Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1534/kE8KURFkRltmZ1-2SoLx-p7TWvw.roa
File: kE8KURFkRltmZ1-2SoLx-p7TWvw.roa (raw, json)
Hash identifier: TO/DiBQuRq3X8QdZZI0lCVOPkjFYbZChlategWDpTyY=
Subject key identifier: 90:4F:0A:51:11:64:46:5B:66:67:5F:B6:4A:82:F1:FA:9E:D3:5A:FC
Certificate issuer: /CN=0CA4F183C659ED57FB46D59AD5483D6FE9B34F4E
Certificate serial: 1BB3
Authority key identifier: 0C:A4:F1:83:C6:59:ED:57:FB:46:D5:9A:D5:48:3D:6F:E9:B3:4F:4E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/kE8KURFkRltmZ1-2SoLx-p7TWvw.roa
Signing time: Wed 13 Mar 2024 01:23:24 +0000
ROA not before: Wed 13 Mar 2024 01:23:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 59067
IP address blocks: 103.25.156.0/24 maxlen: 24
111.221.28.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7091 (0x1bb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0CA4F183C659ED57FB46D59AD5483D6FE9B34F4E
Validity
Not Before: Mar 13 01:23:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=904F0A511164465B66675FB64A82F1FA9ED35AFC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5d:2d:75:f9:00:92:68:66:c9:06:f3:9e:a4:
5c:1d:27:61:15:9b:95:78:3e:fa:fd:79:8c:d4:2f:
db:a4:67:b9:de:a0:81:f9:e5:75:1f:70:37:2d:db:
8a:97:79:c3:22:9e:ec:2c:f0:98:bb:cf:41:ab:b3:
2a:e5:31:2b:ca:8a:d9:3e:64:5b:d5:8b:e4:d6:41:
93:35:b2:06:44:0c:dd:2f:3b:7a:d6:ce:3c:fa:04:
1f:ca:96:32:14:6b:0d:df:33:ea:3f:f9:af:ce:4b:
14:ed:3e:23:2f:98:51:1a:1e:25:39:8f:66:8f:f8:
c9:6d:6c:ae:7a:02:9b:82:11:00:34:0a:4f:eb:70:
9d:5f:82:60:7f:3a:c2:38:5a:d3:67:a7:e1:91:e7:
ba:fb:3c:53:93:b7:b6:11:c1:32:e3:31:a9:34:26:
32:2a:af:1b:21:3c:0f:08:04:29:1e:24:2a:32:71:
24:86:e9:01:30:83:37:d1:07:00:e4:5a:01:df:f3:
a5:a1:e9:f8:d8:d5:12:a9:2c:ba:3b:7b:8f:25:0a:
4b:a4:3d:be:49:47:fa:fe:88:e4:07:f0:92:e3:c5:
09:53:0b:69:f1:92:ce:4f:c0:98:c0:48:90:dc:b6:
b0:34:da:6e:45:48:9f:af:1a:fd:2e:bc:a0:f5:47:
f5:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4F:0A:51:11:64:46:5B:66:67:5F:B6:4A:82:F1:FA:9E:D3:5A:FC
X509v3 Authority Key Identifier:
keyid:0C:A4:F1:83:C6:59:ED:57:FB:46:D5:9A:D5:48:3D:6F:E9:B3:4F:4E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/kE8KURFkRltmZ1-2SoLx-p7TWvw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.25.156.0/24
111.221.28.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:29:7a:28:55:fe:85:5e:b2:c7:7a:8d:46:66:4e:f4:16:86:
9b:8e:6f:03:aa:bf:87:71:b0:7c:6e:5f:ad:e3:7c:c8:c4:c4:
0a:31:6e:2c:34:01:b2:9c:0a:fb:ff:9a:18:60:ff:10:82:bf:
b6:df:06:e3:03:25:cb:06:2c:2e:ab:b9:af:6b:b4:94:87:11:
4a:a1:82:e4:7a:b7:9a:e9:3f:00:fa:aa:99:a4:da:5f:58:07:
7b:ac:56:e9:85:c1:09:52:56:e3:ad:7f:ba:b8:01:d4:28:2f:
ca:f1:12:45:d4:e2:b1:08:55:f3:19:50:a9:ef:68:b1:e1:3b:
56:9e:56:9d:f6:0d:91:35:5e:ab:ff:e6:4a:21:82:01:08:1f:
37:f7:52:3c:0e:47:cf:32:6e:d0:18:47:25:11:a5:2f:f2:c2:
7f:e5:26:c2:02:3e:96:33:4f:fa:02:c9:cd:7c:ee:9b:91:4f:
bf:aa:95:dc:b8:0c:23:6e:5e:92:af:aa:75:ff:c6:b7:01:60:
23:b8:07:f4:28:24:50:11:ed:93:b4:64:93:07:d3:6a:3b:7c:
63:3b:5f:0f:52:09:be:7c:d7:f5:61:98:e2:63:cb:80:47:5d:
e3:0c:a7:a7:90:64:16:94:af:3c:04:e5:37:2d:70:0c:7c:db:
51:2c:0f:55
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICG7MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMENB
NEYxODNDNjU5RUQ1N0ZCNDZENTlBRDU0ODNENkZFOUIzNEY0RTAeFw0yNDAzMTMw
MTIzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwNEYwQTUxMTE2NDQ2
NUI2NjY3NUZCNjRBODJGMUZBOUVEMzVBRkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDpXS11+QCSaGbJBvOepFwdJ2EVm5V4Pvr9eYzUL9ukZ7neoIH5
5XUfcDct24qXecMinuws8Ji7z0GrsyrlMSvKitk+ZFvVi+TWQZM1sgZEDN0vO3rW
zjz6BB/KljIUaw3fM+o/+a/OSxTtPiMvmFEaHiU5j2aP+MltbK56ApuCEQA0Ck/r
cJ1fgmB/OsI4WtNnp+GR57r7PFOTt7YRwTLjMak0JjIqrxshPA8IBCkeJCoycSSG
6QEwgzfRBwDkWgHf86Wh6fjY1RKpLLo7e48lCkukPb5JR/r+iOQH8JLjxQlTC2nx
ks5PwJjASJDctrA02m5FSJ+vGv0uvKD1R/VzAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUkE8KURFkRltmZ1+2SoLx+p7TWvwwHwYDVR0jBBgwFoAUDKTxg8ZZ7Vf7RtWa
1Ug9b+mzT04wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTUz
NC9ES1R4ZzhaWjdWZjdSdFdhMVVnOWItbXpUMDQuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0RLVHhnOFpaN1ZmN1J0V2ExVWc5Yi1telQwNC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1MzQva0U4S1VSRmtSbHRt
WjEtMlNvTHgtcDdUV3Z3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAGcZnAMEAG/dHDANBgkqhkiG9w0BAQsFAAOCAQEADyl6KFX+hV6yx3qNRmZO
9BaGm45vA6q/h3GwfG5freN8yMTECjFuLDQBspwK+/+aGGD/EIK/tt8G4wMlywYs
Lqu5r2u0lIcRSqGC5Hq3muk/APqqmaTaX1gHe6xW6YXBCVJW461/urgB1CgvyvES
RdTisQhV8xlQqe9oseE7Vp5WnfYNkTVeq//mSiGCAQgfN/dSPA5HzzJu0BhHJRGl
L/LCf+UmwgI+ljNP+gLJzXzum5FPv6qV3LgMI25ekq+qdf/GtwFgI7gH9CgkUBHt
k7RkkwfTajt8YztfD1IJvnzX9WGY4mPLgEdd4wynp5BkFpSvPATlNy1wDHzbUSwP
VQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:33 2025 by rpki-client