Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/GmL8bclB1E4wX7g014RVlptuP1w.roa
File: GmL8bclB1E4wX7g014RVlptuP1w.roa (raw, json)
Hash identifier: nDPpoO0YP2uJO+F2ffUXN7KduOpqoVDmQk7FClxTqOQ=
Subject key identifier: 1A:62:FC:6D:C9:41:D4:4E:30:5F:B8:34:D7:84:55:96:9B:6E:3F:5C
Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756
Certificate serial: 078C
Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/GmL8bclB1E4wX7g014RVlptuP1w.roa
Signing time: Tue 06 May 2025 07:49:45 +0000
ROA not before: Tue 06 May 2025 07:49:45 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 58834
IP address blocks: 119.2.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1932 (0x78c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756
Validity
Not Before: May 6 07:49:45 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=1A62FC6DC941D44E305FB834D78455969B6E3F5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ca:fe:b6:ba:2f:05:64:6f:fc:91:67:1d:8a:
bc:69:b4:ad:ff:f6:04:e0:db:d1:47:28:78:1f:3b:
fa:b9:0a:4e:02:14:75:36:a7:a9:e8:33:62:e8:3b:
45:eb:94:19:69:eb:83:85:83:3d:33:9d:2e:55:6f:
94:52:6f:c6:81:3f:b8:d8:a6:4b:f0:d7:9d:81:6b:
04:23:33:31:eb:22:9e:3d:bc:e9:19:3b:60:df:73:
69:a2:56:d2:70:2b:4c:8d:b5:63:a7:d2:57:2d:39:
19:0b:54:70:06:ff:34:00:bc:cd:c8:0c:f6:13:b3:
d5:82:ef:7c:25:17:84:82:f0:db:24:88:52:f0:65:
a7:63:6c:e2:a3:3f:c4:95:18:0a:75:01:6e:85:c1:
ae:d1:f8:e4:75:09:c8:81:76:1c:01:05:c9:b1:38:
e8:c2:0f:0e:b5:4a:c7:68:29:05:53:34:23:47:33:
97:4b:0c:15:57:39:76:16:ef:ce:ca:8f:ee:28:2b:
c5:65:46:a8:fa:5e:7d:f9:1f:40:97:1e:f2:c6:6a:
1a:08:d1:11:3f:ea:9e:da:31:d7:e5:56:36:f7:ea:
0b:54:78:34:1b:e5:ee:7f:e7:88:2b:85:4a:dc:71:
a5:89:39:50:58:f0:60:04:af:4b:0e:60:a3:fb:49:
98:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:62:FC:6D:C9:41:D4:4E:30:5F:B8:34:D7:84:55:96:9B:6E:3F:5C
X509v3 Authority Key Identifier:
keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/GmL8bclB1E4wX7g014RVlptuP1w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.2.128.0/17
Signature Algorithm: sha256WithRSAEncryption
74:5a:7f:17:74:d9:49:ee:be:b9:fd:3f:0a:ef:39:a1:1d:e4:
02:74:8b:11:d2:25:5e:79:82:f6:18:5f:6e:d8:db:7f:ac:50:
e3:a0:f8:42:ce:6e:98:ba:d5:d8:09:f4:31:f5:db:e2:df:1a:
14:53:4d:81:c0:5a:a3:75:67:39:c6:87:2b:3a:cb:b8:12:96:
b4:a7:48:76:0d:15:72:40:57:6e:52:39:c1:c7:ab:3b:d7:e4:
44:37:f6:ad:ad:3c:ff:16:23:ae:c0:dd:fc:9b:e3:a8:e7:4d:
76:ce:02:a9:54:64:21:43:16:b7:55:63:60:95:1a:1b:9c:9b:
1d:b3:f0:a7:0a:54:a5:a3:bf:9a:b7:76:71:10:fb:b6:e9:7c:
12:13:11:2d:b5:bf:91:b5:06:a8:88:c1:d9:5f:d8:9e:f1:0f:
c0:b3:cd:30:ad:d0:51:35:c9:4c:d7:0e:57:13:38:44:e7:1c:
b6:be:52:da:29:87:21:82:37:ad:50:7f:45:3e:e6:28:d5:b7:
1b:ed:6e:3a:63:72:36:69:c4:28:a6:7e:ea:d2:68:11:23:df:
d9:e3:bb:c5:7c:df:d1:44:05:dc:89:4b:d0:47:69:09:f6:21:
39:15:4b:3e:b1:b3:49:10:56:16:dc:db:27:23:08:fd:86:26:
6a:8a:37:4d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICB4wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC
RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTA1MDYw
NzQ5NDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDFBNjJGQzZEQzk0MUQ0
NEUzMDVGQjgzNEQ3ODQ1NTk2OUI2RTNGNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUyv62ui8FZG/8kWcdirxptK3/9gTg29FHKHgfO/q5Ck4CFHU2
p6noM2LoO0XrlBlp64OFgz0znS5Vb5RSb8aBP7jYpkvw152BawQjMzHrIp49vOkZ
O2Dfc2miVtJwK0yNtWOn0lctORkLVHAG/zQAvM3IDPYTs9WC73wlF4SC8NskiFLw
ZadjbOKjP8SVGAp1AW6Fwa7R+OR1CciBdhwBBcmxOOjCDw61SsdoKQVTNCNHM5dL
DBVXOXYW787Kj+4oK8VlRqj6Xn35H0CXHvLGahoI0RE/6p7aMdflVjb36gtUeDQb
5e5/54grhUrccaWJOVBY8GAEr0sOYKP7SZgjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUGmL8bclB1E4wX7g014RVlptuP1wwHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx
+fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz
LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL0dtTDhiY2xCMUU0d1g3
ZzAxNFJWbHB0dVAxdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAd3AoAwDQYJKoZIhvcNAQELBQADggEBAHRafxd02Unuvrn9PwrvOaEd5AJ0ixHS
JV55gvYYX27Y23+sUOOg+ELObpi61dgJ9DH12+LfGhRTTYHAWqN1ZznGhys6y7gS
lrSnSHYNFXJAV25SOcHHqzvX5EQ39q2tPP8WI67A3fyb46jnTXbOAqlUZCFDFrdV
Y2CVGhucmx2z8KcKVKWjv5q3dnEQ+7bpfBITES21v5G1BqiIwdlf2J7xD8CzzTCt
0FE1yUzXDlcTOETnHLa+UtophyGCN61Qf0U+5ijVtxvtbjpjcjZpxCimfurSaBEj
39nju8V839FEBdyJS9BHaQn2ITkVSz6xs0kQVhbc2ycjCP2GJmqKN00=
-----END CERTIFICATE-----
Generated at Sun May 18 01:15:52 2025 by rpki-client