Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1211/FWXU87yFUCTNIbMchit0LWUYBYk.roa
File: FWXU87yFUCTNIbMchit0LWUYBYk.roa (raw, json)
Hash identifier: v4fAja8rcRHb5/MGfmkk1WadT+54lFjhIRIjYe2cCEw=
Subject key identifier: 15:65:D4:F3:BC:85:50:24:CD:21:B3:1C:86:2B:74:2D:65:18:05:89
Certificate issuer: /CN=183D882201945BE13993B4C6DAC954F8EE426C97
Certificate serial: 1014
Authority key identifier: 18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/FWXU87yFUCTNIbMchit0LWUYBYk.roa
Signing time: Mon 24 Feb 2025 05:00:04 +0000
ROA not before: Mon 24 Feb 2025 05:00:04 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 63701
IP address blocks: 103.63.244.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4116 (0x1014)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=183D882201945BE13993B4C6DAC954F8EE426C97
Validity
Not Before: Feb 24 05:00:04 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=1565D4F3BC855024CD21B31C862B742D65180589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ad:26:cb:bb:47:5a:25:c2:88:21:4f:5d:2c:
fb:d9:5a:75:37:51:f9:e6:ea:65:80:40:1a:9e:ba:
c4:e1:38:23:dd:39:18:2b:7e:2a:90:35:aa:e3:47:
cd:a5:45:34:fa:c1:a7:60:cd:96:7f:8a:85:a1:40:
b7:b2:88:5e:3c:da:fa:a0:64:ed:c8:59:be:36:48:
87:ff:50:b5:28:63:f4:8b:52:57:ca:ac:14:06:cb:
5d:ab:43:10:07:a8:56:65:1c:18:3d:b2:f3:9c:c3:
89:36:a4:ef:23:92:2b:9d:f3:22:ec:01:ae:ff:11:
bb:15:a1:75:a6:d5:9b:cb:26:11:23:08:88:a0:65:
c8:3a:b0:67:c4:e5:39:97:7b:27:0a:5f:36:81:35:
4e:4c:82:26:4f:de:4d:6b:40:ec:cc:6f:d6:9d:f1:
fc:f0:15:6d:de:f9:cc:c1:ab:59:70:10:e5:5f:93:
a6:ed:cc:8f:d6:7d:92:06:75:d8:39:00:7a:2f:35:
e5:c1:e0:6d:ef:82:9a:9a:cc:0b:0b:96:25:f0:95:
d7:d3:0f:67:c5:57:bd:5b:a7:cd:58:52:1a:de:0c:
67:7c:62:1a:44:f6:ea:7b:a4:79:eb:c4:9c:01:f3:
e3:3c:8e:b0:e9:26:ce:03:50:b9:70:cb:64:32:cc:
e5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:65:D4:F3:BC:85:50:24:CD:21:B3:1C:86:2B:74:2D:65:18:05:89
X509v3 Authority Key Identifier:
keyid:18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/FWXU87yFUCTNIbMchit0LWUYBYk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.63.244.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:77:c6:98:c0:4d:c0:cc:65:f0:f9:92:07:06:ef:68:ad:58:
3f:bb:dc:29:6e:a8:a7:5a:a9:11:7d:9f:2d:3e:52:29:5c:ec:
4a:56:a9:c0:75:81:66:f3:a6:07:0c:d9:7e:cb:bb:0e:a5:81:
2d:09:46:10:de:3f:ab:ec:0c:33:a0:62:9f:0c:52:cd:c2:ad:
ab:55:ea:4b:14:93:ec:6e:4d:ea:ae:1d:40:30:0c:f1:20:ed:
9b:e9:cc:69:1e:b7:da:dd:44:ea:52:c9:1f:2a:2c:af:00:10:
97:5f:06:27:0f:ee:f9:30:5c:52:8a:49:88:9d:ae:3e:65:c0:
1f:1c:61:eb:0d:de:ab:d7:7c:eb:2a:65:a2:8a:4f:f4:f9:0c:
d8:f0:44:ff:32:f6:23:a5:ef:49:cd:04:46:06:1e:d2:eb:45:
fa:b8:36:92:c2:ad:15:af:17:41:a7:ab:76:5d:c6:18:60:ba:
41:2a:a4:f7:df:9b:19:55:fe:dc:f5:30:cb:21:36:8a:57:5a:
9a:06:33:cb:e7:8d:6a:90:14:54:e9:e5:84:a5:3c:70:36:78:
5e:fd:cc:a6:9b:3b:da:57:e2:b0:29:0c:6b:a5:26:57:44:fd:
8e:50:6c:94:8a:46:a3:e7:1a:a0:3f:6d:fe:ed:a0:9e:7b:ec:
62:3e:cd:bd
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEBQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTgz
RDg4MjIwMTk0NUJFMTM5OTNCNEM2REFDOTU0RjhFRTQyNkM5NzAeFw0yNTAyMjQw
NTAwMDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDE1NjVENEYzQkM4NTUw
MjRDRDIxQjMxQzg2MkI3NDJENjUxODA1ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcrSbLu0daJcKIIU9dLPvZWnU3Ufnm6mWAQBqeusThOCPdORgr
fiqQNarjR82lRTT6wadgzZZ/ioWhQLeyiF482vqgZO3IWb42SIf/ULUoY/SLUlfK
rBQGy12rQxAHqFZlHBg9svOcw4k2pO8jkiud8yLsAa7/EbsVoXWm1ZvLJhEjCIig
Zcg6sGfE5TmXeycKXzaBNU5MgiZP3k1rQOzMb9ad8fzwFW3e+czBq1lwEOVfk6bt
zI/WfZIGddg5AHovNeXB4G3vgpqazAsLliXwldfTD2fFV71bp81YUhreDGd8YhpE
9up7pHnrxJwB8+M8jrDpJs4DULlwy2QyzOWBAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUFWXU87yFUCTNIbMchit0LWUYBYkwHwYDVR0jBBgwFoAUGD2IIgGUW+E5k7TG
2slU+O5CbJcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx
MS9HRDJJSWdHVVctRTVrN1RHMnNsVS1PNUNiSmMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0dEMklJZ0dVVy1FNWs3VEcyc2xVLU81Q2JKYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTEvRldYVTg3eUZVQ1RO
SWJNY2hpdDBMV1VZQllrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmc/9DANBgkqhkiG9w0BAQsFAAOCAQEATXfGmMBNwMxl8PmSBwbvaK1YP7vc
KW6op1qpEX2fLT5SKVzsSlapwHWBZvOmBwzZfsu7DqWBLQlGEN4/q+wMM6BinwxS
zcKtq1XqSxST7G5N6q4dQDAM8SDtm+nMaR632t1E6lLJHyosrwAQl18GJw/u+TBc
UopJiJ2uPmXAHxxh6w3eq9d86yploopP9PkM2PBE/zL2I6XvSc0ERgYe0utF+rg2
ksKtFa8XQaerdl3GGGC6QSqk99+bGVX+3PUwyyE2ildamgYzy+eNapAUVOnlhKU8
cDZ4Xv3Mpps72lfisCkMa6UmV0T9jlBslIpGo+caoD9t/u2gnnvsYj7NvQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:27:21 2025 by rpki-client