Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/IiRFLwykCE55foHlT9Cyoni3dog.roa
File: IiRFLwykCE55foHlT9Cyoni3dog.roa (raw, json)
Hash identifier: VZF43H+/Xb7dNEQdKEoiW4pZUDAI+mWd5eoYGgXSAoQ=
Subject key identifier: 22:24:45:2F:0C:A4:08:4E:79:7E:81:E5:4F:D0:B2:A2:78:B7:76:88
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 1E79
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/IiRFLwykCE55foHlT9Cyoni3dog.roa
Signing time: Wed 13 Mar 2024 01:21:36 +0000
ROA not before: Wed 13 Mar 2024 01:21:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4816
IP address blocks: 103.39.232.0/22 maxlen: 22
103.44.236.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7801 (0x1e79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: Mar 13 01:21:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2224452F0CA4084E797E81E54FD0B2A278B77688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ac:85:1d:f6:1b:81:f5:e2:7d:00:f1:be:af:
99:0a:7f:01:47:9d:b5:22:80:5b:e9:78:69:76:34:
b2:f3:17:ce:62:a3:d3:c0:eb:94:3e:f7:ae:4e:6d:
0b:49:4e:a1:94:23:72:45:c3:1b:52:18:36:69:fc:
e5:9b:16:80:ef:b3:6e:3b:46:ff:71:7c:a5:7e:b9:
e6:7d:b0:3f:d2:4a:99:7a:69:75:30:3c:4d:29:af:
cd:7d:60:4f:a5:e3:d4:70:88:25:e6:9f:ff:87:6d:
12:60:e9:29:47:fc:26:b5:92:93:fe:c8:1e:92:02:
b7:26:ea:0b:63:cd:99:7e:1c:86:e2:0b:fb:8d:be:
66:da:09:70:d0:01:33:ee:e4:dd:92:96:df:7d:ee:
85:33:24:14:a0:84:fd:77:b7:82:1c:a4:63:d6:96:
d1:24:69:2d:b3:84:96:c8:b3:8c:1a:c3:f2:3b:f9:
79:dd:4a:5f:f5:b0:6a:cb:d4:c1:24:81:5d:c6:5c:
0f:a5:05:e9:3b:0f:74:df:92:bd:6e:ca:82:8b:87:
1b:e7:f5:57:bf:5f:28:f4:85:41:f0:50:5d:83:3f:
08:79:bb:f0:2d:9b:62:70:d0:20:ee:82:a6:e3:53:
0a:77:98:14:01:0e:b1:09:02:78:78:06:07:7c:20:
36:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:24:45:2F:0C:A4:08:4E:79:7E:81:E5:4F:D0:B2:A2:78:B7:76:88
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/IiRFLwykCE55foHlT9Cyoni3dog.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.39.232.0/22
103.44.236.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:a6:75:cf:15:32:f8:55:9c:f1:d6:47:11:5c:40:ef:7b:d7:
7b:9b:91:fe:cf:26:f8:d3:82:35:97:29:e8:fb:67:d0:51:a9:
db:6b:d9:cc:49:3d:3a:78:8a:0e:24:97:37:a8:07:84:70:61:
ef:d1:9d:99:8d:48:e1:71:68:7c:c4:5f:c6:1e:99:ee:47:a9:
be:57:b7:f2:db:61:5f:1a:8e:11:9d:c8:37:08:50:5e:ff:6c:
d7:67:f6:90:c4:7d:c3:c8:53:5a:6e:e4:38:8c:04:67:91:87:
b6:21:5e:84:56:7f:13:97:98:48:05:90:49:65:29:0b:32:2c:
ef:a8:66:6a:55:6d:52:12:6a:c3:cf:3a:87:ef:a2:6b:4b:29:
2e:b2:25:e9:1b:3d:2d:f6:29:43:57:c2:d5:42:ec:77:5b:3e:
68:bd:78:ae:7d:9d:89:d4:60:6d:e8:23:a3:c8:59:13:29:e5:
ef:36:df:4f:b5:b0:5c:c3:ce:26:a6:6d:66:c4:41:93:dc:56:
87:5f:47:99:ec:4d:e3:24:da:67:2b:ed:93:ef:3b:8c:0e:5c:
94:08:d5:c6:54:f6:af:71:35:29:19:75:1f:b7:aa:80:22:77:
b1:4f:60:84:51:47:bd:f6:69:ae:5f:68:83:57:f0:2a:25:b8:
b1:35:d1:42
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICHnkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNDAzMTMw
MTIxMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIyMjQ0NTJGMENBNDA4
NEU3OTdFODFFNTRGRDBCMkEyNzhCNzc2ODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfrIUd9huB9eJ9APG+r5kKfwFHnbUigFvpeGl2NLLzF85io9PA
65Q+965ObQtJTqGUI3JFwxtSGDZp/OWbFoDvs247Rv9xfKV+ueZ9sD/SSpl6aXUw
PE0pr819YE+l49RwiCXmn/+HbRJg6SlH/Ca1kpP+yB6SArcm6gtjzZl+HIbiC/uN
vmbaCXDQATPu5N2Slt997oUzJBSghP13t4IcpGPWltEkaS2zhJbIs4waw/I7+Xnd
Sl/1sGrL1MEkgV3GXA+lBek7D3Tfkr1uyoKLhxvn9Ve/Xyj0hUHwUF2DPwh5u/At
m2Jw0CDugqbjUwp3mBQBDrEJAnh4Bgd8IDblAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUIiRFLwykCE55foHlT9Cyoni3dogwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvSWlSRkx3eWtDRTU1
Zm9IbFQ5Q3lvbmkzZG9nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAmcn6AMEAmcs7DANBgkqhkiG9w0BAQsFAAOCAQEAq6Z1zxUy+FWc8dZHEVxA
73vXe5uR/s8m+NOCNZcp6Ptn0FGp22vZzEk9OniKDiSXN6gHhHBh79GdmY1I4XFo
fMRfxh6Z7kepvle38tthXxqOEZ3INwhQXv9s12f2kMR9w8hTWm7kOIwEZ5GHtiFe
hFZ/E5eYSAWQSWUpCzIs76hmalVtUhJqw886h++ia0spLrIl6Rs9LfYpQ1fC1ULs
d1s+aL14rn2didRgbegjo8hZEynl7zbfT7WwXMPOJqZtZsRBk9xWh19HmexN4yTa
Zyvtk+87jA5clAjVxlT2r3E1KRl1H7eqgCJ3sU9ghFFHvfZprl9og1fwKiW4sTXR
Qg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:56 2025 by rpki-client