Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/cJAPNRcPlRfx94t1spCSlsQGruY.roa
File: cJAPNRcPlRfx94t1spCSlsQGruY.roa (raw, json)
Hash identifier: QVD+nt3vSI8wTFmIQdZHzTyisAO3IMVPHg1eYvC0yEo=
Subject key identifier: 70:90:0F:35:17:0F:95:17:F1:F7:8B:75:B2:90:92:96:C4:06:AE:E6
Certificate issuer: /CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Certificate serial: 098F
Authority key identifier: 0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/cJAPNRcPlRfx94t1spCSlsQGruY.roa
Signing time: Fri 17 Jan 2025 01:29:07 +0000
ROA not before: Fri 17 Jan 2025 01:29:07 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 63567
IP address blocks: 43.247.92.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2447 (0x98f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Validity
Not Before: Jan 17 01:29:07 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=70900F35170F9517F1F78B75B2909296C406AEE6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8d:ad:b2:da:76:d5:9c:f6:67:87:e4:d2:a3:
45:6e:d5:30:26:b2:55:3f:32:fb:d5:f7:5c:68:6b:
b9:2c:5e:41:a8:1c:e6:c7:24:e5:11:50:4e:95:92:
81:56:c3:c9:33:6e:b4:07:82:50:6f:ac:20:91:24:
70:fb:e5:6a:23:b3:83:f0:7f:22:9f:79:84:4a:eb:
d7:2a:14:92:e7:35:bd:41:8c:5c:a2:e3:15:8f:e0:
0e:b5:20:da:57:25:18:f8:29:b5:60:35:26:08:75:
24:26:96:bb:ff:26:9a:57:0b:8a:19:52:ff:24:2a:
69:dc:93:2d:36:8f:7d:ae:27:bc:c2:0d:8c:47:79:
c5:be:e2:ee:9a:a5:3b:25:2b:f1:1e:ce:85:ca:4f:
34:e8:ec:ef:22:95:1b:b1:46:24:a0:81:88:53:4a:
39:a0:55:e5:44:9d:4a:b8:88:3e:5f:0f:47:f7:8b:
86:20:7c:c7:14:c2:82:aa:94:0d:7c:e8:cc:b3:a8:
19:42:b0:c7:67:74:8b:be:76:e9:c5:b3:d4:35:57:
0c:13:5f:68:03:29:86:65:54:5b:5b:59:94:0c:44:
0e:f4:00:a7:22:3d:ff:aa:05:f5:60:e5:98:a5:66:
d6:05:ed:11:ed:fe:7f:cb:75:a6:49:76:a3:e9:15:
6a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:90:0F:35:17:0F:95:17:F1:F7:8B:75:B2:90:92:96:C4:06:AE:E6
X509v3 Authority Key Identifier:
keyid:0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/DuhjrFcK7qH5ML6l52qufdVTgE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/cJAPNRcPlRfx94t1spCSlsQGruY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.92.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:20:61:a4:ba:ef:fc:22:49:e9:ee:15:76:76:c9:17:85:fd:
5a:4c:4c:d8:b9:7d:04:cb:dc:f9:b9:9f:ee:e5:17:26:cf:e6:
00:0b:3f:08:96:2f:f9:33:58:61:04:7d:7e:fb:17:6e:f1:be:
05:53:7f:5e:52:9a:9f:6d:12:a3:5a:5f:ce:62:a2:48:6b:e1:
f6:5c:2b:69:55:02:b3:b5:15:f2:8a:68:31:b3:35:86:7a:43:
86:53:4c:c9:a8:9a:3a:7e:7a:8a:0f:e2:71:2f:40:af:02:5b:
c2:52:c0:56:38:5a:a4:2a:91:e7:18:9c:7f:14:8e:9a:ff:a7:
5c:b7:88:3f:69:01:f7:fa:be:be:7e:39:be:c8:0b:d8:7e:c9:
33:df:fe:45:1b:81:32:25:08:fb:5c:35:25:00:36:1e:35:10:
5a:77:8a:6c:7a:c4:31:4d:fc:7e:9d:49:67:05:9b:05:7d:00:
69:18:53:8d:83:c0:97:9f:3e:92:a2:da:fb:83:c7:3d:28:7c:
d5:51:79:1b:8b:1e:4b:23:2c:10:1d:2f:f1:b8:84:77:0a:db:
a0:5c:a3:b9:8b:e2:b8:46:f2:a5:1a:fc:e6:a9:56:f5:d0:88:
e1:62:c5:fc:3c:6f:2c:c6:f4:93:dc:a4:a0:c1:b7:28:2b:8b:
c0:5c:62:b5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICCY8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVF
ODYzQUM1NzBBRUVBMUY5MzBCRUE1RTc2QUFFN0RENTUzODA0RTAeFw0yNTAxMTcw
MTI5MDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDcwOTAwRjM1MTcwRjk1
MTdGMUY3OEI3NUIyOTA5Mjk2QzQwNkFFRTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeja2y2nbVnPZnh+TSo0Vu1TAmslU/MvvV91xoa7ksXkGoHObH
JOURUE6VkoFWw8kzbrQHglBvrCCRJHD75Wojs4PwfyKfeYRK69cqFJLnNb1BjFyi
4xWP4A61INpXJRj4KbVgNSYIdSQmlrv/JppXC4oZUv8kKmncky02j32uJ7zCDYxH
ecW+4u6apTslK/EezoXKTzTo7O8ilRuxRiSggYhTSjmgVeVEnUq4iD5fD0f3i4Yg
fMcUwoKqlA186MyzqBlCsMdndIu+dunFs9Q1VwwTX2gDKYZlVFtbWZQMRA70AKci
Pf+qBfVg5ZilZtYF7RHt/n/LdaZJdqPpFWpRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUcJAPNRcPlRfx94t1spCSlsQGruYwHwYDVR0jBBgwFoAUDuhjrFcK7qH5ML6l
52qufdVTgE4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
L0R1aGpyRmNLN3FINU1MNmw1MnF1ZmRWVGdFNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvRHVoanJGY0s3cUg1TUw2bDUycXVmZFZUZ0U0LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL2NKQVBOUmNQbFJmeDk0
dDFzcENTbHNRR3J1WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIr91wwDQYJKoZIhvcNAQELBQADggEBAG0gYaS67/wiSenuFXZ2yReF/VpMTNi5
fQTL3Pm5n+7lFybP5gALPwiWL/kzWGEEfX77F27xvgVTf15Smp9tEqNaX85iokhr
4fZcK2lVArO1FfKKaDGzNYZ6Q4ZTTMmomjp+eooP4nEvQK8CW8JSwFY4WqQqkecY
nH8Ujpr/p1y3iD9pAff6vr5+Ob7IC9h+yTPf/kUbgTIlCPtcNSUANh41EFp3imx6
xDFN/H6dSWcFmwV9AGkYU42DwJefPpKi2vuDxz0ofNVReRuLHksjLBAdL/G4hHcK
26Bco7mL4rhG8qUa/OapVvXQiOFixfw8byzG9JPcpKDBtygri8BcYrU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:21 2025 by rpki-client