Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/332/cYoSIKX5rPaGhe1jQErFxMn1KlE.roa
File: cYoSIKX5rPaGhe1jQErFxMn1KlE.roa (raw, json)
Hash identifier: sGiqqVrNR6d7HV7W1A6wNpAMcqkm+3f/aPa23FGvVeA=
Subject key identifier: 71:8A:12:20:A5:F9:AC:F6:86:85:ED:63:40:4A:C5:C4:C9:F5:2A:51
Certificate issuer: /CN=CE0249B9E7D566E6CBEB577D763B3CCBB1B0AB2D
Certificate serial: 214D
Authority key identifier: CE:02:49:B9:E7:D5:66:E6:CB:EB:57:7D:76:3B:3C:CB:B1:B0:AB:2D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgJJuefVZubL61d9djs8y7Gwqy0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/cYoSIKX5rPaGhe1jQErFxMn1KlE.roa
Signing time: Wed 09 Apr 2025 06:47:55 +0000
ROA not before: Wed 09 Apr 2025 06:47:55 +0000
ROA not after: Thu 09 Apr 2026 06:40:24 +0000
asID: 24424
IP address blocks: 203.208.32.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8525 (0x214d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CE0249B9E7D566E6CBEB577D763B3CCBB1B0AB2D
Validity
Not Before: Apr 9 06:47:55 2025 GMT
Not After : Apr 9 06:40:24 2026 GMT
Subject: CN=718A1220A5F9ACF68685ED63404AC5C4C9F52A51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d4:4a:34:f8:ba:7a:65:1b:3a:fc:0b:54:4e:
ae:8c:a3:38:7c:0e:12:e6:19:d4:af:04:8c:e9:a5:
1f:7e:0c:5f:21:7c:06:94:0d:17:81:a5:68:3f:af:
0c:9e:1d:0c:4e:ac:43:7d:3c:d7:d7:54:9d:4c:7c:
22:8e:93:bf:69:9f:af:e9:cb:cf:b1:c2:73:a0:e7:
dd:aa:70:c9:e0:e4:35:af:26:9e:33:1e:bf:8f:92:
e9:04:6f:1c:23:ce:f0:05:c7:5e:a4:37:33:c0:b5:
f5:d1:e9:ea:b6:5b:b2:48:74:93:06:c6:0f:20:37:
b1:86:32:fb:65:1b:e1:17:95:0e:c2:35:e8:60:3e:
4c:4b:ea:11:91:8f:ef:4e:03:7d:48:f6:8c:6d:e9:
3a:f3:8e:3a:9b:2a:3a:bc:86:75:19:10:c7:53:d2:
75:22:44:ad:99:bf:a5:62:47:10:8b:14:f1:dc:a5:
5c:e6:5f:0a:aa:4e:ba:5c:fa:47:b9:29:37:d6:36:
3f:aa:d2:0c:c6:c5:76:91:5e:00:25:74:3e:fa:34:
62:a2:96:5f:10:50:7e:57:c7:75:fe:50:ff:0c:22:
ee:34:42:46:14:48:16:af:39:4e:2d:aa:ab:8b:63:
16:a3:5a:f1:1c:0a:c6:f6:f9:89:6b:45:65:be:c4:
17:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:8A:12:20:A5:F9:AC:F6:86:85:ED:63:40:4A:C5:C4:C9:F5:2A:51
X509v3 Authority Key Identifier:
keyid:CE:02:49:B9:E7:D5:66:E6:CB:EB:57:7D:76:3B:3C:CB:B1:B0:AB:2D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/zgJJuefVZubL61d9djs8y7Gwqy0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgJJuefVZubL61d9djs8y7Gwqy0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/cYoSIKX5rPaGhe1jQErFxMn1KlE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.208.32.0/19
