Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/nHfB2GHYBmc8bX5DxbEirv_IKF0.roa
File: nHfB2GHYBmc8bX5DxbEirv_IKF0.roa (raw, json)
Hash identifier: 6zuNH+NuLOtHpcZwmZyV/YBPSvVE39rWVdrUOXiD83g=
Subject key identifier: 9C:77:C1:D8:61:D8:06:67:3C:6D:7E:43:C5:B1:22:AE:FF:C8:28:5D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0F
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nHfB2GHYBmc8bX5DxbEirv_IKF0.roa
Signing time: Wed 09 Apr 2025 07:08:25 +0000
ROA not before: Wed 09 Apr 2025 07:08:25 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 211.156.224.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15 (0xf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Apr 9 07:08:25 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9C77C1D861D806673C6D7E43C5B122AEFFC8285D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:06:c3:67:79:d9:76:fa:3f:e1:8c:f5:de:c5:
ab:a1:d2:b2:b2:0a:b9:5c:79:00:7d:79:69:fd:26:
67:1d:52:cc:b7:34:4b:5d:4c:cb:ef:22:78:c3:b1:
6c:4d:1f:5a:f2:ca:fd:0f:72:43:f7:93:d1:a0:a1:
f7:5e:9c:a9:fa:2f:e4:05:2a:41:19:db:40:e7:ad:
0b:1b:fc:5a:a7:23:9d:d4:18:3e:4e:b9:65:7d:0d:
be:56:29:8b:a0:dd:55:02:3b:5f:a7:01:08:ea:3d:
5e:46:fc:46:ff:79:b1:a2:68:0c:70:37:e6:14:1b:
f9:50:f8:34:8e:a5:07:4c:72:fc:66:64:c0:aa:04:
39:e0:f7:86:92:86:75:da:e5:7f:09:ec:7d:16:a0:
28:f6:b8:78:64:c4:6d:e9:91:2b:d4:ba:58:25:40:
5b:5c:f9:db:42:da:4d:b9:b6:dd:d0:90:4d:32:34:
d9:b6:6b:d1:28:e0:16:10:ed:b2:6c:38:ed:42:48:
c8:de:cc:35:50:6f:b4:dd:5a:1b:d8:95:7d:cf:90:
00:ac:b2:9c:ac:35:90:e6:1a:9b:19:84:02:bb:7c:
64:e2:96:6a:e7:f6:7d:ff:88:c5:25:2f:27:bb:13:
82:ea:6f:61:15:50:5a:24:21:b7:54:3b:03:4f:b2:
95:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:77:C1:D8:61:D8:06:67:3C:6D:7E:43:C5:B1:22:AE:FF:C8:28:5D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nHfB2GHYBmc8bX5DxbEirv_IKF0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.156.224.0/20
Signature Algorithm: sha256WithRSAEncryption
26:c6:9e:ed:9d:21:d4:96:36:d6:7e:54:9b:61:95:b6:3d:f6:
8f:4d:f2:8d:03:20:99:f0:3c:3a:2d:b0:d7:84:53:cd:41:ea:
81:81:a0:21:5f:c4:11:d5:4c:f6:d3:b5:e3:c2:42:e2:11:82:
2f:2b:5e:87:04:7e:6a:9c:e0:2a:52:c5:c3:0c:f7:2e:d0:73:
c8:9d:39:5c:14:c4:f7:fa:96:50:be:b3:11:73:55:34:2a:e1:
d0:9b:70:52:70:90:5b:87:f4:61:0c:40:25:2d:37:12:eb:65:
fe:d3:4b:9c:2e:19:0c:e1:bc:9d:d8:05:b5:29:17:fc:7d:0f:
27:46:b7:83:16:db:2b:20:dc:d3:77:f6:e4:41:94:6a:f0:2e:
e1:bf:51:2d:9c:cc:0c:11:14:63:03:84:b9:7b:3b:87:96:eb:
5b:41:2a:fa:f6:f7:84:41:ab:66:3c:2e:c2:a6:7b:8b:d2:76:
e4:3e:46:79:55:99:64:d8:58:fa:22:9e:9c:37:81:2e:6d:48:
83:50:7d:9e:00:bd:a4:d7:b3:17:a7:3f:6f:1f:f0:72:0a:9c:
3a:64:4d:ab:92:36:c0:bb:64:af:32:b1:39:60:18:0f:cc:b4:
87:b4:d9:41:b5:c3:45:87:49:7a:6d:ef:d6:70:11:72:4a:b1:
d4:11:be:a4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgIBDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyRTI2
NkRDM0VBRDgwRUIyNUQ0OTg1OEE2NERDMUVGMUM4QTFCOTQyMB4XDTI1MDQwOTA3
MDgyNVoXDTI2MDQwOTA2MzMyMVowMzExMC8GA1UEAxMoOUM3N0MxRDg2MUQ4MDY2
NzNDNkQ3RTQzQzVCMTIyQUVGRkM4Mjg1RDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM4Gw2d52Xb6P+GM9d7Fq6HSsrIKuVx5AH15af0mZx1SzLc0S11M
y+8ieMOxbE0fWvLK/Q9yQ/eT0aCh916cqfov5AUqQRnbQOetCxv8WqcjndQYPk65
ZX0NvlYpi6DdVQI7X6cBCOo9Xkb8Rv95saJoDHA35hQb+VD4NI6lB0xy/GZkwKoE
OeD3hpKGddrlfwnsfRagKPa4eGTEbemRK9S6WCVAW1z520LaTbm23dCQTTI02bZr
0SjgFhDtsmw47UJIyN7MNVBvtN1aG9iVfc+QAKyynKw1kOYamxmEArt8ZOKWauf2
ff+IxSUvJ7sTgupvYRVQWiQht1Q7A0+ylQMCAwEAAaOCAe8wggHrMB0GA1UdDgQW
BBScd8HYYdgGZzxtfkPFsSKu/8goXTAfBgNVHSMEGDAWgBQuJm3D6tgOsl1JhYpk
3B7xyKG5QjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9M
aVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL0xpWnR3LXJZRHJKZFNZV0taTndlOGNpaHVVSS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzc2L25IZkIyR0hZQm1jOGJYNUR4
YkVpcnZfSUtGMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j
bi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATT
nOAwDQYJKoZIhvcNAQELBQADggEBACbGnu2dIdSWNtZ+VJthlbY99o9N8o0DIJnw
PDotsNeEU81B6oGBoCFfxBHVTPbTtePCQuIRgi8rXocEfmqc4CpSxcMM9y7Qc8id
OVwUxPf6llC+sxFzVTQq4dCbcFJwkFuH9GEMQCUtNxLrZf7TS5wuGQzhvJ3YBbUp
F/x9DydGt4MW2ysg3NN39uRBlGrwLuG/US2czAwRFGMDhLl7O4eW61tBKvr294RB
q2Y8LsKme4vSduQ+RnlVmWTYWPoinpw3gS5tSINQfZ4AvaTXsxenP28f8HIKnDpk
TauSNsC7ZK8ysTlgGA/MtIe02UG1w0WHSXpt79ZwEXJKsdQRvqQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:22:10 2025 by rpki-client