Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/vxkYrgp7CFmcPITnZQ7G-ZRYsZ0.roa
File: vxkYrgp7CFmcPITnZQ7G-ZRYsZ0.roa (raw, json)
Hash identifier: wbJjJh+2zu6VAgdzbvpTOYocrmVQMGQy2rapGPepPKw=
Subject key identifier: BF:19:18:AE:0A:7B:08:59:9C:3C:84:E7:65:0E:C6:F9:94:58:B1:9D
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1D09
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/vxkYrgp7CFmcPITnZQ7G-ZRYsZ0.roa
Signing time: Fri 17 Jan 2025 01:26:47 +0000
ROA not before: Fri 17 Jan 2025 01:26:47 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59077
IP address blocks: 106.75.128.0/20 maxlen: 20
106.75.144.0/20 maxlen: 20
106.75.160.0/20 maxlen: 20
106.75.176.0/20 maxlen: 20
113.31.160.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7433 (0x1d09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Jan 17 01:26:47 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=BF1918AE0A7B08599C3C84E7650EC6F99458B19D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ed:b0:fe:a1:39:5a:ce:b7:c3:0d:4d:65:4c:
6c:71:e4:bd:1a:cb:8e:da:e4:d5:6f:62:2d:84:28:
12:ea:00:6c:80:f1:0a:cb:37:5d:ca:54:da:7e:6d:
9b:37:4e:03:16:20:dd:b6:ee:05:c4:a0:e5:10:0e:
8c:83:e3:83:7f:58:59:57:2f:d6:d2:30:37:e1:93:
51:35:72:5c:07:3d:ba:8f:c6:f3:e5:bd:5e:69:53:
7e:78:27:02:6e:98:0a:c5:a9:b0:5b:a8:f6:5c:90:
9d:61:67:92:5c:d6:4a:8d:a4:8d:4a:ce:6f:9a:b1:
c9:0a:87:87:1c:cf:2c:38:af:6f:ae:9d:9d:52:98:
e5:10:d4:9f:a1:15:43:d2:3c:07:42:2a:69:6b:21:
bb:44:0e:12:24:cf:cd:b7:b8:c9:c1:ae:38:59:4e:
f8:e8:aa:12:90:43:2e:29:e3:74:3d:c0:de:93:66:
8b:6f:50:92:74:a1:23:b8:d7:40:d5:20:7b:6c:ab:
d6:88:68:4b:27:85:59:ca:09:66:87:d0:b3:96:d6:
b0:aa:01:a7:8b:93:6a:4b:bd:e1:8d:50:b8:1c:92:
b4:97:f6:1a:ae:bd:bf:fa:33:34:91:38:e2:95:af:
8e:d2:3f:f6:18:dc:88:f0:45:6e:fb:97:71:61:0f:
83:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:19:18:AE:0A:7B:08:59:9C:3C:84:E7:65:0E:C6:F9:94:58:B1:9D
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/vxkYrgp7CFmcPITnZQ7G-ZRYsZ0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.75.128.0/18
113.31.160.0/20
Signature Algorithm: sha256WithRSAEncryption
16:31:58:ee:77:89:05:3b:61:00:36:bc:f8:14:99:e0:46:c2:
41:b7:84:82:d4:55:fe:52:57:a0:68:8d:04:0e:42:1b:7d:84:
55:6d:47:a4:39:60:2a:9f:85:9c:6d:e5:ce:a7:c5:88:e2:13:
bc:60:a6:2a:25:d0:8a:b1:62:e9:63:4f:2c:ac:a9:c5:c0:cd:
c9:7b:91:cd:83:00:a1:a4:16:68:fe:52:6a:0c:64:5c:35:31:
05:4b:d3:92:bd:ee:4e:71:0c:d8:a4:f6:15:4f:e6:b7:ee:d0:
81:d4:b7:45:65:b3:c2:d3:26:7f:f9:23:47:d9:41:73:92:56:
eb:3e:3f:80:14:29:68:85:e7:1a:a4:17:5f:bc:dc:09:23:cc:
48:d9:24:3e:50:a5:42:1c:69:be:b9:5b:b0:c1:f7:27:95:44:
54:b0:19:ec:fb:a7:ec:53:04:87:b2:52:58:47:08:c0:13:64:
a4:81:72:3d:be:85:b1:0a:ca:14:40:c5:7f:4f:04:c0:cc:0f:
28:1f:ed:60:37:c4:62:d3:4a:76:04:88:0f:b5:fb:94:a9:b1:
d0:82:a7:56:21:07:c7:3a:e3:2a:38:9d:d2:89:97:c1:50:d2:
35:89:32:cc:49:6b:2f:f2:44:54:e5:c2:91:ca:2d:98:82:50:
3c:0c:4f:45
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICHQkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTAxMTcw
MTI2NDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJGMTkxOEFFMEE3QjA4
NTk5QzNDODRFNzY1MEVDNkY5OTQ1OEIxOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq7bD+oTlazrfDDU1lTGxx5L0ay47a5NVvYi2EKBLqAGyA8QrL
N13KVNp+bZs3TgMWIN227gXEoOUQDoyD44N/WFlXL9bSMDfhk1E1clwHPbqPxvPl
vV5pU354JwJumArFqbBbqPZckJ1hZ5Jc1kqNpI1Kzm+asckKh4cczyw4r2+unZ1S
mOUQ1J+hFUPSPAdCKmlrIbtEDhIkz823uMnBrjhZTvjoqhKQQy4p43Q9wN6TZotv
UJJ0oSO410DVIHtsq9aIaEsnhVnKCWaH0LOW1rCqAaeLk2pLveGNULgckrSX9hqu
vb/6MzSROOKVr47SP/YY3IjwRW77l3FhD4PHAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUvxkYrgp7CFmcPITnZQ7G+ZRYsZ0wHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3Z4a1lyZ3A3Q0ZtY1BJ
VG5aUTdHLVpSWXNaMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BAZqS4ADBARxH6AwDQYJKoZIhvcNAQELBQADggEBABYxWO53iQU7YQA2vPgUmeBG
wkG3hILUVf5SV6BojQQOQht9hFVtR6Q5YCqfhZxt5c6nxYjiE7xgpiol0IqxYulj
TyysqcXAzcl7kc2DAKGkFmj+UmoMZFw1MQVL05K97k5xDNik9hVP5rfu0IHUt0Vl
s8LTJn/5I0fZQXOSVus+P4AUKWiF5xqkF1+83AkjzEjZJD5QpUIcab65W7DB9yeV
RFSwGez7p+xTBIeyUlhHCMATZKSBcj2+hbEKyhRAxX9PBMDMDygf7WA3xGLTSnYE
iA+1+5SpsdCCp1YhB8c64yo4ndKJl8FQ0jWJMsxJay/yRFTlwpHKLZiCUDwMT0U=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:24:27 2025 by rpki-client