Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/Mw0AMcJ331Zk3LfIw4rGUcMnjA0.roa
File: Mw0AMcJ331Zk3LfIw4rGUcMnjA0.roa (raw, json)
Hash identifier: 6MvuvsWQ1pBcXJjGGEiPX7d7itOpdEaZUyt9brNvtkc=
Subject key identifier: 33:0D:00:31:C2:77:DF:56:64:DC:B7:C8:C3:8A:C6:51:C3:27:8C:0D
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 1E77
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/Mw0AMcJ331Zk3LfIw4rGUcMnjA0.roa
Signing time: Wed 13 Mar 2024 01:21:36 +0000
ROA not before: Wed 13 Mar 2024 01:21:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4816
IP address blocks: 103.39.224.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7799 (0x1e77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: Mar 13 01:21:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=330D0031C277DF5664DCB7C8C38AC651C3278C0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:90:dd:9d:fe:d2:f4:1c:0e:79:5e:ce:8f:04:
5b:6f:57:b3:33:18:f3:e1:d0:b4:86:8c:a4:08:65:
96:ae:e4:a2:b3:2e:f1:ef:fb:08:71:84:66:91:e7:
27:c4:2a:fe:fa:30:f3:d2:e0:9b:f1:8a:eb:ef:3c:
b2:42:7c:88:8d:62:64:db:44:7d:d2:08:98:1a:89:
96:bc:2b:db:74:ed:86:b5:ca:5a:5b:ad:74:e2:6f:
d2:ec:8c:69:d2:03:9d:f4:0b:ff:98:d2:e9:63:d4:
6a:27:49:2c:a9:9a:29:0b:b6:d3:6a:ea:f1:e7:a3:
c3:03:49:97:18:72:aa:d3:a7:3e:fe:28:63:c5:b0:
51:22:1c:f2:ec:a9:6c:36:f2:d3:d0:ad:ef:3f:69:
db:78:3f:66:34:4e:56:1e:b4:e6:71:a0:3d:5b:ba:
a1:75:c9:14:12:8d:c1:61:05:21:cd:5f:0f:82:7c:
69:4a:2f:25:dd:ac:5f:93:8d:ab:59:e1:7c:5f:64:
2c:6c:8f:9e:1c:11:0d:d3:08:ab:e8:e0:10:ae:9d:
36:94:db:a6:42:a0:91:3b:11:cd:e3:d3:42:89:12:
c0:9e:3f:26:a6:ce:18:51:57:85:33:14:5f:8f:c8:
1c:a7:66:b2:b2:d2:17:67:4b:a0:c1:29:6e:6b:90:
50:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:0D:00:31:C2:77:DF:56:64:DC:B7:C8:C3:8A:C6:51:C3:27:8C:0D
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/Mw0AMcJ331Zk3LfIw4rGUcMnjA0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.39.224.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:84:45:08:ef:01:72:30:e0:77:ce:1d:90:d6:a9:b2:05:29:
8f:54:6e:cb:1a:c4:23:28:49:7a:de:cf:d4:ed:f6:7d:d6:30:
0b:b5:3c:ae:a6:88:cd:cb:9f:8c:b8:47:8e:6e:9e:c2:59:05:
83:c2:81:16:af:e4:fd:88:ba:d5:f3:84:fc:fe:d6:21:00:a2:
7c:fc:b8:34:f3:1e:d3:bd:2f:88:18:f5:e3:1e:90:8b:5e:bf:
b5:30:08:68:0c:79:d6:80:d8:52:57:5f:51:79:22:21:c1:2b:
7f:fe:e9:eb:72:e7:10:5f:c8:2a:fa:b1:68:8f:57:0b:44:da:
6f:72:4d:62:25:9e:68:49:e1:38:07:7b:79:c8:75:27:e0:91:
a9:68:ab:a3:c2:26:a6:5c:79:e0:42:4c:b2:14:2c:43:a9:42:
df:98:c3:36:dc:01:3c:f6:2b:0e:cc:02:19:5e:20:ce:10:a9:
36:4c:94:30:b5:a6:6d:8c:5a:d6:db:cb:76:b4:43:8c:22:17:
49:85:c7:e0:e4:aa:5e:18:69:84:51:a3:fd:38:94:b6:b0:2f:
8b:04:06:31:2e:15:2d:02:ed:fd:44:e0:25:37:94:16:2c:23:
bc:18:07:b7:74:be:36:db:b2:08:2d:a1:49:dd:f9:06:38:fc:
55:b1:81:89
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHncwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNDAzMTMw
MTIxMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMzMEQwMDMxQzI3N0RG
NTY2NERDQjdDOEMzOEFDNjUxQzMyNzhDMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgkN2d/tL0HA55Xs6PBFtvV7MzGPPh0LSGjKQIZZau5KKzLvHv
+whxhGaR5yfEKv76MPPS4JvxiuvvPLJCfIiNYmTbRH3SCJgaiZa8K9t07Ya1ylpb
rXTib9LsjGnSA530C/+Y0ulj1GonSSypmikLttNq6vHno8MDSZcYcqrTpz7+KGPF
sFEiHPLsqWw28tPQre8/adt4P2Y0TlYetOZxoD1buqF1yRQSjcFhBSHNXw+CfGlK
LyXdrF+TjatZ4XxfZCxsj54cEQ3TCKvo4BCunTaU26ZCoJE7Ec3j00KJEsCePyam
zhhRV4UzFF+PyBynZrKy0hdnS6DBKW5rkFBJAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUMw0AMcJ331Zk3LfIw4rGUcMnjA0wHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvTXcwQU1jSjMzMVpr
M0xmSXc0ckdVY01uakEwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA2cn4DANBgkqhkiG9w0BAQsFAAOCAQEALYRFCO8BcjDgd84dkNapsgUpj1Ru
yxrEIyhJet7P1O32fdYwC7U8rqaIzcufjLhHjm6ewlkFg8KBFq/k/Yi61fOE/P7W
IQCifPy4NPMe070viBj14x6Qi16/tTAIaAx51oDYUldfUXkiIcErf/7p63LnEF/I
KvqxaI9XC0Tab3JNYiWeaEnhOAd7ech1J+CRqWiro8Implx54EJMshQsQ6lC35jD
NtwBPPYrDswCGV4gzhCpNkyUMLWmbYxa1tvLdrRDjCIXSYXH4OSqXhhphFGj/TiU
trAviwQGMS4VLQLt/UTgJTeUFiwjvBgHt3S+NtuyCC2hSd35Bjj8VbGBiQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:52 2025 by rpki-client