06:f1:71:8d:83:21:35:41:eb:8e:
a2:74:81:57:ea:46:ea:73:92:11:42:0e:75:8d:66:
24:3f:05:d5:84:5f:4a:af:c6:f9:e0:5f:4f:81:0d:
df:09:27:4b:a3:14:5b:a1:58:5f:2f:04:76:64:76:
0c:19:91:3e:ce:b7:a2:fa:65:f4:b2:83:e3:bb:0e:
e3:20:e1:3f:e6:67:dc:b1:45:cd:66:80:63:fd:d9:
a6:84:76:6c:8a:f8:22:c4:d5:ae:5d:09:d7:eb:88:
c8:10:c5:2b:19:b5:82:c4:2c:3f:56:a8:b4:e8:f9:
de:36:9c:59:1a:3e:b3:c4:56:88:58:a0:ff:40:ad:
fa:e4:25:00:3a:da:69:be:e9:47:94:38:8b:c8:39:
d7:3d:ca:b8:19:1e:97:c0:02:dc:4f:46:32:81:53:
63:74:0a:57:24:c9:d7:ce:a1:40:ae:3a:e0:9f:cf:
42:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:9E:30:6B:78:79:56:73:F7:1E:13:DA:EF:45:B5:E1:2E:A1:EF:FE
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/mZ4wa3h5VnP3HhPa70W14S6h7_4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
42.240.128.0-42.240.175.255
106.75.128.0/18
Signature Algorithm: sha256WithRSAEncryption
b2:78:91:84:b3:9d:90:11:93:bd:6c:60:a0:15:38:06:34:05:
54:13:30:20:b3:7a:f9:c5:70:a7:c4:9d:fc:10:9a:a2:6e:2f:
0b:60:3f:aa:b2:84:4c:a8:61:7d:1f:1a:04:3b:47:7b:62:c9:
10:34:34:15:e1:c1:61:4e:b6:8d:26:b9:1a:d0:a3:62:49:48:
5d:45:e0:d2:aa:cf:8b:c8:aa:e5:39:b7:0e:e9:99:1d:c7:fc:
c6:39:5d:75:06:05:08:3e:a6:1e:68:5a:4b:f2:81:d8:ee:8c:
32:4a:fe:98:e2:94:4a:a7:cb:9f:09:6c:b2:81:45:52:20:93:
71:42:a1:fb:c3:a1:1d:c9:6d:27:a5:32:4a:85:29:80:1d:96:
42:d6:2e:e9:0e:91:58:00:0a:d8:94:a7:ff:4d:f7:53:2c:c2:
ed:65:fc:40:e4:1a:7e:04:fc:72:b3:be:eb:8a:4c:b0:e5:24:
63:9e:3c:6a:24:4d:a4:b4:df:78:ad:c7:30:68:cc:ad:be:c4:
c0:ab:f9:4d:10:b8:e4:4c:f9:cf:48:e3:06:cc:bc:ec:c2:af:
74:9d:d7:2c:70:3a:d0:52:44:01:8b:52:3a:54:39:19:53:45:
69:51:05:db:6d:62:2a:4d:90:45:92:87:cf:fe:af:8a:52:6b:
2b:55:e7:10
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgICHQgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTAxMTcw
MTI2NDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDk5OUUzMDZCNzg3OTU2
NzNGNzFFMTNEQUVGNDVCNUUxMkVBMUVGRkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoyqptR3avYyHseb7y+TI+aawersSXfBa5lzLsfvZmge4TPOJF
wTZYo7XhuGLA7g/xmhiAEimjlh+Mbb0ZHdy0gAOcfeyu418zcaQ3+5IaBvFxjYMh
NUHrjqJ0gVfqRupzkhFCDnWNZiQ/BdWEX0qvxvngX0+BDd8JJ0ujFFuhWF8vBHZk
dgwZkT7Ot6L6ZfSyg+O7DuMg4T/mZ9yxRc1mgGP92aaEdmyK+CLE1a5dCdfriMgQ
xSsZtYLELD9WqLTo+d42nFkaPrPEVohYoP9ArfrkJQA62mm+6UeUOIvIOdc9yrgZ
HpfAAtxPRjKBU2N0ClckydfOoUCuOuCfz0KXAgMBAAGjggH/MIIB+zAdBgNVHQ4E
FgQUmZ4wa3h5VnP3HhPa70W14S6h7/4wHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L21aNHdhM2g1Vm5QM0ho
UGE3MFcxNFM2aDdfNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQw
DAMEByrwgAMEBCrwoAMEBmpLgDANBgkqhkiG9w0BAQsFAAOCAQEAsniRhLOdkBGT
vWxgoBU4BjQFVBMwILN6+cVwp8Sd/BCaom4vC2A/qrKETKhhfR8aBDtHe2LJEDQ0
FeHBYU62jSa5GtCjYklIXUXg0qrPi8iq5Tm3DumZHcf8xjlddQYFCD6mHmhaS/KB
2O6MMkr+mOKUSqfLnwlssoFFUiCTcUKh+8OhHcltJ6UySoUpgB2WQtYu6Q6RWAAK
2JSn/033UyzC7WX8QOQafgT8crO+64pMsOUkY548aiRNpLTfeK3HMGjMrb7EwKv5
TRC45Ez5z0jjBsy87MKvdJ3XLHA60FJEAYtSOlQ5GVNFaVEF221iKk2QRZKHz/6v
ilJrK1XnEA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:47 2025 by rpki-client