Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1228/8L7icaYP-uDxTNYp5wOJxA_54hk.roa
File: 8L7icaYP-uDxTNYp5wOJxA_54hk.roa (raw, json)
Hash identifier: 2v9/EuSCBYqjry6lfYVl6Jut419xMteF0NKDGDXevpI=
Subject key identifier: F0:BE:E2:71:A6:0F:FA:E0:F1:4C:D6:29:E7:03:89:C4:0F:F9:E2:19
Certificate issuer: /CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C
Certificate serial: 14
Authority key identifier: AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/8L7icaYP-uDxTNYp5wOJxA_54hk.roa
Signing time: Sat 17 May 2025 07:52:52 +0000
ROA not before: Sat 17 May 2025 07:52:52 +0000
ROA not after: Sat 16 May 2026 10:06:17 +0000
asID: 16509
IP address blocks: 43.254.192.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C
Validity
Not Before: May 17 07:52:52 2025 GMT
Not After : May 16 10:06:17 2026 GMT
Subject: CN=F0BEE271A60FFAE0F14CD629E70389C40FF9E219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:26:3a:1a:6b:52:51:2e:ef:7c:1b:d1:0c:80:
25:77:1a:12:ad:a9:34:dc:3e:fc:1c:aa:2a:5e:65:
cd:51:63:cc:ab:70:f6:bd:26:08:60:a0:9d:39:df:
f6:52:f2:32:d1:a2:e0:85:9f:2f:bb:fa:ba:cf:fb:
6f:4e:4e:4e:5d:9f:ff:35:b4:57:7c:1d:f5:f9:fa:
11:d5:c9:90:80:79:e2:92:02:ff:6e:e8:9d:5e:6a:
d6:9a:2a:ba:6f:c9:68:f5:83:88:b6:80:37:bb:fc:
d8:cb:3a:26:2a:81:4a:a5:c0:5c:7c:2c:76:da:79:
57:c3:0d:b8:28:e9:a3:6c:20:5d:b2:b2:4d:3d:8f:
65:96:2b:56:6b:ea:2e:87:2f:57:93:76:61:97:2a:
77:3c:ba:f6:d4:87:f5:21:1c:3f:97:5e:6b:97:30:
e9:c2:d1:60:16:fc:03:e8:27:f1:ca:47:87:c0:b3:
b5:df:3f:08:e4:95:da:f5:6d:06:19:4f:4a:f9:9a:
48:80:d1:10:a7:bb:e2:50:5b:c4:7e:ea:59:20:e7:
cf:53:48:f8:13:46:cc:1b:75:76:e9:61:ea:67:95:
e6:8d:78:73:e3:a2:60:6f:15:96:56:30:44:cf:5e:
25:9c:aa:ae:eb:07:fa:72:4c:63:2b:f3:a9:9f:cd:
92:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:BE:E2:71:A6:0F:FA:E0:F1:4C:D6:29:E7:03:89:C4:0F:F9:E2:19
X509v3 Authority Key Identifier:
keyid:AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/8L7icaYP-uDxTNYp5wOJxA_54hk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.192.0/22
Signature Algorithm: sha256WithRSAEncryption
91:e3:96:dd:cc:2f:fb:08:82:92:d7:90:32:4a:83:71:55:62:
7e:af:7d:d2:80:b9:14:3d:43:93:dd:35:d9:6f:72:b1:47:a4:
52:2a:c5:f8:d6:43:3d:7c:6d:0c:c8:46:01:bc:79:48:98:ce:
37:ad:13:8d:f1:b3:c5:10:53:60:c2:72:21:b9:ab:5a:ba:71:
0a:ff:30:64:8d:43:a6:06:69:7b:af:db:14:16:77:8a:bb:a3:
41:97:89:02:04:9e:7d:25:49:25:a4:8f:54:69:77:32:c1:3b:
2a:e0:29:a1:c6:99:0e:2d:38:95:6f:47:0d:7c:3d:ec:24:3a:
7b:c2:d1:9e:8a:7d:17:22:fe:2f:e0:bf:ad:fb:48:66:32:aa:
92:44:cb:ee:61:84:d7:a3:d6:3d:9a:b5:28:e1:b0:76:47:b4:
59:b6:b6:be:99:99:29:49:f5:ae:0f:fc:35:fa:b6:72:08:b1:
13:5a:1e:5e:ac:0a:35:38:2b:1a:4f:0b:a4:42:f3:74:5f:b2:
1e:02:72:f9:88:3c:be:fe:38:d2:54:b0:93:8b:c7:24:11:50:
0e:d3:e4:02:11:05:e2:01:77:1d:2e:d7:09:9c:d3:db:6e:6e:
41:69:c2:45:40:4f:49:c5:87:7a:2e:e7:7b:fc:98:72:2d:2a:
5e:73:45:9a
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBREQy
NzI2REQ2RkY5RjVBNDU5QUU1QjBBOUVFOEU3RERGQzdGMDdDMB4XDTI1MDUxNzA3
NTI1MloXDTI2MDUxNjEwMDYxN1owMzExMC8GA1UEAxMoRjBCRUUyNzFBNjBGRkFF
MEYxNENENjI5RTcwMzg5QzQwRkY5RTIxOTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJQmOhprUlEu73wb0QyAJXcaEq2pNNw+/ByqKl5lzVFjzKtw9r0m
CGCgnTnf9lLyMtGi4IWfL7v6us/7b05OTl2f/zW0V3wd9fn6EdXJkIB54pIC/27o
nV5q1poqum/JaPWDiLaAN7v82Ms6JiqBSqXAXHwsdtp5V8MNuCjpo2wgXbKyTT2P
ZZYrVmvqLocvV5N2YZcqdzy69tSH9SEcP5dea5cw6cLRYBb8A+gn8cpHh8Cztd8/
COSV2vVtBhlPSvmaSIDREKe74lBbxH7qWSDnz1NI+BNGzBt1dulh6meV5o14c+Oi
YG8VllYwRM9eJZyqrusH+nJMYyvzqZ/Nkq8CAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBTwvuJxpg/64PFM1innA4nED/niGTAfBgNVHSMEGDAWgBSt0nJt1v+fWkWa5bCp
7o5938fwfDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjI4
L3JkSnliZGJfbjFwRm11V3dxZTZPZmRfSDhIdy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvcmRKeWJkYl9uMXBGbXVXd3FlNk9mZF9IOEh3LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIyOC84TDdpY2FZUC11RHhU
TllwNXdPSnhBXzU0aGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCK/7AMA0GCSqGSIb3DQEBCwUAA4IBAQCR45bdzC/7CIKS15AySoNxVWJ+r33S
gLkUPUOT3TXZb3KxR6RSKsX41kM9fG0MyEYBvHlImM43rRON8bPFEFNgwnIhuata
unEK/zBkjUOmBml7r9sUFneKu6NBl4kCBJ59JUklpI9UaXcywTsq4CmhxpkOLTiV
b0cNfD3sJDp7wtGein0XIv4v4L+t+0hmMqqSRMvuYYTXo9Y9mrUo4bB2R7RZtra+
mZkpSfWuD/w1+rZyCLETWh5erAo1OCsaTwukQvN0X7IeAnL5iDy+/jjSVLCTi8ck
EVAO0+QCEQXiAXcdLtcJnNPbbm5BacJFQE9JxYd6Lud7/JhyLSpec0Wa
-----END CERTIFICATE-----
Generated at Sun May 18 15:44:35 2025 by rpki-client