Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2522/GAU6fTVLzPvhgGam3apyOlV2Qic.roa
File: GAU6fTVLzPvhgGam3apyOlV2Qic.roa (raw, json)
Hash identifier: TmNNjq+nUNESGyizR83srh9KU2Q2g+LfpZqAray8aBs=
Subject key identifier: 18:05:3A:7D:35:4B:CC:FB:E1:80:66:A6:DD:AA:72:3A:55:76:42:27
Certificate issuer: /CN=4087DAB67172836B082075CE18BE5E5FA45D5E95
Certificate serial: 15E3
Authority key identifier: 40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/GAU6fTVLzPvhgGam3apyOlV2Qic.roa
Signing time: Wed 13 Mar 2024 01:20:48 +0000
ROA not before: Wed 13 Mar 2024 01:20:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 131567
IP address blocks: 103.96.8.0/22 maxlen: 24
103.96.8.0/24 maxlen: 24
103.96.9.0/24 maxlen: 24
103.96.10.0/24 maxlen: 24
103.96.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5603 (0x15e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4087DAB67172836B082075CE18BE5E5FA45D5E95
Validity
Not Before: Mar 13 01:20:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=18053A7D354BCCFBE18066A6DDAA723A55764227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ee:44:e2:23:f6:30:e4:da:68:6e:c8:0b:19:
1c:b9:a4:df:51:ca:b9:4f:1e:6b:2d:d2:55:09:d9:
ba:48:2f:1a:ae:ad:31:41:60:b8:bc:81:6c:92:a7:
bb:ad:71:c8:a5:ba:fa:9c:bb:25:3c:c9:89:c0:5f:
f4:44:08:0e:f1:5e:9e:e8:e3:3f:2f:c1:2d:cb:c4:
56:ca:4f:f1:50:2f:01:1b:8f:bc:78:9c:eb:64:c3:
65:09:e6:fe:54:be:f6:ea:58:4b:f2:83:53:83:78:
6d:10:51:68:86:13:19:df:1a:95:1c:32:f6:ad:57:
98:0a:bb:fb:8c:fe:28:74:a5:ce:ac:36:15:26:90:
28:f5:41:5c:15:c1:b2:1f:77:68:cc:ee:36:c9:24:
5e:ab:df:24:52:69:5e:ee:f9:a8:f4:9a:59:b2:c0:
21:eb:1b:a5:87:a7:69:7d:13:70:73:07:86:32:d7:
a8:dd:cc:02:e4:6e:fe:d9:35:64:83:ca:6f:24:f4:
4a:67:91:41:13:92:62:1e:ae:d2:99:49:60:99:f1:
24:94:fd:a8:1f:9b:86:a1:8c:80:24:1c:d4:d9:29:
15:a3:24:16:5b:92:f3:3f:bd:f0:c1:90:cd:65:bd:
a9:33:21:c7:ea:78:69:68:1e:95:90:c1:d6:ef:59:
28:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:05:3A:7D:35:4B:CC:FB:E1:80:66:A6:DD:AA:72:3A:55:76:42:27
X509v3 Authority Key Identifier:
keyid:40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/GAU6fTVLzPvhgGam3apyOlV2Qic.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.96.8.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:25:e2:20:ca:91:fc:d6:b8:b3:05:b7:4a:e5:16:77:da:b4:
92:2b:47:99:fd:5a:4a:3a:a1:25:58:83:2e:2a:30:79:89:14:
78:e7:e4:07:fe:55:ff:56:0a:45:c3:1b:d8:e0:70:b0:b8:4c:
14:e0:b7:99:87:44:88:b7:61:b2:c5:71:90:4e:91:e7:1a:5f:
21:ef:ee:41:94:4b:f5:dc:e2:28:51:f8:41:f6:9c:9e:bb:ea:
e3:bf:96:51:0a:f1:ea:fa:a3:0d:b5:c2:86:99:32:68:12:4a:
39:4a:19:45:9d:4b:40:7a:88:67:0d:38:54:b7:c3:3a:8d:ac:
fa:97:9e:d8:74:51:06:73:eb:aa:74:d2:5f:c7:a9:18:2c:47:
f7:50:c6:35:4e:57:a0:23:21:a2:62:fa:a0:8b:82:2f:0d:bd:
b8:6e:8e:76:02:0e:bc:83:84:b8:6f:cf:43:1a:6f:3d:d8:1e:
49:1c:5b:22:c0:c0:29:bb:27:80:53:21:a0:a1:e4:71:e0:e9:
73:72:09:9b:25:b6:c8:03:9d:c8:cb:9f:e6:62:47:0c:7e:0d:
b7:b5:35:8d:79:7f:c9:e2:33:ee:f4:75:12:98:82:21:c9:3f:
06:0b:70:b7:51:82:ed:51:6e:cb:0e:a2:25:8f:52:05:4a:50:
0c:1c:4e:d8
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFeMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDA4
N0RBQjY3MTcyODM2QjA4MjA3NUNFMThCRTVFNUZBNDVENUU5NTAeFw0yNDAzMTMw
MTIwNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4MDUzQTdEMzU0QkND
RkJFMTgwNjZBNkREQUE3MjNBNTU3NjQyMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDO7kTiI/Yw5NpobsgLGRy5pN9RyrlPHmst0lUJ2bpILxqurTFB
YLi8gWySp7utcciluvqcuyU8yYnAX/RECA7xXp7o4z8vwS3LxFbKT/FQLwEbj7x4
nOtkw2UJ5v5UvvbqWEvyg1ODeG0QUWiGExnfGpUcMvatV5gKu/uM/ih0pc6sNhUm
kCj1QVwVwbIfd2jM7jbJJF6r3yRSaV7u+aj0mlmywCHrG6WHp2l9E3BzB4Yy16jd
zALkbv7ZNWSDym8k9EpnkUETkmIertKZSWCZ8SSU/agfm4ahjIAkHNTZKRWjJBZb
kvM/vfDBkM1lvakzIcfqeGloHpWQwdbvWSjBAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUGAU6fTVLzPvhgGam3apyOlV2QicwHwYDVR0jBBgwFoAUQIfatnFyg2sIIHXO
GL5eX6RdXpUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUy
Mi9RSWZhdG5GeWcyc0lJSFhPR0w1ZVg2UmRYcFUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1FJZmF0bkZ5ZzJzSUlIWE9HTDVlWDZSZFhwVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MjIvR0FVNmZUVkx6UHZo
Z0dhbTNhcHlPbFYyUWljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdgCDANBgkqhkiG9w0BAQsFAAOCAQEAnyXiIMqR/Na4swW3SuUWd9q0kitH
mf1aSjqhJViDLioweYkUeOfkB/5V/1YKRcMb2OBwsLhMFOC3mYdEiLdhssVxkE6R
5xpfIe/uQZRL9dziKFH4Qfacnrvq47+WUQrx6vqjDbXChpkyaBJKOUoZRZ1LQHqI
Zw04VLfDOo2s+pee2HRRBnPrqnTSX8epGCxH91DGNU5XoCMhomL6oIuCLw29uG6O
dgIOvIOEuG/PQxpvPdgeSRxbIsDAKbsngFMhoKHkceDpc3IJmyW2yAOdyMuf5mJH
DH4Nt7U1jXl/yeIz7vR1EpiCIck/Bgtwt1GC7VFuyw6iJY9SBUpQDBxO2A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:21:43 2025 by rpki-client