Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/sMntCxUtK_jseejaS5-JuTzGRbo.roa
File: sMntCxUtK_jseejaS5-JuTzGRbo.roa (raw, json)
Hash identifier: W/RCOC1i921KNgUzkOxQpq7Cf8D/JtxRY4PxIMJC1do=
Subject key identifier: B0:C9:ED:0B:15:2D:2B:F8:EC:79:E8:DA:4B:9F:89:B9:3C:C6:45:BA
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1D0C
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/sMntCxUtK_jseejaS5-JuTzGRbo.roa
Signing time: Fri 17 Jan 2025 01:26:48 +0000
ROA not before: Fri 17 Jan 2025 01:26:48 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4812
IP address blocks: 106.75.224.0/20 maxlen: 20
106.75.240.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7436 (0x1d0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Jan 17 01:26:48 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=B0C9ED0B152D2BF8EC79E8DA4B9F89B93CC645BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8b:56:89:dc:8f:25:7b:dc:05:e4:2d:cf:59:
43:bf:db:50:89:de:7d:8f:14:b4:51:a8:30:09:81:
2c:20:ad:5f:38:63:83:02:83:38:08:69:40:30:35:
2b:03:d8:69:ee:33:b4:2a:97:9e:31:81:82:fb:96:
39:ff:b2:bf:c9:80:9b:f9:af:62:22:e1:a0:a3:f3:
28:f1:96:8a:3c:d6:2d:13:7a:84:c3:62:2c:93:ab:
97:ac:ac:f4:36:e7:98:ea:d4:be:bc:d7:e2:b8:90:
4a:5b:34:c0:ce:e5:82:86:86:7c:6f:c3:58:15:a2:
af:de:d7:72:a7:e7:d8:87:6a:c3:33:29:c5:4d:17:
fc:4c:dc:03:6c:6b:28:60:91:0d:27:9e:f2:0f:f1:
93:29:82:1d:7c:ee:c8:e8:76:29:82:f6:50:29:ce:
aa:ea:d4:35:bb:0b:d5:08:32:4c:eb:ee:df:67:d7:
8b:99:a0:3f:34:1d:53:4b:fe:84:35:11:3c:e1:78:
f4:db:3b:19:cb:3f:49:b9:a3:3c:88:3e:9b:05:80:
3b:89:06:15:32:89:30:f3:3f:34:81:71:92:8f:4c:
19:ed:93:de:ec:bb:87:33:6a:55:02:9f:d3:c2:9c:
c9:e8:37:df:73:c6:d8:5b:9e:f8:01:0e:dc:13:e5:
98:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C9:ED:0B:15:2D:2B:F8:EC:79:E8:DA:4B:9F:89:B9:3C:C6:45:BA
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/sMntCxUtK_jseejaS5-JuTzGRbo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.75.224.0/19
Signature Algorithm: sha256WithRSAEncryption
0d:dc:5c:a3:ee:bc:ea:86:4d:29:ab:e8:f2:e0:41:1e:f1:df:
3a:09:3d:8f:08:47:60:e6:ff:f0:e0:2b:16:ae:fb:b2:08:2d:
94:57:67:24:68:e7:f1:1e:20:ee:cd:5a:f9:58:22:c9:b9:72:
64:36:9c:7e:91:65:f6:b0:24:3b:78:64:62:39:6c:56:49:a2:
26:3f:53:63:4a:84:39:71:11:82:43:a7:b8:a6:bb:66:c0:ef:
df:33:16:96:eb:d4:60:3f:34:40:b0:7e:c1:1b:8a:74:33:16:
ff:84:27:df:a4:f3:23:21:ad:b0:b6:14:f9:40:8b:36:9d:0d:
ca:ba:4d:56:95:57:1a:32:c5:97:c0:a3:6e:9b:66:e8:cd:d9:
f8:5d:a0:a6:f9:19:36:1d:0c:c3:58:6e:ed:27:78:7d:80:7e:
84:52:21:16:ce:69:8e:df:16:27:ba:23:6c:6c:6a:81:d1:73:
b9:bb:33:2a:a0:50:4c:cc:24:40:71:16:db:22:16:38:aa:0e:
dc:fc:2f:42:3d:1e:9a:65:bd:d6:bb:60:7d:fe:15:3a:43:c4:
de:08:0f:42:68:b9:2e:31:0e:47:6b:39:01:9f:f7:44:ee:64:
d0:c5:22:b5:d1:74:f9:4b:4f:7d:4a:ca:09:a2:21:5f:c2:37:
f1:cb:c1:8b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHQwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTAxMTcw
MTI2NDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEIwQzlFRDBCMTUyRDJC
RjhFQzc5RThEQTRCOUY4OUI5M0NDNjQ1QkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGi1aJ3I8le9wF5C3PWUO/21CJ3n2PFLRRqDAJgSwgrV84Y4MC
gzgIaUAwNSsD2GnuM7Qql54xgYL7ljn/sr/JgJv5r2Ii4aCj8yjxloo81i0TeoTD
YiyTq5esrPQ255jq1L681+K4kEpbNMDO5YKGhnxvw1gVoq/e13Kn59iHasMzKcVN
F/xM3ANsayhgkQ0nnvIP8ZMpgh187sjodimC9lApzqrq1DW7C9UIMkzr7t9n14uZ
oD80HVNL/oQ1ETzhePTbOxnLP0m5ozyIPpsFgDuJBhUyiTDzPzSBcZKPTBntk97s
u4czalUCn9PCnMnoN99zxthbnvgBDtwT5ZhFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsMntCxUtK/jseejaS5+JuTzGRbowHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3NNbnRDeFV0S19qc2Vl
amFTNS1KdVR6R1Jiby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAVqS+AwDQYJKoZIhvcNAQELBQADggEBAA3cXKPuvOqGTSmr6PLgQR7x3zoJPY8I
R2Dm//DgKxau+7IILZRXZyRo5/EeIO7NWvlYIsm5cmQ2nH6RZfawJDt4ZGI5bFZJ
oiY/U2NKhDlxEYJDp7imu2bA798zFpbr1GA/NECwfsEbinQzFv+EJ9+k8yMhrbC2
FPlAizadDcq6TVaVVxoyxZfAo26bZujN2fhdoKb5GTYdDMNYbu0neH2AfoRSIRbO
aY7fFie6I2xsaoHRc7m7MyqgUEzMJEBxFtsiFjiqDtz8L0I9Hpplvda7YH3+FTpD
xN4ID0JouS4xDkdrOQGf90TuZNDFIrXRdPlLT31KygmiIV/CN/HLwYs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:35 2025 by rpki-client