Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2522/xF_kY5igAZ4pYp7sRgDqMyeVigQ.roa
File: xF_kY5igAZ4pYp7sRgDqMyeVigQ.roa (raw, json)
Hash identifier: JqA1NDUEHISd0ZMcDg+01lOgp+bGBK0kQMU/tV9LvqA=
Subject key identifier: C4:5F:E4:63:98:A0:01:9E:29:62:9E:EC:46:00:EA:33:27:95:8A:04
Certificate issuer: /CN=4087DAB67172836B082075CE18BE5E5FA45D5E95
Certificate serial: 1BE2
Authority key identifier: 40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/xF_kY5igAZ4pYp7sRgDqMyeVigQ.roa
Signing time: Fri 17 Jan 2025 01:26:52 +0000
ROA not before: Fri 17 Jan 2025 01:26:52 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 131567
IP address blocks: 103.96.8.0/22 maxlen: 24
103.96.8.0/24 maxlen: 24
103.96.9.0/24 maxlen: 24
103.96.10.0/24 maxlen: 24
103.96.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7138 (0x1be2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4087DAB67172836B082075CE18BE5E5FA45D5E95
Validity
Not Before: Jan 17 01:26:52 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=C45FE46398A0019E29629EEC4600EA3327958A04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7d:7b:61:4e:7b:e7:a9:a7:3a:e3:65:c6:12:
10:15:b0:a0:4c:3f:9c:39:cc:98:52:f6:c9:30:b8:
b3:a4:9e:ac:c5:08:57:54:5f:de:19:e3:19:6b:43:
a6:1d:47:fc:7a:57:7e:a7:3b:7a:bd:06:6f:ef:13:
e1:49:d4:17:61:08:0c:dc:3a:d8:28:b3:40:db:0c:
31:97:09:eb:41:45:ce:57:4b:20:e5:86:d0:9c:c4:
66:44:a6:9d:30:76:1e:cc:ae:04:0e:f4:39:b5:ff:
00:f6:da:5b:cc:57:e2:79:56:1e:cc:20:b2:e0:c7:
9f:16:85:38:81:3b:52:0a:80:8e:ae:e1:d4:1c:35:
9d:9d:63:ef:d8:2f:eb:ce:8e:be:20:39:bc:0b:a0:
ba:22:e4:60:b8:27:46:50:d3:12:18:de:b3:e8:b8:
66:f1:05:e3:50:cd:96:e9:a2:07:a4:56:bf:6f:56:
42:72:7c:24:c8:d2:c8:ac:ab:bc:ed:00:8a:18:9d:
c2:eb:b4:0f:fe:6a:ac:c8:f6:98:6e:47:43:37:a5:
16:25:1e:bd:d9:1a:03:1b:29:51:a8:9d:25:cb:24:
3d:21:22:2c:78:79:5e:d4:00:d8:c3:23:73:e1:df:
37:70:4f:9b:50:d3:c8:46:e1:b4:42:d5:24:6e:8e:
f5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5F:E4:63:98:A0:01:9E:29:62:9E:EC:46:00:EA:33:27:95:8A:04
X509v3 Authority Key Identifier:
keyid:40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/xF_kY5igAZ4pYp7sRgDqMyeVigQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.96.8.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:c3:2a:68:5e:72:7d:48:03:58:6b:88:d3:a4:22:f2:17:89:
dc:6a:cc:1a:d7:ce:d3:6c:8d:17:a7:fb:1e:b9:18:f6:4c:bc:
d1:b4:37:c5:5a:17:7d:59:66:95:ea:f1:4e:40:4d:72:4c:89:
39:94:51:58:b3:21:8d:c0:a1:81:f4:57:5c:a0:b2:28:08:90:
f6:07:b7:e1:78:90:75:bc:ab:d4:dc:bd:57:5c:8b:37:53:af:
4f:35:cc:2d:73:12:48:f6:58:5d:6b:ac:4d:c0:e5:5a:87:fb:
93:f4:f2:bd:e8:f0:56:75:6c:64:eb:2c:93:db:ce:bf:dd:03:
4f:58:02:9f:ba:2d:24:a2:a6:57:8b:15:62:e3:93:1f:1a:d4:
05:be:ee:4d:d2:7a:8b:9d:db:a9:68:65:db:c0:51:2f:b4:41:
32:1d:ff:bd:5a:28:c3:94:92:c0:a7:29:ec:0f:24:65:f9:69:
8e:03:88:5b:b5:8a:38:fc:21:fc:68:21:40:7c:24:03:0d:72:
27:02:f3:34:a7:5b:7c:a8:b4:6a:c5:c7:b0:a4:4e:0a:0c:08:
3f:b6:e4:b3:e0:36:66:bf:40:b3:29:13:30:b3:8e:aa:e9:50:
0f:ed:94:45:b2:9b:54:5d:7a:f8:63:9e:05:a6:d9:62:f9:b3:
fe:52:02:05
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICG+IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDA4
N0RBQjY3MTcyODM2QjA4MjA3NUNFMThCRTVFNUZBNDVENUU5NTAeFw0yNTAxMTcw
MTI2NTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM0NUZFNDYzOThBMDAx
OUUyOTYyOUVFQzQ2MDBFQTMzMjc5NThBMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOfXthTnvnqac642XGEhAVsKBMP5w5zJhS9skwuLOknqzFCFdU
X94Z4xlrQ6YdR/x6V36nO3q9Bm/vE+FJ1BdhCAzcOtgos0DbDDGXCetBRc5XSyDl
htCcxGZEpp0wdh7MrgQO9Dm1/wD22lvMV+J5Vh7MILLgx58WhTiBO1IKgI6u4dQc
NZ2dY+/YL+vOjr4gObwLoLoi5GC4J0ZQ0xIY3rPouGbxBeNQzZbpogekVr9vVkJy
fCTI0sisq7ztAIoYncLrtA/+aqzI9phuR0M3pRYlHr3ZGgMbKVGonSXLJD0hIix4
eV7UANjDI3Ph3zdwT5tQ08hG4bRC1SRujvXTAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUxF/kY5igAZ4pYp7sRgDqMyeVigQwHwYDVR0jBBgwFoAUQIfatnFyg2sIIHXO
GL5eX6RdXpUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUy
Mi9RSWZhdG5GeWcyc0lJSFhPR0w1ZVg2UmRYcFUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1FJZmF0bkZ5ZzJzSUlIWE9HTDVlWDZSZFhwVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MjIveEZfa1k1aWdBWjRw
WXA3c1JnRHFNeWVWaWdRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdgCDANBgkqhkiG9w0BAQsFAAOCAQEAX8MqaF5yfUgDWGuI06Qi8heJ3GrM
GtfO02yNF6f7HrkY9ky80bQ3xVoXfVlmlerxTkBNckyJOZRRWLMhjcChgfRXXKCy
KAiQ9ge34XiQdbyr1Ny9V1yLN1OvTzXMLXMSSPZYXWusTcDlWof7k/TyvejwVnVs
ZOssk9vOv90DT1gCn7otJKKmV4sVYuOTHxrUBb7uTdJ6i53bqWhl28BRL7RBMh3/
vVoow5SSwKcp7A8kZflpjgOIW7WKOPwh/GghQHwkAw1yJwLzNKdbfKi0asXHsKRO
CgwIP7bks+A2Zr9AsykTMLOOqulQD+2URbKbVF16+GOeBabZYvmz/lICBQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:36 2025 by rpki-client