Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1534/Bvhrqon81saoI-g_kt147a4MO6A.roa
File: Bvhrqon81saoI-g_kt147a4MO6A.roa (raw, json)
Hash identifier: AUUB7fEMbMUMXAuHrAhESx1qDRAkiRkWHtXmBbL108M=
Subject key identifier: 06:F8:6B:AA:89:FC:D6:C6:A8:23:E8:3F:92:DD:78:ED:AE:0C:3B:A0
Certificate issuer: /CN=0CA4F183C659ED57FB46D59AD5483D6FE9B34F4E
Certificate serial: 21AE
Authority key identifier: 0C:A4:F1:83:C6:59:ED:57:FB:46:D5:9A:D5:48:3D:6F:E9:B3:4F:4E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/Bvhrqon81saoI-g_kt147a4MO6A.roa
Signing time: Fri 17 Jan 2025 01:28:34 +0000
ROA not before: Fri 17 Jan 2025 01:28:34 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59067
IP address blocks: 103.25.156.0/24 maxlen: 24
111.221.28.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8622 (0x21ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0CA4F183C659ED57FB46D59AD5483D6FE9B34F4E
Validity
Not Before: Jan 17 01:28:34 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=06F86BAA89FCD6C6A823E83F92DD78EDAE0C3BA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b4:69:d0:06:de:98:36:f2:11:01:c7:13:ba:
d6:cd:cd:f0:72:5c:77:5f:d7:3e:0c:83:23:70:b8:
bb:95:f3:63:7c:86:0d:f1:da:3f:67:a1:8a:cc:cb:
b3:6a:60:eb:a2:3f:3a:b7:f8:3b:c3:9f:28:65:e3:
6d:e5:3d:47:ad:5f:19:a4:41:f3:a1:07:cd:c1:57:
66:59:a0:03:79:79:2a:b2:2c:5e:ac:14:0a:db:8c:
25:7b:78:de:69:48:7d:dc:76:c9:44:56:80:72:5b:
62:4a:67:60:25:d2:90:a4:19:c6:a0:7b:00:d0:86:
ca:09:48:07:3e:b3:f3:74:01:93:f1:68:8b:2b:e3:
09:c1:0a:a0:75:43:cf:74:c6:a2:8b:f1:a4:9e:cb:
5b:25:67:53:7f:42:42:3f:3e:0a:24:fa:fe:c2:21:
fe:b7:92:d9:17:e2:d9:32:1e:00:8d:ab:bb:6e:33:
97:64:a8:58:a4:8a:a2:61:94:4d:75:17:de:e4:0f:
14:da:b0:c2:11:79:40:96:e0:d1:34:37:55:a7:87:
bb:0e:c9:9a:45:71:43:66:5d:68:70:ca:d7:ac:8b:
2c:62:ae:8f:2c:74:67:9e:23:28:ef:78:39:f2:3b:
a3:5c:ec:be:fc:e4:f4:8a:a4:cb:42:8b:86:44:00:
1b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:F8:6B:AA:89:FC:D6:C6:A8:23:E8:3F:92:DD:78:ED:AE:0C:3B:A0
X509v3 Authority Key Identifier:
keyid:0C:A4:F1:83:C6:59:ED:57:FB:46:D5:9A:D5:48:3D:6F:E9:B3:4F:4E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/Bvhrqon81saoI-g_kt147a4MO6A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.25.156.0/24
111.221.28.0/24
Signature Algorithm: sha256WithRSAEncryption
88:69:63:ef:66:c6:3d:c3:0d:09:ec:7f:4d:84:4d:a1:18:94:
be:ea:15:bc:ba:d0:02:1d:90:13:7f:c3:c1:18:fd:38:7e:ce:
34:09:3f:75:05:07:22:21:a6:96:b5:75:b3:ba:3a:99:43:c2:
fb:91:42:27:f8:40:69:31:52:4c:22:f4:4c:06:4c:7b:38:c1:
c7:e0:62:f0:c0:26:14:2e:c8:b6:1e:8b:18:5f:39:c9:34:3a:
67:ef:a5:36:88:83:cf:1d:d7:65:6f:af:da:99:66:61:47:38:
dd:04:ad:fb:ae:f6:82:1b:16:0f:39:50:c7:3c:4c:19:19:82:
3c:63:4a:fd:0b:6d:03:d7:1a:9f:2a:59:d7:b6:44:89:f5:a2:
31:3d:e0:00:fc:dc:93:68:4b:19:aa:df:8c:43:d1:5b:e0:ae:
19:8d:e5:f0:f5:ef:9c:f1:5a:f0:0c:52:0f:1a:69:3e:c9:f1:
47:89:c7:3a:7b:36:2c:19:c8:3d:cd:b6:16:37:e8:80:52:bd:
a2:74:f3:1e:b8:ca:82:1e:37:db:fa:9f:d2:76:e1:36:5a:3e:
95:f1:2a:07:66:66:af:de:e9:08:f4:9c:79:ca:17:54:c6:43:
44:e3:29:90:48:bc:b2:1b:24:4c:6b:34:10:8a:99:94:1c:62:
c3:c1:90:c5
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICIa4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMENB
NEYxODNDNjU5RUQ1N0ZCNDZENTlBRDU0ODNENkZFOUIzNEY0RTAeFw0yNTAxMTcw
MTI4MzRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDA2Rjg2QkFBODlGQ0Q2
QzZBODIzRTgzRjkyREQ3OEVEQUUwQzNCQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCttGnQBt6YNvIRAccTutbNzfByXHdf1z4MgyNwuLuV82N8hg3x
2j9noYrMy7NqYOuiPzq3+DvDnyhl423lPUetXxmkQfOhB83BV2ZZoAN5eSqyLF6s
FArbjCV7eN5pSH3cdslEVoByW2JKZ2Al0pCkGcagewDQhsoJSAc+s/N0AZPxaIsr
4wnBCqB1Q890xqKL8aSey1slZ1N/QkI/Pgok+v7CIf63ktkX4tkyHgCNq7tuM5dk
qFikiqJhlE11F97kDxTasMIReUCW4NE0N1Wnh7sOyZpFcUNmXWhwytesiyxiro8s
dGeeIyjveDnyO6Nc7L785PSKpMtCi4ZEABuxAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUBvhrqon81saoI+g/kt147a4MO6AwHwYDVR0jBBgwFoAUDKTxg8ZZ7Vf7RtWa
1Ug9b+mzT04wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTUz
NC9ES1R4ZzhaWjdWZjdSdFdhMVVnOWItbXpUMDQuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0RLVHhnOFpaN1ZmN1J0V2ExVWc5Yi1telQwNC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1MzQvQnZocnFvbjgxc2Fv
SS1nX2t0MTQ3YTRNTzZBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAGcZnAMEAG/dHDANBgkqhkiG9w0BAQsFAAOCAQEAiGlj72bGPcMNCex/TYRN
oRiUvuoVvLrQAh2QE3/DwRj9OH7ONAk/dQUHIiGmlrV1s7o6mUPC+5FCJ/hAaTFS
TCL0TAZMezjBx+Bi8MAmFC7Ith6LGF85yTQ6Z++lNoiDzx3XZW+v2plmYUc43QSt
+672ghsWDzlQxzxMGRmCPGNK/QttA9canypZ17ZEifWiMT3gAPzck2hLGarfjEPR
W+CuGY3l8PXvnPFa8AxSDxppPsnxR4nHOns2LBnIPc22FjfogFK9onTzHrjKgh43
2/qf0nbhNlo+lfEqB2Zmr97pCPScecoXVMZDROMpkEi8shskTGs0EIqZlBxiw8GQ
xQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:11 2025 by rpki-client