Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2072/56m64Ou0nCfyZ4zVW6CqefNP7gY.roa
File: 56m64Ou0nCfyZ4zVW6CqefNP7gY.roa (raw, json)
Hash identifier: 7Ep7Bwvng+B6VLF371ylPSSDWFXrMowJ7fainn1ZrrQ=
Subject key identifier: E7:A9:BA:E0:EB:B4:9C:27:F2:67:8C:D5:5B:A0:AA:79:F3:4F:EE:06
Certificate issuer: /CN=BCF4017A6E2915F26147D419E5F7A7D164D04984
Certificate serial: 1BCF
Authority key identifier: BC:F4:01:7A:6E:29:15:F2:61:47:D4:19:E5:F7:A7:D1:64:D0:49:84
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vPQBem4pFfJhR9QZ5fen0WTQSYQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/56m64Ou0nCfyZ4zVW6CqefNP7gY.roa
Signing time: Fri 17 Jan 2025 01:24:20 +0000
ROA not before: Fri 17 Jan 2025 01:24:20 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 133199
IP address blocks: 103.67.173.0/24 maxlen: 24
103.67.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7119 (0x1bcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BCF4017A6E2915F26147D419E5F7A7D164D04984
Validity
Not Before: Jan 17 01:24:20 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=E7A9BAE0EBB49C27F2678CD55BA0AA79F34FEE06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b1:80:9b:5c:91:e9:48:43:2e:b3:62:0c:40:
cf:67:46:a9:92:22:67:37:5e:43:2b:a0:9b:c1:00:
6d:d6:f1:a0:44:f7:61:42:e9:a6:45:0a:ea:24:dd:
2d:9d:b4:36:bf:4f:96:5d:f6:d8:18:b8:d7:6e:02:
81:05:66:74:40:54:b3:26:49:0d:be:fe:14:79:52:
e0:0c:cb:4c:c4:0b:43:21:32:79:5f:df:55:fb:2d:
25:2c:f2:8b:a8:bc:67:6e:55:6a:88:2d:1c:8d:8b:
31:ce:86:6d:7d:d7:01:e5:36:8c:84:07:c7:19:3d:
e4:e9:ed:6a:14:17:20:4e:46:ed:11:b1:f2:67:38:
c8:ba:a1:b9:d4:d5:38:5a:c6:4e:70:3e:49:d3:25:
a2:07:dc:39:cc:67:ed:3f:c1:e7:54:02:30:ac:7d:
ea:2e:50:62:ec:de:57:39:e5:5e:bf:b9:53:b8:2a:
1e:a0:f9:21:ca:73:85:43:96:58:de:1e:66:04:1a:
c5:31:a9:e4:4e:87:56:fc:36:7c:ce:20:4e:90:d8:
81:cc:53:8f:77:3b:fb:5a:ba:4d:1b:d6:89:c8:e5:
d9:74:e4:6e:58:5e:2d:9d:11:86:e6:81:bf:ce:cc:
89:5a:57:b0:b8:58:67:52:7e:7e:f4:dc:11:fb:5b:
35:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A9:BA:E0:EB:B4:9C:27:F2:67:8C:D5:5B:A0:AA:79:F3:4F:EE:06
X509v3 Authority Key Identifier:
keyid:BC:F4:01:7A:6E:29:15:F2:61:47:D4:19:E5:F7:A7:D1:64:D0:49:84
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vPQBem4pFfJhR9QZ5fen0WTQSYQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/56m64Ou0nCfyZ4zVW6CqefNP7gY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.67.173.0-103.67.174.255
