Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/PDzox9b6oKv1buciN_b7E8yH3cM.roa
File: PDzox9b6oKv1buciN_b7E8yH3cM.roa (raw, json)
Hash identifier: /u4H1h5OQOqh/lNKigRP6iFQwIG5JZITVz3Jkv/RB30=
Subject key identifier: 3C:3C:E8:C7:D6:FA:A0:AB:F5:6E:E7:22:37:F6:FB:13:CC:87:DD:C3
Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Certificate serial: 1BFC
Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/PDzox9b6oKv1buciN_b7E8yH3cM.roa
Signing time: Fri 17 Jan 2025 01:26:22 +0000
ROA not before: Fri 17 Jan 2025 01:26:22 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 63689
IP address blocks: 103.204.72.0/22 maxlen: 24
202.160.140.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7164 (0x1bfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Validity
Not Before: Jan 17 01:26:22 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=3C3CE8C7D6FAA0ABF56EE72237F6FB13CC87DDC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:dc:14:af:bb:27:d6:2c:30:5f:a0:e1:6a:52:
d6:a8:28:c4:df:ac:71:bd:13:82:c9:a1:1b:ba:af:
21:ec:ce:2f:7d:0d:7c:5d:bd:de:db:0d:9c:cc:9d:
8e:4f:03:f9:44:b5:65:23:e8:73:71:ff:dc:91:ff:
6f:ba:72:1c:ed:e4:16:2b:f1:93:19:49:49:1e:10:
80:9c:15:c5:3b:c7:f9:32:4c:03:1e:1d:08:de:9e:
ed:82:1d:a0:56:67:e6:51:df:16:c0:9d:f5:da:d3:
39:4c:46:40:2e:1e:29:d6:6c:32:d8:80:86:c8:7f:
df:ed:25:7a:77:db:84:9c:2e:ae:69:92:12:38:f1:
ce:89:34:77:19:34:ef:5a:d2:00:cf:ab:80:1b:07:
54:2b:9f:04:33:26:b6:1a:1d:55:11:21:d4:7e:3b:
d9:c0:9a:52:62:be:6b:8a:5d:c6:dc:ab:0d:2e:eb:
16:3b:c9:80:41:fe:5f:1c:73:5d:87:20:ed:be:8e:
ef:0b:26:0f:89:4c:8e:d4:a8:aa:02:5d:ec:af:8a:
99:a0:35:24:b5:a8:eb:47:50:b5:e7:df:c4:09:ee:
0b:5d:d1:4c:de:d3:cf:5d:fb:b7:b9:a9:a1:2c:ec:
db:a2:41:c3:0d:ec:aa:0a:db:5d:32:db:3a:02:fc:
7c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3C:E8:C7:D6:FA:A0:AB:F5:6E:E7:22:37:F6:FB:13:CC:87:DD:C3
X509v3 Authority Key Identifier:
keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/PDzox9b6oKv1buciN_b7E8yH3cM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.204.72.0/22
202.160.140.0/22
Signature Algorithm: sha256WithRSAEncryption
75:ab:69:61:ba:a8:dd:26:f5:c0:1e:48:d5:d0:66:b7:c7:0f:
9a:4f:7c:7a:22:a3:4d:df:6f:84:1f:5e:89:c8:ea:fd:d8:25:
9f:c4:d1:c8:9a:a7:89:1c:fe:f5:57:3e:99:5d:a5:a7:be:f8:
2c:85:6d:a4:58:21:30:35:5d:4e:fd:b4:ef:de:6f:06:0b:85:
03:27:9b:3c:35:77:a7:6b:07:62:64:13:52:67:8f:8d:8f:db:
8a:1a:6e:35:f3:b5:e3:e3:3e:d5:c6:aa:13:f0:25:aa:15:79:
98:3f:ed:3a:21:bc:a4:51:89:9b:b3:29:75:ce:a1:c7:76:ab:
ac:c7:bd:83:75:3d:28:df:e0:2e:5d:fd:95:08:45:55:17:62:
d5:c1:f4:c0:17:b8:a9:f4:44:fb:e9:59:92:fe:50:e0:35:da:
f7:46:18:15:73:1f:d0:91:b5:d5:d5:bd:71:27:92:17:a3:b2:
9d:b1:38:f0:a9:f4:1b:84:d4:07:88:36:72:5d:9a:3c:b1:41:
76:83:50:de:8b:96:1e:92:19:71:ef:0c:8a:32:51:dd:59:f5:
44:8b:9e:21:5d:4a:e4:e5:a1:eb:86:d8:76:b0:15:e2:95:de:
40:42:ad:6e:68:7e:3c:f3:b2:2e:5e:94:ae:e4:bd:37:d3:d1:
8c:bc:ef:b2
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICG/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF
MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNTAxMTcw
MTI2MjJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDNDM0NFOEM3RDZGQUEw
QUJGNTZFRTcyMjM3RjZGQjEzQ0M4N0REQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDR3BSvuyfWLDBfoOFqUtaoKMTfrHG9E4LJoRu6ryHszi99DXxd
vd7bDZzMnY5PA/lEtWUj6HNx/9yR/2+6chzt5BYr8ZMZSUkeEICcFcU7x/kyTAMe
HQjenu2CHaBWZ+ZR3xbAnfXa0zlMRkAuHinWbDLYgIbIf9/tJXp324ScLq5pkhI4
8c6JNHcZNO9a0gDPq4AbB1QrnwQzJrYaHVURIdR+O9nAmlJivmuKXcbcqw0u6xY7
yYBB/l8cc12HIO2+ju8LJg+JTI7UqKoCXeyvipmgNSS1qOtHULXn38QJ7gtd0Uze
089d+7e5qaEs7NuiQcMN7KoK210y2zoC/HzBAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUPDzox9b6oKv1buciN/b7E8yH3cMwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q
MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4
Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvUER6b3g5YjZvS3Yx
YnVjaU5fYjdFOHlIM2NNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAmfMSAMEAsqgjDANBgkqhkiG9w0BAQsFAAOCAQEAdatpYbqo3Sb1wB5I1dBm
t8cPmk98eiKjTd9vhB9eicjq/dgln8TRyJqniRz+9Vc+mV2lp774LIVtpFghMDVd
Tv20795vBguFAyebPDV3p2sHYmQTUmePjY/bihpuNfO14+M+1caqE/AlqhV5mD/t
OiG8pFGJm7Mpdc6hx3arrMe9g3U9KN/gLl39lQhFVRdi1cH0wBe4qfRE++lZkv5Q
4DXa90YYFXMf0JG11dW9cSeSF6OynbE48Kn0G4TUB4g2cl2aPLFBdoNQ3ouWHpIZ
ce8MijJR3Vn1RIueIV1K5OWh64bYdrAV4pXeQEKtbmh+PPOyLl6UruS9N9PRjLzv
sg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:19 2025 by rpki-client