Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/PKXkcUr335sEDYRfkYRp4LEISLI.roa
File: PKXkcUr335sEDYRfkYRp4LEISLI.roa (raw, json)
Hash identifier: mviReOTv7YVDxWGGz0XAX8GMz/+b75ioGHLgmXFAl/8=
Subject key identifier: 3C:A5:E4:71:4A:F7:DF:9B:04:0D:84:5F:91:84:69:E0:B1:08:48:B2
Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Certificate serial: 1BFA
Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/PKXkcUr335sEDYRfkYRp4LEISLI.roa
Signing time: Fri 17 Jan 2025 01:26:22 +0000
ROA not before: Fri 17 Jan 2025 01:26:22 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59033
IP address blocks: 103.204.72.0/22 maxlen: 24
202.160.140.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7162 (0x1bfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Validity
Not Before: Jan 17 01:26:22 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=3CA5E4714AF7DF9B040D845F918469E0B10848B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:59:31:a1:be:30:7c:d5:f0:bf:34:8d:e0:a9:
08:e1:14:bb:d0:98:35:29:44:a5:bd:59:22:db:bc:
b0:4a:b4:9c:12:d7:b4:1c:40:45:62:a4:ae:12:3d:
90:b0:1b:53:2b:b6:df:75:31:4b:55:78:d7:5c:33:
74:0d:ca:56:c0:b3:08:4f:16:27:20:63:28:8c:f9:
41:c3:78:7c:dd:8c:dc:07:09:4b:67:43:f6:a1:3c:
fe:4c:3d:ab:69:dd:b6:82:06:f9:66:ae:f1:23:c8:
df:42:7d:de:83:66:51:b8:56:8f:57:d1:31:9f:cf:
95:96:40:c0:21:81:d3:53:dc:26:2e:92:b2:87:4a:
6d:6f:16:6a:27:63:4f:56:71:84:96:bc:29:d7:94:
02:0c:91:72:d5:b2:6a:da:b1:28:f6:6b:7a:35:ef:
a9:fc:ca:e8:21:cf:f4:fc:97:dd:42:ca:cc:f3:45:
fa:6a:f9:62:68:97:74:14:01:d0:a1:e3:36:a4:48:
91:a2:90:b0:18:61:fa:95:3b:ef:a3:4a:7a:3f:cd:
58:7a:90:fb:88:fe:8a:33:86:cf:ae:eb:60:c4:30:
1f:12:5e:40:34:94:8a:f8:f2:d8:7b:99:0d:fd:18:
28:6d:4c:91:71:5e:b0:ff:d9:91:bb:7f:9f:49:e5:
3f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A5:E4:71:4A:F7:DF:9B:04:0D:84:5F:91:84:69:E0:B1:08:48:B2
X509v3 Authority Key Identifier:
keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/PKXkcUr335sEDYRfkYRp4LEISLI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.204.72.0/22
202.160.140.0/22
Signature Algorithm: sha256WithRSAEncryption
72:ef:41:47:13:47:03:8a:f4:77:2d:1c:91:13:41:f2:f8:b9:
f8:e7:69:b6:c5:77:82:96:1a:2e:e4:3e:4d:d3:cd:b9:f1:76:
5d:4b:86:18:72:90:37:2d:b9:42:ab:2b:b6:60:58:74:68:86:
06:f1:6a:34:f8:2e:57:bd:37:92:75:8d:42:7b:1d:28:ac:e5:
45:2c:eb:3c:79:e6:a6:3f:c4:50:45:4f:fb:e6:fb:04:ea:0f:
ee:f1:7a:c9:c1:69:ed:2f:61:9a:51:ee:4d:0d:01:34:93:a9:
81:fa:77:77:f8:21:df:f3:73:64:ca:f8:21:2e:a8:52:13:76:
55:dd:3d:ff:eb:9f:dc:6c:45:11:55:4f:09:cc:59:13:10:18:
8f:44:7e:f1:e6:b4:7a:d5:15:8b:73:cb:8a:72:48:00:e8:8e:
73:65:33:6a:0f:77:60:27:2b:d8:fb:d9:c4:5e:42:a0:a2:8e:
45:d7:35:b5:70:73:71:d9:8c:ca:89:ab:77:fa:5e:ab:e6:b8:
39:c1:23:11:13:35:6d:fe:04:b4:cc:c6:79:14:16:47:f9:94:
f0:54:0c:90:b6:03:92:c9:8a:3d:d5:e2:c9:58:64:b2:51:8d:
0a:08:8b:5b:38:dd:91:a9:fe:16:c1:c6:b7:46:db:04:ba:ab:
7f:8b:ee:ca
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICG/owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF
MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNTAxMTcw
MTI2MjJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDNDQTVFNDcxNEFGN0RG
OUIwNDBEODQ1RjkxODQ2OUUwQjEwODQ4QjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuWTGhvjB81fC/NI3gqQjhFLvQmDUpRKW9WSLbvLBKtJwS17Qc
QEVipK4SPZCwG1Mrtt91MUtVeNdcM3QNylbAswhPFicgYyiM+UHDeHzdjNwHCUtn
Q/ahPP5MPatp3baCBvlmrvEjyN9Cfd6DZlG4Vo9X0TGfz5WWQMAhgdNT3CYukrKH
Sm1vFmonY09WcYSWvCnXlAIMkXLVsmrasSj2a3o176n8yughz/T8l91CyszzRfpq
+WJol3QUAdCh4zakSJGikLAYYfqVO++jSno/zVh6kPuI/oozhs+u62DEMB8SXkA0
lIr48th7mQ39GChtTJFxXrD/2ZG7f59J5T85AgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUPKXkcUr335sEDYRfkYRp4LEISLIwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q
MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4
Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvUEtYa2NVcjMzNXNF
RFlSZmtZUnA0TEVJU0xJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAmfMSAMEAsqgjDANBgkqhkiG9w0BAQsFAAOCAQEAcu9BRxNHA4r0dy0ckRNB
8vi5+OdptsV3gpYaLuQ+TdPNufF2XUuGGHKQNy25QqsrtmBYdGiGBvFqNPguV703
knWNQnsdKKzlRSzrPHnmpj/EUEVP++b7BOoP7vF6ycFp7S9hmlHuTQ0BNJOpgfp3
d/gh3/NzZMr4IS6oUhN2Vd09/+uf3GxFEVVPCcxZExAYj0R+8ea0etUVi3PLinJI
AOiOc2Uzag93YCcr2PvZxF5CoKKORdc1tXBzcdmMyomrd/peq+a4OcEjERM1bf4E
tMzGeRQWR/mU8FQMkLYDksmKPdXiyVhkslGNCgiLWzjdkan+FsHGt0bbBLqrf4vu
yg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:21 2025 by rpki-client