Signature Algorithm: sha256WithRSAEncryption
38:cb:26:cb:d9:a8:6e:b8:ce:fb:e9:70:65:d3:e4:54:ac:59:
12:6b:ee:0e:48:df:3b:43:2a:f2:af:f1:95:95:7c:61:c9:18:
6b:8f:aa:c5:52:05:6d:53:0d:36:68:6d:04:2b:fe:e6:5c:15:
2b:de:f3:75:ed:d5:40:8f:66:c7:37:13:57:c1:c5:a2:7a:ad:
7c:bd:94:c4:40:fa:40:0f:66:7a:3a:6d:29:9c:d3:01:47:d7:
f4:c3:e6:e7:5d:c6:6b:fb:1f:cf:4d:8d:af:c0:9e:42:67:f1:
6f:6d:74:ed:5e:77:56:7a:2a:8a:d9:95:96:7d:3c:2a:9c:61:
66:8b:a2:5f:92:42:bb:e8:57:d7:ce:d2:dc:64:3e:7e:9c:39:
75:c7:43:4d:95:47:fd:0e:c0:96:05:d9:ba:d4:20:26:ff:78:
ea:7a:1c:58:b4:8d:1d:ef:8a:33:cc:41:fe:57:24:5c:7f:fb:
5c:5a:61:03:c0:b0:c7:6f:f4:4a:ee:d6:01:77:8d:b9:44:02:
e3:dd:5f:8d:91:6e:b4:5e:f7:49:05:04:f6:e9:a8:c3:f3:7c:
db:84:5c:53:5e:ef:16:b9:a1:bf:bb:84:03:68:1e:94:a0:fa:
89:fd:09:74:86:f4:bc:20:a5:00:d5:00:29:8e:02:30:e0:20:
59:f0:51:3b
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgICG88wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkNG
NDAxN0E2RTI5MTVGMjYxNDdENDE5RTVGN0E3RDE2NEQwNDk4NDAeFw0yNTAxMTcw
MTI0MjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEU3QTlCQUUwRUJCNDlD
MjdGMjY3OENENTVCQTBBQTc5RjM0RkVFMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgsYCbXJHpSEMus2IMQM9nRqmSImc3XkMroJvBAG3W8aBE92FC
6aZFCuok3S2dtDa/T5Zd9tgYuNduAoEFZnRAVLMmSQ2+/hR5UuAMy0zEC0MhMnlf
31X7LSUs8ouovGduVWqILRyNizHOhm191wHlNoyEB8cZPeTp7WoUFyBORu0RsfJn
OMi6obnU1Thaxk5wPknTJaIH3DnMZ+0/wedUAjCsfeouUGLs3lc55V6/uVO4Kh6g
+SHKc4VDlljeHmYEGsUxqeROh1b8NnzOIE6Q2IHMU493O/tauk0b1onI5dl05G5Y
Xi2dEYbmgb/OzIlaV7C4WGdSfn703BH7WzUfAgMBAAGjggH7MIIB9zAdBgNVHQ4E
FgQU56m64Ou0nCfyZ4zVW6CqefNP7gYwHwYDVR0jBBgwFoAUvPQBem4pFfJhR9QZ
5fen0WTQSYQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA3
Mi92UFFCZW00cEZmSmhSOVFaNWZlbjBXVFFTWVEuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3ZQUUJlbTRwRmZKaFI5UVo1ZmVuMFdUUVNZUS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNzIvNTZtNjRPdTBuQ2Z5
WjR6Vlc2Q3FlZk5QN2dZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEw
DjAMAwQAZ0OtAwQAZ0OuMA0GCSqGSIb3DQEBCwUAA4IBAQA4yybL2ahuuM776XBl
0+RUrFkSa+4OSN87Qyryr/GVlXxhyRhrj6rFUgVtUw02aG0EK/7mXBUr3vN17dVA
j2bHNxNXwcWieq18vZTEQPpAD2Z6Om0pnNMBR9f0w+bnXcZr+x/PTY2vwJ5CZ/Fv
bXTtXndWeiqK2ZWWfTwqnGFmi6JfkkK76FfXztLcZD5+nDl1x0NNlUf9DsCWBdm6
1CAm/3jqehxYtI0d74ozzEH+VyRcf/tcWmEDwLDHb/RK7tYBd425RALj3V+NkW60
XvdJBQT26ajD83zbhFxTXu8WuaG/u4QDaB6UoPqJ/Ql0hvS8IKUA1QApjgIw4CBZ
8FE7
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:35:08 2025 by rpki-client