Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/x2mEssjB-Oo51gVQ2nDDtFHhdas.roa
File: x2mEssjB-Oo51gVQ2nDDtFHhdas.roa (raw, json)
Hash identifier: Hb0BcMx1IZV1qTglQXMG0RDF0m1dzOc5OEeVrMKxDqA=
Subject key identifier: C7:69:84:B2:C8:C1:F8:EA:39:D6:05:50:DA:70:C3:B4:51:E1:75:AB
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1869
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/x2mEssjB-Oo51gVQ2nDDtFHhdas.roa
Signing time: Fri 24 May 2024 02:25:01 +0000
ROA not before: Fri 24 May 2024 02:25:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 59077
IP address blocks: 106.75.128.0/20 maxlen: 20
106.75.144.0/20 maxlen: 20
106.75.160.0/20 maxlen: 20
106.75.176.0/20 maxlen: 20
113.31.160.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6249 (0x1869)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: May 24 02:25:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C76984B2C8C1F8EA39D60550DA70C3B451E175AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:39:c6:2f:e1:d4:de:4f:03:12:a2:1e:c0:8a:
b1:04:17:89:97:bc:ca:25:9c:3f:a2:8a:2f:d8:04:
59:9e:25:5b:a4:3f:7e:da:de:99:58:b0:2d:94:16:
e7:b1:0f:cb:6d:bc:a0:d5:e7:27:91:62:7d:19:7d:
09:d5:11:56:85:cc:08:64:74:29:34:09:7c:07:45:
6d:32:5b:f9:f8:87:9b:1b:d4:54:7d:a6:14:25:ed:
4d:4b:eb:db:c6:96:94:72:eb:26:5d:1e:d8:c1:c7:
54:91:78:ae:91:0d:fa:0f:13:1d:b4:fd:3e:79:86:
51:43:3e:c0:f5:44:f4:2b:5f:fa:90:8f:37:47:64:
1f:a7:e2:d2:c5:3b:c1:f8:f2:a5:87:ad:c9:95:c2:
3f:08:a6:92:a5:c7:c4:a3:c8:e6:73:7c:20:99:91:
23:55:d9:9b:77:27:24:94:4c:ab:92:4e:3a:9d:66:
d7:5a:99:79:7f:31:51:68:55:c3:a4:9b:cd:e3:5c:
16:63:d1:ae:7f:f2:45:43:4a:f6:ca:1d:48:d1:a0:
9c:c8:48:b9:a1:1d:8c:50:16:a1:74:d7:35:d1:b8:
d5:42:95:11:9d:fa:33:07:7e:ad:b3:80:d7:66:c8:
05:ef:99:b5:4f:71:4b:eb:fc:16:4b:0d:e8:43:bc:
48:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:69:84:B2:C8:C1:F8:EA:39:D6:05:50:DA:70:C3:B4:51:E1:75:AB
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/x2mEssjB-Oo51gVQ2nDDtFHhdas.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.75.128.0/18
113.31.160.0/20
Signature Algorithm: sha256WithRSAEncryption
5d:fa:1f:c4:15:b1:a2:65:88:f6:27:cc:15:61:d6:b7:36:a2:
e9:d1:d5:a1:3b:56:42:2a:20:6c:28:17:8b:3b:94:e8:6e:e3:
c8:9b:c2:f6:30:6b:62:8c:31:0f:60:3c:c7:23:b9:9d:e8:75:
cb:d2:cb:9b:c0:61:76:9f:e1:33:4b:60:44:e1:4c:4b:fe:b4:
a7:7c:1c:0f:db:73:40:d0:a8:04:96:ff:31:36:b2:b2:b5:05:
eb:4f:f6:c5:83:0b:62:54:e3:1b:2d:25:01:ac:db:17:7d:ba:
d9:53:05:75:44:fd:73:27:ab:41:21:22:18:f4:3b:1c:5b:e7:
3b:ab:dd:a3:48:98:ba:94:c0:07:d1:00:6c:07:c3:45:a6:74:
52:29:65:7f:f1:f1:13:0f:45:44:7e:be:16:dc:bc:e3:03:c0:
3d:5c:41:80:1d:bf:2f:bd:65:ec:7f:b1:5a:57:bb:0e:7c:1a:
09:58:f7:e2:8f:d9:7b:9a:8c:ff:ba:78:57:89:6a:10:7b:f3:
d2:1b:43:11:3d:89:59:a5:5b:ce:45:61:81:39:0c:1d:7c:f9:
52:f2:17:52:94:f5:c0:69:d1:ff:37:7f:91:08:b4:ce:07:4d:
0c:fc:6d:c5:cf:ef:33:3e:7d:61:de:35:c4:92:ff:fc:99:09:
13:5a:3c:47
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICGGkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNDA1MjQw
MjI1MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM3Njk4NEIyQzhDMUY4
RUEzOUQ2MDU1MERBNzBDM0I0NTFFMTc1QUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeOcYv4dTeTwMSoh7AirEEF4mXvMolnD+iii/YBFmeJVukP37a
3plYsC2UFuexD8ttvKDV5yeRYn0ZfQnVEVaFzAhkdCk0CXwHRW0yW/n4h5sb1FR9
phQl7U1L69vGlpRy6yZdHtjBx1SReK6RDfoPEx20/T55hlFDPsD1RPQrX/qQjzdH
ZB+n4tLFO8H48qWHrcmVwj8IppKlx8SjyOZzfCCZkSNV2Zt3JySUTKuSTjqdZtda
mXl/MVFoVcOkm83jXBZj0a5/8kVDSvbKHUjRoJzISLmhHYxQFqF01zXRuNVClRGd
+jMHfq2zgNdmyAXvmbVPcUvr/BZLDehDvEhjAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUx2mEssjB+Oo51gVQ2nDDtFHhdaswHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3gybUVzc2pCLU9vNTFn
VlEybkREdEZIaGRhcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BAZqS4ADBARxH6AwDQYJKoZIhvcNAQELBQADggEBAF36H8QVsaJliPYnzBVh1rc2
ounR1aE7VkIqIGwoF4s7lOhu48ibwvYwa2KMMQ9gPMcjuZ3odcvSy5vAYXaf4TNL
YEThTEv+tKd8HA/bc0DQqASW/zE2srK1BetP9sWDC2JU4xstJQGs2xd9utlTBXVE
/XMnq0EhIhj0Oxxb5zur3aNImLqUwAfRAGwHw0WmdFIpZX/x8RMPRUR+vhbcvOMD
wD1cQYAdvy+9Zex/sVpXuw58GglY9+KP2XuajP+6eFeJahB789IbQxE9iVmlW85F
YYE5DB18+VLyF1KU9cBp0f83f5EItM4HTQz8bcXP7zM+fWHeNcSS//yZCRNaPEc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:11:11 2025 by rpki-client