Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/HReb-ywFRD2sicgKUd2w0b7x10E.roa
File: HReb-ywFRD2sicgKUd2w0b7x10E.roa (raw, json)
Hash identifier: y65mKFijZQhce38APb8340kQcqbx8J1XoRf25Cv+AsE=
Subject key identifier: 1D:17:9B:FB:2C:05:44:3D:AC:89:C8:0A:51:DD:B0:D1:BE:F1:D7:41
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 2019
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/HReb-ywFRD2sicgKUd2w0b7x10E.roa
Signing time: Fri 17 Jan 2025 01:24:06 +0000
ROA not before: Fri 17 Jan 2025 01:24:06 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139648
IP address blocks: 103.244.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8217 (0x2019)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Jan 17 01:24:06 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=1D179BFB2C05443DAC89C80A51DDB0D1BEF1D741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:27:ee:63:b3:e3:3f:b1:c2:e2:2e:51:6f:7c:
ac:76:f3:c7:4a:18:ca:0b:2e:22:d2:8d:27:86:16:
00:62:71:75:1f:12:04:0e:6e:4e:1d:c1:b7:38:bc:
43:c1:61:76:a0:35:e4:9a:0c:4a:ea:eb:38:1f:db:
ff:07:3c:6f:6e:01:f6:0f:59:1c:0e:6b:84:8f:38:
cf:f3:f6:9c:ee:07:fc:40:63:5e:a8:55:2a:cd:b7:
fe:bf:45:08:ad:c0:a1:5d:c1:4a:2f:7b:db:11:33:
6f:36:65:bb:7d:04:bf:6c:8f:4f:2f:4f:21:e2:d1:
34:b3:82:02:fe:08:dd:cc:f8:97:fa:50:29:f5:a2:
7a:dd:4a:6a:86:06:77:61:54:e3:03:19:9b:8d:67:
d2:cd:10:82:0e:b1:43:7b:9a:24:53:48:af:01:7c:
db:50:24:3f:e2:d0:1a:3a:2b:0a:57:96:68:4c:d9:
55:9a:67:0b:93:0a:ca:a2:2f:af:5a:52:11:04:98:
be:62:4c:a7:c2:97:38:2f:2f:3a:41:43:fc:bb:be:
b5:6f:a8:ae:47:98:49:f6:cc:08:4f:f2:fe:49:90:
46:c9:ad:96:0e:45:15:b5:17:27:52:31:29:bb:ab:
17:b1:cb:98:7a:63:f3:d7:12:83:5b:f7:5d:16:d2:
52:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:17:9B:FB:2C:05:44:3D:AC:89:C8:0A:51:DD:B0:D1:BE:F1:D7:41
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/HReb-ywFRD2sicgKUd2w0b7x10E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.244.118.0/24
Signature Algorithm: sha256WithRSAEncryption
31:c5:d5:80:12:b9:97:d4:d1:05:61:07:49:eb:ff:7d:0c:fe:
1c:fe:ac:6f:84:11:7f:19:56:62:65:6f:73:25:3e:9a:d0:50:
63:b7:89:44:bb:59:73:93:8d:ce:e8:d1:97:08:49:8d:0a:20:
a5:a5:f7:98:a7:7c:2a:fb:4c:f5:17:2c:3c:b9:50:e9:0a:46:
34:3b:c5:6c:30:11:f6:4e:c1:f4:b1:52:07:ae:f3:a0:a9:09:
fc:63:59:19:04:cd:9e:dd:91:1b:22:00:5c:4d:1f:8f:2e:90:
a1:cf:59:2f:ac:f4:e9:91:18:b3:55:64:e1:6b:57:d1:3c:35:
20:d7:d6:9d:11:61:c4:42:f2:0f:f4:2c:a6:d4:e8:eb:e9:30:
97:59:92:d9:95:1d:8e:0b:41:1c:9c:0f:0c:20:2b:0b:aa:6b:
ee:9c:60:f9:89:d1:13:d7:d4:3c:25:9b:ad:30:fb:01:9e:d1:
22:d4:64:a2:d7:7b:e9:ef:c0:ca:31:0c:9f:bc:63:69:e9:b0:
ad:5a:db:4c:c7:fe:f4:9a:93:76:c7:65:37:6e:3d:07:5a:7a:
e1:01:5c:8c:21:a5:97:04:97:eb:b8:57:11:74:7d:c6:89:ca:
06:b9:7e:72:25:5d:98:ca:40:5b:0a:6a:8b:10:c8:a4:f5:37:
0e:4a:e7:cb
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICIBkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAxMTcw
MTI0MDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFEMTc5QkZCMkMwNTQ0
M0RBQzg5QzgwQTUxRERCMEQxQkVGMUQ3NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5J+5js+M/scLiLlFvfKx288dKGMoLLiLSjSeGFgBicXUfEgQO
bk4dwbc4vEPBYXagNeSaDErq6zgf2/8HPG9uAfYPWRwOa4SPOM/z9pzuB/xAY16o
VSrNt/6/RQitwKFdwUove9sRM282Zbt9BL9sj08vTyHi0TSzggL+CN3M+Jf6UCn1
onrdSmqGBndhVOMDGZuNZ9LNEIIOsUN7miRTSK8BfNtQJD/i0Bo6KwpXlmhM2VWa
ZwuTCsqiL69aUhEEmL5iTKfClzgvLzpBQ/y7vrVvqK5HmEn2zAhP8v5JkEbJrZYO
RRW1FydSMSm7qxexy5h6Y/PXEoNb910W0lIDAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUHReb+ywFRD2sicgKUd2w0b7x10EwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvSFJlYi15d0ZSRDJz
aWNnS1VkMncwYjd4MTBFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGf0djANBgkqhkiG9w0BAQsFAAOCAQEAMcXVgBK5l9TRBWEHSev/fQz+HP6s
b4QRfxlWYmVvcyU+mtBQY7eJRLtZc5ONzujRlwhJjQogpaX3mKd8KvtM9RcsPLlQ
6QpGNDvFbDAR9k7B9LFSB67zoKkJ/GNZGQTNnt2RGyIAXE0fjy6Qoc9ZL6z06ZEY
s1Vk4WtX0Tw1INfWnRFhxELyD/QsptTo6+kwl1mS2ZUdjgtBHJwPDCArC6pr7pxg
+YnRE9fUPCWbrTD7AZ7RItRkotd76e/AyjEMn7xjaemwrVrbTMf+9JqTdsdlN249
B1p64QFcjCGllwSX67hXEXR9xonKBrl+ciVdmMpAWwpqixDIpPU3Dkrnyw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:19 2025 by rpki-client