Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2537/H4KORnDhY-VKxuYTHr3rYLKQWnQ.roa
File: H4KORnDhY-VKxuYTHr3rYLKQWnQ.roa (raw, json)
Hash identifier: oKzTY6oapz472bUTZ5uNwL98YiUS9I+uG+Bk+tLd+40=
Subject key identifier: 1F:82:8E:46:70:E1:63:E5:4A:C6:E6:13:1E:BD:EB:60:B2:90:5A:74
Certificate issuer: /CN=7B5DC95599BE4DE454A99C0C25753D1E00C7414F
Certificate serial: 01E9
Authority key identifier: 7B:5D:C9:55:99:BE:4D:E4:54:A9:9C:0C:25:75:3D:1E:00:C7:41:4F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/H4KORnDhY-VKxuYTHr3rYLKQWnQ.roa
Signing time: Sat 30 Mar 2024 12:44:03 +0000
ROA not before: Sat 30 Mar 2024 12:44:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 152092
IP address blocks: 103.97.56.0/24 maxlen: 24
103.97.57.0/24 maxlen: 24
103.97.58.0/24 maxlen: 24
103.97.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 489 (0x1e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7B5DC95599BE4DE454A99C0C25753D1E00C7414F
Validity
Not Before: Mar 30 12:44:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1F828E4670E163E54AC6E6131EBDEB60B2905A74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:42:e8:1e:2b:ec:db:07:4b:91:4a:51:5d:10:
12:3e:c8:9e:ab:34:5b:df:db:a5:30:b7:a0:00:ff:
91:06:32:67:ea:c1:e4:e5:b9:49:99:19:26:c8:7e:
ef:cc:e1:f0:cd:b9:11:86:ec:97:5e:2b:31:84:c0:
25:67:0c:8e:88:8d:82:c6:51:48:85:4d:aa:29:e0:
84:62:79:cd:78:ab:04:28:2c:8b:12:85:c3:35:a0:
c2:2e:04:d0:4a:9c:51:f2:f8:75:80:89:0c:d9:3f:
ce:a5:fd:75:d8:a9:ed:bf:cf:bd:45:c5:bf:c6:5f:
2b:85:ae:c9:30:d0:e7:91:b4:23:d0:c1:31:8b:5d:
ad:9a:de:64:ce:ee:8d:e9:85:17:a3:a6:7f:66:18:
6d:b5:0a:1b:3e:05:bb:42:18:95:20:6d:e2:01:dc:
b8:60:f9:c1:cc:51:0e:a3:6e:5b:0d:d7:59:75:27:
39:1d:20:f3:ce:f8:d9:4c:51:e2:05:99:f7:00:e3:
4c:52:27:b2:9a:1d:83:25:df:f4:ec:a6:b9:53:42:
ea:46:1b:d2:ac:cd:a0:ce:cf:26:09:61:6f:da:6f:
03:86:b7:b1:a3:02:b4:22:e0:28:aa:21:58:83:d4:
f9:96:ad:81:d6:89:15:14:45:45:b1:8a:18:0b:93:
13:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:82:8E:46:70:E1:63:E5:4A:C6:E6:13:1E:BD:EB:60:B2:90:5A:74
X509v3 Authority Key Identifier:
keyid:7B:5D:C9:55:99:BE:4D:E4:54:A9:9C:0C:25:75:3D:1E:00:C7:41:4F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/e13JVZm-TeRUqZwMJXU9HgDHQU8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/H4KORnDhY-VKxuYTHr3rYLKQWnQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.97.56.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:9d:ef:8c:1a:f3:1a:de:37:9f:dd:05:97:d7:6a:05:be:2a:
