Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2075/Dda1ORCU2_NRmawDQ95QYagO1-g.roa
File: Dda1ORCU2_NRmawDQ95QYagO1-g.roa (raw, json)
Hash identifier: HDFHBOwUGh5p+Tl1qSvZ6ShpFv1JqorTkzI8IXMu/Ns=
Subject key identifier: 0D:D6:B5:39:10:94:DB:F3:51:99:AC:03:43:DE:50:61:A8:0E:D7:E8
Certificate issuer: /CN=E98A5958665F34A26A3DCAF94C63B33A07059A53
Certificate serial: 48F4
Authority key identifier: E9:8A:59:58:66:5F:34:A2:6A:3D:CA:F9:4C:63:B3:3A:07:05:9A:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6YpZWGZfNKJqPcr5TGOzOgcFmlM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/Dda1ORCU2_NRmawDQ95QYagO1-g.roa
Signing time: Sat 15 Jun 2024 19:55:55 +0000
ROA not before: Sat 15 Jun 2024 19:55:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 131530
IP address blocks: 103.72.120.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18676 (0x48f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E98A5958665F34A26A3DCAF94C63B33A07059A53
Validity
Not Before: Jun 15 19:55:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0DD6B5391094DBF35199AC0343DE5061A80ED7E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5b:1d:4d:be:8d:a7:f7:c5:41:d2:7f:07:60:
aa:19:0c:2f:4d:37:47:b4:b3:8f:a9:67:27:ca:57:
50:b1:74:65:b2:d9:d5:07:38:9c:59:22:58:cf:c5:
05:25:3e:e6:de:72:d7:b8:7b:a0:59:ce:f8:5a:64:
f7:fe:19:8d:39:40:6b:d6:a6:38:f6:06:c6:de:5a:
85:fa:bb:51:58:0c:3a:07:c0:a8:32:6d:7e:61:ac:
91:d8:e5:df:c3:06:57:53:17:d1:ba:bb:fe:5e:36:
6b:e1:01:83:1b:36:91:93:ab:14:82:54:99:66:e4:
9c:03:f7:6c:dd:e0:9e:56:4f:34:c9:18:b8:e5:34:
6d:1e:12:3e:8a:00:58:bb:e7:f7:26:de:cb:ac:ad:
e3:cb:b2:12:5c:ee:9e:27:17:8b:d3:b1:68:83:d0:
ba:9a:c5:47:4f:5f:99:c6:9c:87:8f:09:af:eb:08:
bf:f2:cc:73:13:bf:de:11:c3:07:06:5c:4d:40:48:
03:2d:f3:10:1c:84:30:ff:f2:e7:20:2c:b3:a4:6a:
12:6b:1f:82:58:6d:6f:24:01:cc:8b:8b:e3:7f:05:
82:90:61:a6:7a:e6:e0:91:dd:c3:e9:7a:73:af:d3:
b4:39:3c:6b:17:b3:e5:01:27:2f:1f:97:28:1a:c6:
53:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D6:B5:39:10:94:DB:F3:51:99:AC:03:43:DE:50:61:A8:0E:D7:E8
X509v3 Authority Key Identifier:
keyid:E9:8A:59:58:66:5F:34:A2:6A:3D:CA:F9:4C:63:B3:3A:07:05:9A:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/6YpZWGZfNKJqPcr5TGOzOgcFmlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6YpZWGZfNKJqPcr5TGOzOgcFmlM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/Dda1ORCU2_NRmawDQ95QYagO1-g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.120.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:a7:3b:2e:15:48:da:9b:02:8a:3c:de:b0:86:be:9f:d9:ab:
13:a3:e5:49:39:9a:0d:b0:db:0f:8e:f2:ed:37:c6:8a:d2:98:
56:99:87:ce:64:04:2b:5d:c8:db:50:5f:1f:39:30:00:ad:dc:
30:e4:ea:44:16:f0:ba:52:8c:6d:0e:9c:c5:b6:11:80:b9:d1:
ad:23:80:c5:9b:98:93:ec:49:15:71:c5:c8:7b:d7:1d:a3:a6:
e0:29:b6:bb:79:c8:de:a1:96:69:f5:a8:82:50:eb:f5:ab:05:
b3:f6:db:3a:3c:eb:4d:e9:cf:f2:cb:aa:11:83:1f:0d:af:b5:
47:d3:7a:cb:3c:68:7c:db:5a:a7:95:ca:38:17:4e:c7:45:f3:
e1:23:86:45:0b:17:4b:13:96:98:97:fd:41:a5:ad:88:be:0c:
e1:16:8f:45:35:5d:d6:9c:39:39:c6:d1:48:5e:8a:4e:c8:5e:
b8:45:c3:41:a4:ad:10:c7:7f:35:9f:1c:ed:eb:74:fb:8f:04:
cf:9d:7d:e1:ed:72:e1:c4:29:26:0b:77:f3:c0:ce:83:d5:75:
d1:00:68:0c:f1:32:96:f4:e8:e9:20:c3:12:c2:2f:ca:6a:3e:
15:54:21:58:cd:3c:c9:cf:bd:e5:e0:9a:0b:6c:38:72:d3:6d:
a8:7b:a9:c8
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICSPQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTk4
QTU5NTg2NjVGMzRBMjZBM0RDQUY5NEM2M0IzM0EwNzA1OUE1MzAeFw0yNDA2MTUx
OTU1NTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBERDZCNTM5MTA5NERC
RjM1MTk5QUMwMzQzREU1MDYxQTgwRUQ3RTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+Wx1Nvo2n98VB0n8HYKoZDC9NN0e0s4+pZyfKV1CxdGWy2dUH
OJxZIljPxQUlPubecte4e6BZzvhaZPf+GY05QGvWpjj2BsbeWoX6u1FYDDoHwKgy
bX5hrJHY5d/DBldTF9G6u/5eNmvhAYMbNpGTqxSCVJlm5JwD92zd4J5WTzTJGLjl
NG0eEj6KAFi75/cm3susrePLshJc7p4nF4vTsWiD0LqaxUdPX5nGnIePCa/rCL/y
zHMTv94RwwcGXE1ASAMt8xAchDD/8ucgLLOkahJrH4JYbW8kAcyLi+N/BYKQYaZ6
5uCR3cPpenOv07Q5PGsXs+UBJy8flygaxlMpAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUDda1ORCU2/NRmawDQ95QYagO1+gwHwYDVR0jBBgwFoAU6YpZWGZfNKJqPcr5
TGOzOgcFmlMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA3
NS82WXBaV0daZk5LSnFQY3I1VEdPek9nY0ZtbE0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzZZcFpXR1pmTktKcVBjcjVUR096T2djRm1sTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNzUvRGRhMU9SQ1UyX05S
bWF3RFE5NVFZYWdPMS1nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdIeDANBgkqhkiG9w0BAQsFAAOCAQEAsqc7LhVI2psCijzesIa+n9mrE6Pl
STmaDbDbD47y7TfGitKYVpmHzmQEK13I21BfHzkwAK3cMOTqRBbwulKMbQ6cxbYR
gLnRrSOAxZuYk+xJFXHFyHvXHaOm4Cm2u3nI3qGWafWoglDr9asFs/bbOjzrTenP
8suqEYMfDa+1R9N6yzxofNtap5XKOBdOx0Xz4SOGRQsXSxOWmJf9QaWtiL4M4RaP
RTVd1pw5OcbRSF6KTsheuEXDQaStEMd/NZ8c7et0+48Ez5194e1y4cQpJgt388DO
g9V10QBoDPEylvTo6SDDEsIvymo+FVQhWM08yc+95eCaC2w4ctNtqHupyA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:06 2025 by rpki-client