Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/OFb16qiKV-ii6yDwaCXbU2B4frs.roa
File: OFb16qiKV-ii6yDwaCXbU2B4frs.roa (raw, json)
Hash identifier: zLcZyjzbKuVPCGSGmrW0b6hqPp0C71AlyYXmHNIhZQk=
Subject key identifier: 38:56:F5:EA:A8:8A:57:E8:A2:EB:20:F0:68:25:DB:53:60:78:7E:BB
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 3055
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/OFb16qiKV-ii6yDwaCXbU2B4frs.roa
Signing time: Sun 30 Mar 2025 19:58:16 +0000
ROA not before: Sun 30 Mar 2025 19:58:16 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4816
IP address blocks: 103.44.236.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12373 (0x3055)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: Mar 30 19:58:16 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=3856F5EAA88A57E8A2EB20F06825DB5360787EBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:10:6c:12:24:f9:f2:49:7d:0f:a3:36:f0:f2:
73:6a:ad:26:ec:99:26:52:42:67:7a:49:ed:cf:f9:
56:b9:cc:02:47:3f:a9:9e:45:2e:3d:96:e3:80:5a:
be:db:af:38:25:ea:7c:f8:9a:03:b8:29:ce:11:cc:
b9:b7:f1:df:8d:3a:62:6c:88:92:fa:20:e5:6a:b4:
30:6b:10:d7:4f:4c:42:28:8c:46:e1:7b:88:e1:46:
aa:41:4e:09:63:21:67:18:9d:ca:f1:f3:f7:de:58:
3b:db:d3:44:9f:da:7d:ee:b5:a1:0e:30:e0:ed:a8:
c7:18:a8:1b:8b:bc:d2:53:22:46:86:7f:f9:e8:15:
50:3f:1a:bb:38:6d:83:f4:2b:00:db:81:2b:d6:23:
37:55:fa:a1:4a:73:ec:3c:26:99:3f:cd:bd:25:42:
00:c4:88:3f:22:e7:9c:57:19:0f:8a:6d:54:0f:bf:
a5:18:28:87:a8:4a:b7:17:7b:a4:e2:1f:f0:81:dd:
c8:9e:19:5d:90:bc:2e:99:c0:bb:55:98:9b:c4:60:
ed:8a:6b:52:b8:bf:88:de:c7:fd:88:99:35:6c:06:
ed:55:ce:dd:ee:f2:32:00:f8:9a:0d:f0:b4:aa:94:
23:21:52:64:75:20:70:77:4a:26:ab:d3:43:06:e1:
d0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:56:F5:EA:A8:8A:57:E8:A2:EB:20:F0:68:25:DB:53:60:78:7E:BB
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/OFb16qiKV-ii6yDwaCXbU2B4frs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.44.236.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:a2:0f:00:fa:76:0a:46:ca:2f:97:b4:10:b9:0c:d7:46:da:
51:72:5f:15:a1:f0:55:2e:32:79:e8:40:8d:e9:05:f0:d2:d7:
a2:5f:ea:97:13:3a:b8:13:fe:b6:0c:5f:25:53:7d:a8:8a:38:
3a:df:8f:89:f0:9e:b8:87:c1:fb:d5:71:99:8f:fb:a7:c0:1c:
98:e7:a9:9c:de:86:e4:4b:6b:1d:d3:db:f1:24:89:7e:64:2c:
09:e0:f4:7a:71:bd:46:9e:fb:fb:1b:b4:2e:97:35:51:1b:09:
c4:31:a9:54:07:d7:3d:82:60:e5:71:30:b3:8a:4b:f5:be:dc:
86:da:ae:16:a7:b2:d9:a6:69:49:c2:89:77:db:a1:8a:85:fd:
4b:9d:b4:4d:1b:56:30:be:58:50:bc:d6:b3:79:02:a6:b4:72:
fe:99:16:db:e4:c5:f6:5b:2d:4a:23:11:ee:14:f4:23:a1:0c:
1a:3f:24:a4:ff:49:f3:00:95:42:5a:0f:28:bb:13:c5:84:2e:
a2:ff:0c:91:df:22:e8:a6:f5:9c:28:00:37:ac:8b:05:e7:41:
f1:6d:2b:f5:0a:87:a2:e0:71:9a:35:18:f8:3a:75:ab:9a:e3:
8b:37:14:64:69:6a:e0:21:cc:f9:29:ea:c6:1f:3a:3b:66:19:
29:e3:73:1e
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICMFUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTAzMzAx
OTU4MTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM4NTZGNUVBQTg4QTU3
RThBMkVCMjBGMDY4MjVEQjUzNjA3ODdFQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDREGwSJPnySX0Pozbw8nNqrSbsmSZSQmd6Se3P+Va5zAJHP6me
RS49luOAWr7brzgl6nz4mgO4Kc4RzLm38d+NOmJsiJL6IOVqtDBrENdPTEIojEbh
e4jhRqpBTgljIWcYncrx8/feWDvb00Sf2n3utaEOMODtqMcYqBuLvNJTIkaGf/no
FVA/Grs4bYP0KwDbgSvWIzdV+qFKc+w8Jpk/zb0lQgDEiD8i55xXGQ+KbVQPv6UY
KIeoSrcXe6TiH/CB3cieGV2QvC6ZwLtVmJvEYO2Ka1K4v4jex/2ImTVsBu1Vzt3u
8jIA+JoN8LSqlCMhUmR1IHB3Siar00MG4dBJAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUOFb16qiKV+ii6yDwaCXbU2B4frswHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvT0ZiMTZxaUtWLWlp
NnlEd2FDWGJVMkI0ZnJzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmcs7DANBgkqhkiG9w0BAQsFAAOCAQEADKIPAPp2CkbKL5e0ELkM10baUXJf
FaHwVS4yeehAjekF8NLXol/qlxM6uBP+tgxfJVN9qIo4Ot+PifCeuIfB+9VxmY/7
p8AcmOepnN6G5EtrHdPb8SSJfmQsCeD0enG9Rp77+xu0Lpc1URsJxDGpVAfXPYJg
5XEws4pL9b7chtquFqey2aZpScKJd9uhioX9S520TRtWML5YULzWs3kCprRy/pkW
2+TF9lstSiMR7hT0I6EMGj8kpP9J8wCVQloPKLsTxYQuov8Mkd8i6Kb1nCgAN6yL
BedB8W0r9QqHouBxmjUY+Dp1q5rjizcUZGlq4CHM+Snqxh86O2YZKeNzHg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:48 2025 by rpki-client