48:3c:0f:e1:23:59:e4:52:99:2e:ab:b0:69:88:0b:31:9e:b7:
97:b2:2c:4f:69:97:6f:42:1a:cf:12:1b:8c:85:5f:1a:50:df:
aa:63:92:f9:67:19:a4:03:25:0d:95:fd:03:3b:34:8c:bd:3b:
33:0d:3d:a9:3f:25:29:70:8c:0d:b5:a0:c8:e8:e2:e9:c8:a7:
c2:3c:3e:af:cc:3c:eb:0d:3e:e3:74:73:7b:5a:26:2d:e9:11:
a7:e3:bf:bd:a0:61:6e:9e:d9:d2:45:0f:e9:1c:58:cb:8f:0e:
13:7c:43:49:67:c1:50:cd:62:56:e1:80:41:f1:e0:67:63:ff:
05:e1:b4:01:f6:d1:c4:92:23:6c:97:29:43:87:66:b1:48:6c:
75:19:07:9c:cc:85:68:71:87:5f:70:a4:2c:9b:0e:39:61:89:
63:c3:8a:1e:e8:d0:03:9e:06:48:13:8d:e6:31:af:88:2e:af:
01:41:97:4c:63:2d:66:3b:73:6f:4c:2d:60:5b:85:48:26:36:
1a:42:fc:83:1c:cc:5b:f8:82:5b:aa:4b:bb:df:15:b7:64:31:
55:ca:e8:a7:ab:b9:70:92:c5:b6:1c:cf:bd:67:c7:40:f1:80:
c0:00:1c:df
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICAekwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0I1
REM5NTU5OUJFNERFNDU0QTk5QzBDMjU3NTNEMUUwMEM3NDE0RjAeFw0yNDAzMzAx
MjQ0MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFGODI4RTQ2NzBFMTYz
RTU0QUM2RTYxMzFFQkRFQjYwQjI5MDVBNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfQugeK+zbB0uRSlFdEBI+yJ6rNFvf26Uwt6AA/5EGMmfqweTl
uUmZGSbIfu/M4fDNuRGG7JdeKzGEwCVnDI6IjYLGUUiFTaop4IRiec14qwQoLIsS
hcM1oMIuBNBKnFHy+HWAiQzZP86l/XXYqe2/z71Fxb/GXyuFrskw0OeRtCPQwTGL
Xa2a3mTO7o3phRejpn9mGG21Chs+BbtCGJUgbeIB3Lhg+cHMUQ6jblsN11l1Jzkd
IPPO+NlMUeIFmfcA40xSJ7KaHYMl3/TsprlTQupGG9KszaDOzyYJYW/abwOGt7Gj
ArQi4CiqIViD1PmWrYHWiRUURUWxihgLkxN1AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUH4KORnDhY+VKxuYTHr3rYLKQWnQwHwYDVR0jBBgwFoAUe13JVZm+TeRUqZwM
JXU9HgDHQU8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUz
Ny9lMTNKVlptLVRlUlVxWndNSlhVOUhnREhRVTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2UxM0pWWm0tVGVSVXFad01KWFU5SGdESFFVOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MzcvSDRLT1JuRGhZLVZL
eHVZVEhyM3JZTEtRV25RLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdhODANBgkqhkiG9w0BAQsFAAOCAQEAnZ3vjBrzGt43n90Fl9dqBb4qSDwP
4SNZ5FKZLquwaYgLMZ63l7IsT2mXb0IazxIbjIVfGlDfqmOS+WcZpAMlDZX9Azs0
jL07Mw09qT8lKXCMDbWgyOji6cinwjw+r8w86w0+43Rze1omLekRp+O/vaBhbp7Z
0kUP6RxYy48OE3xDSWfBUM1iVuGAQfHgZ2P/BeG0AfbRxJIjbJcpQ4dmsUhsdRkH
nMyFaHGHX3CkLJsOOWGJY8OKHujQA54GSBON5jGviC6vAUGXTGMtZjtzb0wtYFuF
SCY2GkL8gxzMW/iCW6pLu98Vt2QxVcrop6u5cJLFthzPvWfHQPGAwAAc3w==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:11 2025 by rpki-client