Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1823/yfvPex2Bv8fj70JMombPB9eR9JM.roa
File: yfvPex2Bv8fj70JMombPB9eR9JM.roa (raw, json)
Hash identifier: 0tkl5Cb65JEm4umqPw3YujQtcmrx7NqySi3D3sojVx8=
Subject key identifier: C9:FB:CF:7B:1D:81:BF:C7:E3:EF:42:4C:A2:66:CF:07:D7:91:F4:93
Certificate issuer: /CN=46E7400FC97FC7A2093E054CF0DF42CB77564023
Certificate serial: 2A
Authority key identifier: 46:E7:40:0F:C9:7F:C7:A2:09:3E:05:4C:F0:DF:42:CB:77:56:40:23
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RudAD8l_x6IJPgVM8N9Cy3dWQCM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/yfvPex2Bv8fj70JMombPB9eR9JM.roa
Signing time: Tue 01 Oct 2024 13:25:23 +0000
ROA not before: Tue 01 Oct 2024 13:25:23 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 1449
IP address blocks: 103.59.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42 (0x2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46E7400FC97FC7A2093E054CF0DF42CB77564023
Validity
Not Before: Oct 1 13:25:23 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=C9FBCF7B1D81BFC7E3EF424CA266CF07D791F493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:7a:38:ce:d4:d2:12:57:e9:1f:c5:ad:54:44:
97:c2:03:a4:e0:b4:68:c1:2f:82:63:b6:f3:4b:25:
4f:d8:f5:14:e1:6b:cb:6a:cb:ab:89:09:bc:28:79:
0b:6d:76:45:4c:80:fc:da:bb:6b:19:fa:ba:69:6f:
48:fb:06:ea:1e:ae:8f:e2:29:9d:82:0f:69:cc:e5:
a1:06:77:6d:c1:01:75:54:fe:85:95:62:83:ce:26:
c1:70:65:c5:62:09:28:13:4a:36:c6:18:3f:84:30:
b2:79:42:3a:ac:3e:c8:cf:80:66:55:e6:08:ec:2f:
33:bb:81:ed:ee:1a:e5:43:4b:d7:d1:94:ab:5b:b1:
26:03:d6:00:68:94:fd:57:75:e1:1f:f7:59:bb:34:
6d:e3:46:53:de:86:35:df:48:40:6e:5f:2e:af:42:
fb:ef:60:71:99:72:32:ac:1a:4c:7e:d5:aa:bd:6a:
a6:8d:9f:f3:8f:ee:4f:4d:34:60:e9:93:fc:f3:4f:
09:af:a3:a0:da:b6:bf:5c:a7:08:bf:78:ff:53:67:
a0:e0:4e:ad:6e:68:69:47:da:d4:03:6f:d0:43:94:
f7:13:ad:8b:04:70:37:f1:38:70:4d:d5:ff:a1:24:
66:af:10:4c:3c:f3:b9:64:da:c7:db:85:1b:94:60:
d0:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:FB:CF:7B:1D:81:BF:C7:E3:EF:42:4C:A2:66:CF:07:D7:91:F4:93
X509v3 Authority Key Identifier:
keyid:46:E7:40:0F:C9:7F:C7:A2:09:3E:05:4C:F0:DF:42:CB:77:56:40:23
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/RudAD8l_x6IJPgVM8N9Cy3dWQCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RudAD8l_x6IJPgVM8N9Cy3dWQCM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/yfvPex2Bv8fj70JMombPB9eR9JM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.59.123.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:49:cc:ce:02:2c:c6:08:06:ca:f4:95:11:40:3b:f6:4a:d4:
02:36:df:44:e6:d8:63:3b:e1:bc:73:71:fd:1c:a7:0d:e0:45:
63:03:37:9b:12:d0:a8:8e:4a:c3:f9:95:d4:3c:f7:28:b5:7e:
c7:af:ef:95:0c:72:df:c7:74:3c:9d:74:64:b7:f2:49:92:48:
1a:f4:4f:5f:0f:fc:95:44:d9:48:ae:dd:d4:3d:d1:06:45:fd:
19:38:f5:65:9c:1e:af:e5:1f:a7:05:12:bf:56:96:c4:d4:43:
a6:70:1a:96:47:0d:15:78:f2:56:86:a6:18:4f:0f:18:67:51:
22:81:fd:b4:6a:44:6a:20:87:bc:9c:bb:76:97:84:72:ba:2a:
09:da:e5:71:22:1d:f8:f0:78:36:0d:e9:63:64:42:9c:fd:e4:
de:58:71:e2:d6:91:5c:7a:62:5c:da:56:e8:4d:ac:94:7d:65:
05:6e:98:21:71:28:3f:fc:e9:81:cc:fd:9a:1a:53:d7:16:04:
7e:64:c8:24:9b:ab:e2:68:b0:c4:a8:66:fb:8e:58:8c:89:22:
a4:5f:3d:9a:94:39:5a:58:ca:8a:9f:19:0d:7b:60:23:80:fb:
5b:1f:0a:1e:11:0a:d4:cf:5a:89:03:c9:fb:5c:19:ac:b1:46:
f4:1f:c1:c0
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0NkU3
NDAwRkM5N0ZDN0EyMDkzRTA1NENGMERGNDJDQjc3NTY0MDIzMB4XDTI0MTAwMTEz
MjUyM1oXDTI1MDkyNzAyNDAxNFowMzExMC8GA1UEAxMoQzlGQkNGN0IxRDgxQkZD
N0UzRUY0MjRDQTI2NkNGMDdENzkxRjQ5MzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAPh6OM7U0hJX6R/FrVREl8IDpOC0aMEvgmO280slT9j1FOFry2rL
q4kJvCh5C212RUyA/Nq7axn6umlvSPsG6h6uj+IpnYIPaczloQZ3bcEBdVT+hZVi
g84mwXBlxWIJKBNKNsYYP4QwsnlCOqw+yM+AZlXmCOwvM7uB7e4a5UNL19GUq1ux
JgPWAGiU/Vd14R/3Wbs0beNGU96GNd9IQG5fLq9C++9gcZlyMqwaTH7Vqr1qpo2f
84/uT000YOmT/PNPCa+joNq2v1ynCL94/1NnoOBOrW5oaUfa1ANv0EOU9xOtiwRw
N/E4cE3V/6EkZq8QTDzzuWTax9uFG5Rg0OkCAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBTJ+897HYG/x+PvQkyiZs8H15H0kzAfBgNVHSMEGDAWgBRG50APyX/Hogk+BUzw
30LLd1ZAIzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xODIz
L1J1ZEFEOGxfeDZJSlBnVk04TjlDeTNkV1FDTS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvUnVkQUQ4bF94NklKUGdWTThOOUN5M2RXUUNNLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgyMy95ZnZQZXgyQnY4Zmo3
MEpNb21iUEI5ZVI5Sk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZzt7MA0GCSqGSIb3DQEBCwUAA4IBAQBdSczOAizGCAbK9JURQDv2StQCNt9E
5thjO+G8c3H9HKcN4EVjAzebEtCojkrD+ZXUPPcotX7Hr++VDHLfx3Q8nXRkt/JJ
kkga9E9fD/yVRNlIrt3UPdEGRf0ZOPVlnB6v5R+nBRK/VpbE1EOmcBqWRw0VePJW
hqYYTw8YZ1Eigf20akRqIIe8nLt2l4RyuioJ2uVxIh348Hg2DeljZEKc/eTeWHHi
1pFcemJc2lboTayUfWUFbpghcSg//OmBzP2aGlPXFgR+ZMgkm6viaLDEqGb7jliM
iSKkXz2alDlaWMqKnxkNe2AjgPtbHwoeEQrUz1qJA8n7XBmssUb0H8HA
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:02:15 2025 by rpki-client