Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/332/IgeyTIts1SrusbDnZ6iZFKuGikQ.roa
File: IgeyTIts1SrusbDnZ6iZFKuGikQ.roa (raw, json)
Hash identifier: JHD4/jrdzJeuIR/gL2SR7i/ugJxuq0c/gsj7jjmmq5Q=
Subject key identifier: 22:07:B2:4C:8B:6C:D5:2A:EE:B1:B0:E7:67:A8:99:14:AB:86:8A:44
Certificate issuer: /CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Certificate serial: 212D
Authority key identifier: 86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/IgeyTIts1SrusbDnZ6iZFKuGikQ.roa
Signing time: Thu 03 Apr 2025 08:53:33 +0000
ROA not before: Thu 03 Apr 2025 08:53:33 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24424
IP address blocks: 203.208.32.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8493 (0x212d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Validity
Not Before: Apr 3 08:53:33 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=2207B24C8B6CD52AEEB1B0E767A89914AB868A44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:32:dc:5f:69:9c:f9:a9:fb:7a:76:38:d2:ac:
71:cb:e0:43:8b:2f:a6:e2:42:b3:45:2d:bb:21:28:
e9:84:37:f3:c0:37:34:19:73:fd:40:10:c9:93:90:
ab:30:45:ec:04:5d:35:03:28:3f:76:ea:3c:97:b6:
0f:4a:60:6a:52:6b:61:bd:82:37:fb:cd:66:83:4b:
c0:95:9b:1a:37:93:06:23:6c:e0:24:04:0c:1e:d0:
10:34:32:01:0d:b8:82:ae:38:eb:e5:28:0b:50:5b:
53:21:cb:53:8f:83:33:a2:40:51:90:4e:6c:c5:9a:
bb:8e:25:fe:e4:99:ae:8a:db:45:a9:06:19:07:d0:
2d:83:24:cc:9a:e7:45:f6:f4:91:e9:0e:41:a6:ef:
9b:b4:fc:3b:32:b1:f2:66:d5:69:8a:c4:51:5a:67:
fa:a8:30:a4:95:b6:35:25:33:16:c7:77:ec:34:e5:
79:78:e2:14:03:d7:81:7e:df:93:81:ed:ff:73:5e:
19:12:72:01:45:90:5c:7b:24:63:2b:12:69:ac:9d:
3f:ee:d6:2a:99:66:55:01:b1:75:db:e7:21:63:10:
07:3a:d2:b3:d8:fd:a7:e8:ef:8c:32:69:3c:e5:d4:
11:a8:23:19:3a:9b:f1:85:79:59:6e:76:87:42:9e:
46:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:07:B2:4C:8B:6C:D5:2A:EE:B1:B0:E7:67:A8:99:14:AB:86:8A:44
X509v3 Authority Key Identifier:
keyid:86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/hkbqdDVucErt0WPsqU5aRCMI33g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/IgeyTIts1SrusbDnZ6iZFKuGikQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.208.32.0/19
Signature Algorithm: sha256WithRSAEncryption
90:79:2e:38:76:74:32:fe:f1:71:bd:2a:fa:d1:d1:b5:ca:45:
c7:75:3c:8d:6c:7a:4d:cb:da:a6:d6:be:42:40:c1:0d:b8:50:
93:64:d4:21:07:df:66:6e:92:45:e2:47:52:f6:21:b4:ce:60:
32:52:1b:bc:bd:0b:84:09:77:8f:5b:ec:89:2c:23:f9:57:b2:
a0:e8:4b:ac:52:71:1f:69:5e:03:78:c3:de:ea:cc:df:88:1a:
69:2b:5c:90:08:27:4e:39:51:14:c4:3a:be:13:5a:95:e9:52:
c9:7f:c2:60:8f:ca:0c:2c:b4:e7:00:65:f7:6b:0c:67:ed:97:
9a:8e:8c:94:0d:2e:cc:df:d5:58:b5:4f:0e:13:35:aa:5a:8a:
97:78:fe:fb:45:1c:a2:22:ea:f4:42:09:34:f7:18:ba:4c:aa:
e4:69:ea:70:b6:cb:09:3d:4c:46:f4:df:e3:0c:6f:72:05:7a:
81:a6:96:0e:65:18:b4:eb:b5:98:86:93:f4:89:ba:78:2a:17:
18:a7:05:84:92:4e:c2:93:c5:4d:e4:e1:39:c3:24:63:6b:8f:
0b:54:c8:8e:f5:0d:1e:d7:3d:f7:b0:b4:63:2c:e0:a0:fc:0e:
da:5a:e1:bc:8e:47:8b:fe:9d:b2:1a:fe:bf:2e:1c:39:76:05:
2f:4b:67:2a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICIS0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODY0
NkVBNzQzNTZFNzA0QUVERDE2M0VDQTk0RTVBNDQyMzA4REY3ODAeFw0yNTA0MDMw
ODUzMzNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDIyMDdCMjRDOEI2Q0Q1
MkFFRUIxQjBFNzY3QTg5OTE0QUI4NjhBNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8MtxfaZz5qft6djjSrHHL4EOLL6biQrNFLbshKOmEN/PANzQZ
c/1AEMmTkKswRewEXTUDKD926jyXtg9KYGpSa2G9gjf7zWaDS8CVmxo3kwYjbOAk
BAwe0BA0MgENuIKuOOvlKAtQW1Mhy1OPgzOiQFGQTmzFmruOJf7kma6K20WpBhkH
0C2DJMya50X29JHpDkGm75u0/DsysfJm1WmKxFFaZ/qoMKSVtjUlMxbHd+w05Xl4
4hQD14F+35OB7f9zXhkScgFFkFx7JGMrEmmsnT/u1iqZZlUBsXXb5yFjEAc60rPY
/afo74wyaTzl1BGoIxk6m/GFeVludodCnkYxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUIgeyTIts1SrusbDnZ6iZFKuGikQwHwYDVR0jBBgwFoAUhkbqdDVucErt0WPs
qU5aRCMI33gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy
L2hrYnFkRFZ1Y0VydDBXUHNxVTVhUkNNSTMzZy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaGticWREVnVjRXJ0MFdQc3FVNWFSQ01JMzNnLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMyL0lnZXlUSXRzMVNydXNi
RG5aNmlaRkt1R2lrUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAXL0CAwDQYJKoZIhvcNAQELBQADggEBAJB5Ljh2dDL+8XG9KvrR0bXKRcd1PI1s
ek3L2qbWvkJAwQ24UJNk1CEH32ZukkXiR1L2IbTOYDJSG7y9C4QJd49b7IksI/lX
sqDoS6xScR9pXgN4w97qzN+IGmkrXJAIJ045URTEOr4TWpXpUsl/wmCPygwstOcA
ZfdrDGftl5qOjJQNLszf1Vi1Tw4TNapaipd4/vtFHKIi6vRCCTT3GLpMquRp6nC2
ywk9TEb03+MMb3IFeoGmlg5lGLTrtZiGk/SJungqFxinBYSSTsKTxU3k4TnDJGNr
jwtUyI71DR7XPfewtGMs4KD8Dtpa4byOR4v+nbIa/r8uHDl2BS9LZyo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:18:36 2025 by rpki-client