Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/3TIEWP84BmFIIi4G7TJzEFgiS1w.roa
File: 3TIEWP84BmFIIi4G7TJzEFgiS1w.roa (raw, json)
Hash identifier: nHKlqvVgO7w8V0G3QBUpxbqxGDv9WPU/hFXpv2dTHJU=
Subject key identifier: DD:32:04:58:FF:38:06:61:48:22:2E:06:ED:32:73:10:58:22:4B:5C
Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Certificate serial: 0B2A
Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/3TIEWP84BmFIIi4G7TJzEFgiS1w.roa
Signing time: Wed 09 Apr 2025 06:48:13 +0000
ROA not before: Wed 09 Apr 2025 06:48:13 +0000
ROA not after: Thu 09 Apr 2026 06:41:00 +0000
asID: 63567
IP address blocks: 43.226.96.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2858 (0xb2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Validity
Not Before: Apr 9 06:48:13 2025 GMT
Not After : Apr 9 06:41:00 2026 GMT
Subject: CN=DD320458FF38066148222E06ED32731058224B5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:be:65:ee:a5:f5:e9:28:da:f7:93:d6:c1:87:
7d:5f:cb:56:24:ce:40:7d:f3:ba:45:55:fe:76:4b:
a6:f6:88:02:d3:d7:ab:8c:40:e3:2d:7b:ec:44:dc:
3a:99:6a:4d:df:f4:0f:a4:a3:d6:79:10:d7:1c:74:
41:f9:a9:da:46:91:6e:bf:cc:9a:3d:ce:a3:15:22:
5c:b3:53:4a:6a:02:7b:a4:5a:62:ad:b7:43:7a:f9:
b1:c0:42:8e:20:c3:ba:8d:6f:c1:92:a1:36:6d:2a:
33:ca:6d:b8:b4:30:11:07:a7:00:2c:45:98:37:16:
32:bc:4a:66:1a:ef:53:15:36:b6:fd:d7:f5:71:c3:
fe:78:f5:08:ae:46:ec:d0:77:ab:54:d8:ba:f0:7e:
63:75:d6:14:68:93:de:fd:36:52:14:e1:9b:3e:ba:
3d:44:91:be:0c:d5:0b:35:4f:2e:29:3f:c6:9f:0e:
18:76:ca:50:79:2e:1d:51:da:88:86:6f:65:a2:7e:
bd:9d:e7:ed:1a:a6:07:c0:34:32:83:1d:87:b0:ed:
60:52:dd:a0:13:b2:7d:62:0a:2a:b2:54:13:e5:a4:
0c:fe:7c:3b:41:22:89:62:b4:80:53:0b:e2:50:52:
44:03:ea:55:fa:fc:88:e4:ad:80:f5:ae:9c:5d:2a:
59:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:32:04:58:FF:38:06:61:48:22:2E:06:ED:32:73:10:58:22:4B:5C
X509v3 Authority Key Identifier:
keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/3TIEWP84BmFIIi4G7TJzEFgiS1w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.96.0/20
Signature Algorithm: sha256WithRSAEncryption
74:70:7d:90:fd:bb:ec:03:e2:89:e7:17:5f:18:f4:82:ad:6b:
3a:c3:2f:7d:98:d1:a8:fd:f3:bc:71:e9:5d:5e:d1:fe:40:99:
bd:1b:b7:09:a3:cd:e5:ab:07:fb:0a:0c:66:19:27:b5:58:ba:
e5:11:71:4d:9c:14:51:cb:31:d7:25:5c:96:f9:44:ba:0a:32:
02:26:b8:8e:09:eb:38:49:83:6c:c5:a1:3e:d7:17:64:9d:27:
fb:b7:84:1b:e4:2e:98:68:d3:13:c8:66:34:26:4b:fc:2d:46:
47:0d:20:b5:d9:85:96:03:5b:dc:50:00:69:a7:64:9d:de:55:
dc:22:81:e9:03:07:3c:1e:55:2a:ed:db:4e:b6:81:24:58:6c:
8c:4b:33:c8:7e:7b:e3:29:5d:41:36:99:09:8f:80:3b:27:9e:
95:dc:8f:01:2c:6c:33:cc:db:a8:98:d0:63:d4:05:91:ea:1b:
11:b8:07:fc:42:2d:30:51:23:b8:57:18:60:cf:3d:af:d8:41:
a1:98:89:04:b1:c0:d2:eb:cf:cc:6e:81:cd:f7:f7:cc:92:d7:
2d:42:d3:62:ed:cb:77:9e:3e:74:c5:a3:5d:c2:5b:d6:3c:0f:
99:a9:dc:3f:13:a0:f0:12:66:9a:a3:78:a9:30:f9:7d:b1:a0:
bd:bc:48:69
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICCyowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC
NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA0MDkw
NjQ4MTNaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKEREMzIwNDU4RkYzODA2
NjE0ODIyMkUwNkVEMzI3MzEwNTgyMjRCNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWvmXupfXpKNr3k9bBh31fy1YkzkB987pFVf52S6b2iALT16uM
QOMte+xE3DqZak3f9A+ko9Z5ENccdEH5qdpGkW6/zJo9zqMVIlyzU0pqAnukWmKt
t0N6+bHAQo4gw7qNb8GSoTZtKjPKbbi0MBEHpwAsRZg3FjK8SmYa71MVNrb91/Vx
w/549QiuRuzQd6tU2LrwfmN11hRok979NlIU4Zs+uj1Ekb4M1Qs1Ty4pP8afDhh2
ylB5Lh1R2oiGb2Wifr2d5+0apgfANDKDHYew7WBS3aATsn1iCiqyVBPlpAz+fDtB
IolitIBTC+JQUkQD6lX6/IjkrYD1rpxdKllbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU3TIEWP84BmFIIi4G7TJzEFgiS1wwHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/
AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwLzNUSUVXUDg0Qm1GSUlp
NEc3VEp6RUZnaVMxdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQr4mAwDQYJKoZIhvcNAQELBQADggEBAHRwfZD9u+wD4onnF18Y9IKtazrDL32Y
0aj987xx6V1e0f5Amb0btwmjzeWrB/sKDGYZJ7VYuuURcU2cFFHLMdclXJb5RLoK
MgImuI4J6zhJg2zFoT7XF2SdJ/u3hBvkLpho0xPIZjQmS/wtRkcNILXZhZYDW9xQ
AGmnZJ3eVdwigekDBzweVSrt2062gSRYbIxLM8h+e+MpXUE2mQmPgDsnnpXcjwEs
bDPM26iY0GPUBZHqGxG4B/xCLTBRI7hXGGDPPa/YQaGYiQSxwNLrz8xugc3398yS
1y1C02Lty3eePnTFo13CW9Y8D5mp3D8ToPASZpqjeKkw+X2xoL28SGk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:15:42 2025 by rpki-client