Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/P7vrT0OqESfvvu_BMqkyv34P5XU.roa
File: P7vrT0OqESfvvu_BMqkyv34P5XU.roa (raw, json)
Hash identifier: 1nOqMb6cC7jEjFbdAJEezEi/w5D+hjzwf800kgNEd0M=
Subject key identifier: 3F:BB:EB:4F:43:AA:11:27:EF:BE:EF:C1:32:A9:32:BF:7E:0F:E5:75
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 3061
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/P7vrT0OqESfvvu_BMqkyv34P5XU.roa
Signing time: Sun 30 Mar 2025 19:58:19 +0000
ROA not before: Sun 30 Mar 2025 19:58:19 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 134762
IP address blocks: 43.226.76.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12385 (0x3061)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: Mar 30 19:58:19 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=3FBBEB4F43AA1127EFBEEFC132A932BF7E0FE575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:87:c1:d2:e2:6b:4e:8f:1d:8d:de:ef:2e:26:
1b:a5:14:89:a8:00:d3:23:92:f2:53:86:16:83:1f:
6e:c4:df:d3:9f:46:f6:df:64:e6:6e:09:f1:48:fa:
95:79:86:84:60:c5:68:04:9e:b1:80:ae:1b:1e:08:
69:fb:73:f5:41:20:74:f7:82:f3:be:ec:4b:85:02:
d4:1b:66:c2:1d:bb:a7:41:26:78:87:5b:1c:aa:e7:
3a:cd:ab:7e:98:96:b8:6f:b0:72:6c:92:4a:29:c0:
5e:55:49:73:8e:f5:a1:9c:76:e0:cb:c2:fa:4a:30:
8f:e6:b0:6c:57:87:08:0c:fe:c6:53:33:f8:5d:30:
47:02:fd:d7:18:2c:69:6e:1b:a3:de:f3:f3:03:15:
fb:70:5e:25:05:b8:05:5f:f2:14:47:d1:a7:34:26:
20:d9:fd:f0:4e:2b:fc:7b:65:b2:7d:98:f3:20:0e:
1d:1d:aa:86:47:c7:0d:56:e6:ba:fa:09:68:c7:fc:
21:87:1a:43:19:bc:44:a2:87:d2:cb:ef:bb:42:bf:
78:69:3f:ff:15:2a:5b:5c:7f:a5:a0:75:8e:c8:00:
e3:2a:f9:6d:b5:7d:df:ea:aa:d3:51:1b:0d:1d:00:
39:6e:4b:97:22:c3:58:95:f4:3a:03:ec:6c:e8:5d:
18:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:BB:EB:4F:43:AA:11:27:EF:BE:EF:C1:32:A9:32:BF:7E:0F:E5:75
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/P7vrT0OqESfvvu_BMqkyv34P5XU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.76.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:6b:b6:b7:06:bd:14:9a:00:d7:0e:9d:d7:02:db:cb:7d:4d:
51:e5:7a:be:60:f9:67:5f:e8:22:71:65:18:ef:5d:a0:a7:72:
8e:dd:6c:5f:77:3d:6d:d1:69:b2:42:ef:ce:2d:3a:5f:f6:d9:
17:c8:56:b8:7c:49:cc:e1:29:38:58:b0:cf:a2:79:8a:01:c7:
f1:5f:27:5a:e6:fc:8b:f5:96:18:60:19:b8:1a:9d:1c:ea:7d:
11:4d:4c:65:c0:2f:0a:e1:0b:e1:2c:b4:5d:5c:a8:d8:0f:d0:
a3:ac:4b:b8:a0:5e:b3:d2:45:17:90:f7:02:31:ab:12:a6:28:
f8:f1:61:43:ec:8d:ac:56:1c:ff:5c:75:85:d2:a0:99:21:9d:
6a:1f:9d:0b:40:92:67:62:e1:f8:e1:9b:b8:ba:3c:8a:20:32:
71:8b:e8:da:75:b1:26:3f:64:3d:bf:4a:cf:89:3c:62:d4:c3:
1b:11:83:e5:a3:e9:e4:9f:67:1b:b8:d2:23:67:7a:9b:d5:79:
7e:69:6d:d3:ca:b2:5d:fb:29:81:0c:c8:01:eb:ad:b9:20:2e:
0c:9e:4e:f0:15:42:62:fc:d7:02:a6:40:48:ba:fb:98:5f:67:
4d:64:ce:22:28:f3:78:7e:33:f3:5b:d8:5f:72:47:d0:75:81:
72:9f:3d:dd
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICMGEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTAzMzAx
OTU4MTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDNGQkJFQjRGNDNBQTEx
MjdFRkJFRUZDMTMyQTkzMkJGN0UwRkU1NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMh8HS4mtOjx2N3u8uJhulFImoANMjkvJThhaDH27E39OfRvbf
ZOZuCfFI+pV5hoRgxWgEnrGArhseCGn7c/VBIHT3gvO+7EuFAtQbZsIdu6dBJniH
Wxyq5zrNq36YlrhvsHJskkopwF5VSXOO9aGcduDLwvpKMI/msGxXhwgM/sZTM/hd
MEcC/dcYLGluG6Pe8/MDFftwXiUFuAVf8hRH0ac0JiDZ/fBOK/x7ZbJ9mPMgDh0d
qoZHxw1W5rr6CWjH/CGHGkMZvESih9LL77tCv3hpP/8VKltcf6WgdY7IAOMq+W21
fd/qqtNRGw0dADluS5ciw1iV9DoD7GzoXRjJAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUP7vrT0OqESfvvu/BMqkyv34P5XUwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvUDd2clQwT3FFU2Z2
dnVfQk1xa3l2MzRQNVhVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEASviTDANBgkqhkiG9w0BAQsFAAOCAQEAOmu2twa9FJoA1w6d1wLby31NUeV6
vmD5Z1/oInFlGO9doKdyjt1sX3c9bdFpskLvzi06X/bZF8hWuHxJzOEpOFiwz6J5
igHH8V8nWub8i/WWGGAZuBqdHOp9EU1MZcAvCuEL4Sy0XVyo2A/Qo6xLuKBes9JF
F5D3AjGrEqYo+PFhQ+yNrFYc/1x1hdKgmSGdah+dC0CSZ2Lh+OGbuLo8iiAycYvo
2nWxJj9kPb9Kz4k8YtTDGxGD5aPp5J9nG7jSI2d6m9V5fmlt08qyXfspgQzIAeut
uSAuDJ5O8BVCYvzXAqZASLr7mF9nTWTOIijzeH4z81vYX3JH0HWBcp893Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:13:54 2025 by rpki-client