Signature Algorithm: sha256WithRSAEncryption
bd:41:4d:2e:30:87:e5:cd:a1:90:68:03:53:65:5a:e3:c6:47:
17:3c:64:c2:3f:cd:bc:37:78:91:59:d9:29:62:0e:76:ad:25:
20:94:56:90:24:84:4f:1c:5f:90:4b:5f:5b:0a:f4:bd:ac:04:
bc:6e:1a:81:c2:ef:89:fd:35:a2:eb:33:b1:ba:91:6f:eb:7c:
cb:b9:21:83:66:02:78:37:4e:40:b0:d0:b2:be:d2:62:fb:8e:
c6:9f:85:89:09:31:10:42:81:2a:d7:57:e8:9e:c6:9b:1a:a0:
58:0a:0d:bd:a7:07:d2:c2:8c:34:cc:27:fc:80:35:e0:bb:55:
07:61:3e:46:e4:e6:e0:21:5d:c2:2b:17:83:05:a2:1f:dd:bd:
fb:c9:9a:53:06:b4:b2:69:61:b3:10:23:bb:66:e6:06:5c:85:
bb:25:2a:02:7d:74:29:e4:88:c8:28:d4:1f:05:5a:37:08:c4:
ab:a8:87:e7:bd:a5:1c:4f:cc:dd:18:6f:37:88:17:b5:4c:dc:
1b:1a:4e:2f:46:ea:d2:c2:51:18:04:ab:1a:e2:7e:52:bb:44:
07:46:c6:b1:91:7a:8e:08:5e:9e:b5:15:4f:e7:24:d1:bc:4b:
bb:55:56:c6:13:28:99:61:65:b2:3b:a3:47:11:46:ec:85:bc:
d2:25:39:8f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICIU0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw
MjQ5QjlFN0Q1NjZFNkNCRUI1NzdENzYzQjNDQ0JCMUIwQUIyRDAeFw0yNTA0MDkw
NjQ3NTVaFw0yNjA0MDkwNjQwMjRaMDMxMTAvBgNVBAMTKDcxOEExMjIwQTVGOUFD
RjY4Njg1RUQ2MzQwNEFDNUM0QzlGNTJBNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDl1Eo0+Lp6ZRs6/AtUTq6Mozh8DhLmGdSvBIzppR9+DF8hfAaU
DReBpWg/rwyeHQxOrEN9PNfXVJ1MfCKOk79pn6/py8+xwnOg592qcMng5DWvJp4z
Hr+PkukEbxwjzvAFx16kNzPAtfXR6eq2W7JIdJMGxg8gN7GGMvtlG+EXlQ7CNehg
PkxL6hGRj+9OA31I9oxt6TrzjjqbKjq8hnUZEMdT0nUiRK2Zv6ViRxCLFPHcpVzm
XwqqTrpc+ke5KTfWNj+q0gzGxXaRXgAldD76NGKill8QUH5Xx3X+UP8MIu40QkYU
SBavOU4tqquLYxajWvEcCsb2+YlrRWW+xBeRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUcYoSIKX5rPaGhe1jQErFxMn1KlEwHwYDVR0jBBgwFoAUzgJJuefVZubL61d9
djs8y7Gwqy0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy
L3pnSkp1ZWZWWnViTDYxZDlkanM4eTdHd3F5MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvemdKSnVlZlZadWJMNjFkOWRqczh5N0d3cXkwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMyL2NZb1NJS1g1clBhR2hl
MWpRRXJGeE1uMUtsRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAXL0CAwDQYJKoZIhvcNAQELBQADggEBAL1BTS4wh+XNoZBoA1NlWuPGRxc8ZMI/
zbw3eJFZ2SliDnatJSCUVpAkhE8cX5BLX1sK9L2sBLxuGoHC74n9NaLrM7G6kW/r
fMu5IYNmAng3TkCw0LK+0mL7jsafhYkJMRBCgSrXV+iexpsaoFgKDb2nB9LCjDTM
J/yANeC7VQdhPkbk5uAhXcIrF4MFoh/dvfvJmlMGtLJpYbMQI7tm5gZchbslKgJ9
dCnkiMgo1B8FWjcIxKuoh+e9pRxPzN0YbzeIF7VM3BsaTi9G6tLCURgEqxriflK7
RAdGxrGReo4IXp61FU/nJNG8S7tVVsYTKJlhZbI7o0cRRuyFvNIlOY8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:21:38 2025 by rpki-client