Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/_sY32bpnYHuhk-LoecC86lNfRZU.roa
File: _sY32bpnYHuhk-LoecC86lNfRZU.roa (raw, json)
Hash identifier: DZvK3eIm+gzA0uWRZkODAbVkxm4LmEKJ1L+/jHrS4f8=
Subject key identifier: FE:C6:37:D9:BA:67:60:7B:A1:93:E2:E8:79:C0:BC:EA:53:5F:45:95
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 1E75
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/_sY32bpnYHuhk-LoecC86lNfRZU.roa
Signing time: Wed 13 Mar 2024 01:21:35 +0000
ROA not before: Wed 13 Mar 2024 01:21:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4816
IP address blocks: 103.39.208.0/20 maxlen: 20
103.40.240.0/20 maxlen: 20
103.44.240.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7797 (0x1e75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: Mar 13 01:21:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FEC637D9BA67607BA193E2E879C0BCEA535F4595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d9:db:b5:99:04:cc:53:87:fd:78:5a:3b:77:
4d:55:3d:65:ca:60:b3:80:1c:cd:5d:65:c5:cb:48:
63:47:97:a2:d6:89:ba:0c:95:11:d1:f7:0c:86:86:
f8:dc:14:00:1c:d1:58:ca:93:0a:32:b7:8a:6c:31:
cf:f8:1f:89:5a:40:ad:4d:d7:ad:42:45:d0:e4:88:
fb:8e:29:63:a0:ee:1e:bb:57:dc:7f:b3:df:43:2b:
61:7c:4f:12:09:3e:67:d1:11:67:81:99:e5:bc:e7:
e6:f6:dc:f7:e5:ff:56:8d:74:22:71:99:1c:ca:77:
3e:cb:f0:d3:2c:cc:c5:0e:f9:56:32:00:37:f2:35:
95:60:ad:aa:45:af:68:e6:0a:3b:0e:e7:be:3c:ca:
e9:b9:e7:5a:e9:82:ae:dd:ec:4a:eb:c6:24:df:2b:
8a:0b:6c:58:3b:d5:03:35:be:40:00:78:d5:cd:58:
52:b6:91:c7:8e:96:f0:21:4b:61:51:e9:5d:af:a1:
f2:b2:00:16:90:b5:7b:ed:2b:f7:50:49:1c:22:47:
d7:ac:7e:0f:b6:ca:3e:13:5a:49:03:11:cc:8e:d3:
8b:83:35:69:44:68:c6:5e:7a:ab:76:f7:04:02:3d:
c7:a9:93:5b:f4:d4:a6:0b:62:44:20:cd:e6:78:3a:
48:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C6:37:D9:BA:67:60:7B:A1:93:E2:E8:79:C0:BC:EA:53:5F:45:95
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/_sY32bpnYHuhk-LoecC86lNfRZU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.39.208.0/20
103.40.240.0/20
103.44.240.0/20
Signature Algorithm: sha256WithRSAEncryption
88:0f:98:38:aa:83:65:ac:1e:4b:16:c4:f9:16:e7:fd:99:1b:
b7:f9:f8:18:f2:b8:7c:6e:31:48:05:e0:f7:4f:8b:12:44:36:
0d:01:03:fe:0a:d0:95:69:4d:72:ed:08:6e:e0:bc:90:ff:54:
92:54:47:a3:91:13:8e:b5:6e:81:82:a7:26:5c:6a:7c:9c:9f:
9b:53:f4:0c:37:cc:55:36:21:b4:0f:85:71:c7:0a:33:3b:56:
6f:94:5a:d9:20:3d:2a:00:bb:d9:4a:a8:92:64:a8:bd:15:83:
ac:7f:da:04:af:f2:fb:1c:96:9c:13:ba:39:ed:97:6f:3b:e4:
a7:3e:26:be:ab:7b:28:d0:b7:c7:e1:3d:d6:b9:9d:21:d2:c6:
be:c2:b7:fd:86:5e:c3:33:ee:24:80:89:8a:61:fc:d3:5a:d3:
5f:ef:ad:23:9b:c1:6b:fa:6d:17:76:08:56:c6:45:89:1e:9d:
fa:21:76:b5:0a:cb:d0:46:7f:41:64:ab:b3:ac:af:5e:22:87:
dd:d3:85:07:7f:f0:42:de:67:28:8c:af:fb:23:04:61:22:a9:
9d:58:5e:00:3d:73:55:44:78:c6:49:ba:1a:3e:a9:21:63:3b:
ff:24:c4:62:36:14:6e:ea:aa:fa:0a:c1:1c:5e:f6:36:c1:45:
49:02:0c:63
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgICHnUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNDAzMTMw
MTIxMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZFQzYzN0Q5QkE2NzYw
N0JBMTkzRTJFODc5QzBCQ0VBNTM1RjQ1OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC42du1mQTMU4f9eFo7d01VPWXKYLOAHM1dZcXLSGNHl6LWiboM
lRHR9wyGhvjcFAAc0VjKkwoyt4psMc/4H4laQK1N161CRdDkiPuOKWOg7h67V9x/
s99DK2F8TxIJPmfREWeBmeW85+b23Pfl/1aNdCJxmRzKdz7L8NMszMUO+VYyADfy
NZVgrapFr2jmCjsO5748yum551rpgq7d7ErrxiTfK4oLbFg71QM1vkAAeNXNWFK2
kceOlvAhS2FR6V2vofKyABaQtXvtK/dQSRwiR9esfg+2yj4TWkkDEcyO04uDNWlE
aMZeeqt29wQCPcepk1v01KYLYkQgzeZ4OkidAgMBAAGjggH/MIIB+zAdBgNVHQ4E
FgQU/sY32bpnYHuhk+LoecC86lNfRZUwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvX3NZMzJicG5ZSHVo
ay1Mb2VjQzg2bE5mUlpVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEw
EgMEBGcn0AMEBGco8AMEBGcs8DANBgkqhkiG9w0BAQsFAAOCAQEAiA+YOKqDZawe
SxbE+Rbn/Zkbt/n4GPK4fG4xSAXg90+LEkQ2DQED/grQlWlNcu0IbuC8kP9UklRH
o5ETjrVugYKnJlxqfJyfm1P0DDfMVTYhtA+FcccKMztWb5Ra2SA9KgC72UqokmSo
vRWDrH/aBK/y+xyWnBO6Oe2Xbzvkpz4mvqt7KNC3x+E91rmdIdLGvsK3/YZewzPu
JICJimH801rTX++tI5vBa/ptF3YIVsZFiR6d+iF2tQrL0EZ/QWSrs6yvXiKH3dOF
B3/wQt5nKIyv+yMEYSKpnVheAD1zVUR4xkm6Gj6pIWM7/yTEYjYUbuqq+grBHF72
NsFFSQIMYw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:38 2025 by rpki-client