Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/yVZNZqdbW5_Cz0l5jiC27M47H_4.roa
File: yVZNZqdbW5_Cz0l5jiC27M47H_4.roa (raw, json)
Hash identifier: cMxeCjc8ROq48HrS48yFe56NPv4CmYX6+Y/k0JWTvj0=
Subject key identifier: C9:56:4D:66:A7:5B:5B:9F:C2:CF:49:79:8E:20:B6:EC:CE:3B:1F:FE
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1D04
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/yVZNZqdbW5_Cz0l5jiC27M47H_4.roa
Signing time: Fri 17 Jan 2025 01:26:45 +0000
ROA not before: Fri 17 Jan 2025 01:26:45 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 23724
IP address blocks: 106.75.0.0/19 maxlen: 19
106.75.32.0/19 maxlen: 19
106.75.64.0/19 maxlen: 19
106.75.96.0/19 maxlen: 19
117.50.0.0/19 maxlen: 19
117.50.32.0/19 maxlen: 19
117.50.64.0/19 maxlen: 19
117.50.96.0/19 maxlen: 19
117.50.128.0/19 maxlen: 19
117.50.160.0/19 maxlen: 19
117.50.192.0/19 maxlen: 19
117.50.224.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7428 (0x1d04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Jan 17 01:26:45 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=C9564D66A75B5B9FC2CF49798E20B6ECCE3B1FFE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:11:03:9e:97:7d:80:13:e6:1a:14:27:e9:74:
af:03:50:44:62:37:ad:67:7a:fa:db:70:cd:df:5c:
f3:60:f9:07:75:4a:d9:57:b1:8d:aa:de:db:8d:1f:
24:cc:2d:fa:34:86:dc:65:1f:a9:98:9a:04:57:1e:
5c:d4:dd:12:d1:37:fd:8a:c6:fa:15:7c:71:2f:33:
85:20:47:90:ea:19:7d:79:77:57:c5:81:a9:d9:b7:
8a:99:cb:c0:ec:79:13:95:6c:32:e1:40:6b:41:70:
46:91:c5:a2:16:aa:bc:8f:d6:c8:c2:0e:d5:f8:ff:
b3:b9:43:ec:40:2d:ba:8e:d0:9e:25:44:4c:eb:de:
24:da:cc:d2:cf:55:7b:17:61:61:96:03:a7:78:ec:
bf:03:e4:51:30:91:c9:57:cf:3d:0f:68:4b:b5:4c:
3e:f9:26:2a:49:d5:d9:1a:47:48:4a:38:17:64:60:
2f:39:be:87:2a:90:28:94:b0:5d:cb:af:81:c6:a3:
53:42:3e:d3:05:39:58:0a:e2:4a:74:b8:fe:b0:ec:
eb:b4:6f:0d:ef:5d:49:8c:63:ce:bc:b5:d7:3e:45:
15:09:40:0c:f1:c6:d0:0b:10:52:24:2b:d5:2e:5b:
82:33:f3:8f:65:63:65:aa:a8:cd:a3:f2:36:be:92:
db:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:56:4D:66:A7:5B:5B:9F:C2:CF:49:79:8E:20:B6:EC:CE:3B:1F:FE
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/yVZNZqdbW5_Cz0l5jiC27M47H_4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.75.0.0/17
117.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:56:9b:78:36:ed:12:bb:7f:ce:fd:61:92:f2:4f:27:a1:0a:
1c:8b:c9:75:3a:c3:c6:e2:81:78:34:ae:4c:42:c6:37:80:99:
82:f6:cb:00:f3:94:a7:01:24:e0:43:51:37:a6:9d:75:47:e1:
4f:f6:ae:4a:67:b1:06:a3:c5:65:3f:75:ff:ea:08:f5:17:00:
bb:4e:46:0e:9d:f4:fc:5e:39:9e:5e:bd:bd:45:99:46:c4:57:
f6:e4:06:1a:88:36:0a:e0:fd:a8:28:ad:ba:cb:3f:2d:ee:c5:
34:75:7c:dd:a1:db:de:21:6b:27:a4:3a:23:96:cf:8c:c5:db:
22:bc:6a:89:cf:2f:9a:71:30:b5:d6:2e:6e:32:77:7f:70:49:
da:a0:f6:a1:9b:85:ff:eb:4a:2b:c5:b8:b3:8d:1c:59:50:f1:
5f:5b:99:5e:a0:c3:1f:27:c2:25:7d:6f:fc:15:b0:ff:13:df:
6a:23:34:16:f2:a7:ff:6b:19:22:b9:bf:2a:b4:a9:6b:0c:d8:
fd:86:7c:22:d2:64:b3:7c:f3:7d:21:1c:17:9a:5a:47:7f:fb:
ef:c8:77:78:91:93:1f:eb:a3:cb:1d:0a:78:5f:d3:58:73:c7:
5e:29:0e:b1:4a:bf:07:81:0b:44:94:a5:5d:00:80:a3:65:b4:
24:47:f3:19
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICHQQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTAxMTcw
MTI2NDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM5NTY0RDY2QTc1QjVC
OUZDMkNGNDk3OThFMjBCNkVDQ0UzQjFGRkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD2EQOel32AE+YaFCfpdK8DUERiN61nevrbcM3fXPNg+Qd1StlX
sY2q3tuNHyTMLfo0htxlH6mYmgRXHlzU3RLRN/2KxvoVfHEvM4UgR5DqGX15d1fF
ganZt4qZy8DseROVbDLhQGtBcEaRxaIWqryP1sjCDtX4/7O5Q+xALbqO0J4lREzr
3iTazNLPVXsXYWGWA6d47L8D5FEwkclXzz0PaEu1TD75JipJ1dkaR0hKOBdkYC85
vocqkCiUsF3Lr4HGo1NCPtMFOVgK4kp0uP6w7Ou0bw3vXUmMY868tdc+RRUJQAzx
xtALEFIkK9UuW4Iz849lY2WqqM2j8ja+ktsPAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUyVZNZqdbW5/Cz0l5jiC27M47H/4wHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3lWWk5acWRiVzVfQ3ow
bDVqaUMyN000N0hfNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgABMAsD
BAdqSwADAwB1MjANBgkqhkiG9w0BAQsFAAOCAQEACFabeDbtErt/zv1hkvJPJ6EK
HIvJdTrDxuKBeDSuTELGN4CZgvbLAPOUpwEk4ENRN6addUfhT/auSmexBqPFZT91
/+oI9RcAu05GDp30/F45nl69vUWZRsRX9uQGGog2CuD9qCituss/Le7FNHV83aHb
3iFrJ6Q6I5bPjMXbIrxqic8vmnEwtdYubjJ3f3BJ2qD2oZuF/+tKK8W4s40cWVDx
X1uZXqDDHyfCJX1v/BWw/xPfaiM0FvKn/2sZIrm/KrSpawzY/YZ8ItJks3zzfSEc
F5paR3/778h3eJGTH+ujyx0KeF/TWHPHXikOsUq/B4ELRJSlXQCAo2W0JEfzGQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:40 2025 by rpki-client