Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2537/fd4VIBPvL2B4lWNgkVZ2bfkyH0s.roa
File: fd4VIBPvL2B4lWNgkVZ2bfkyH0s.roa (raw, json)
Hash identifier: RHNQHaoSfBLctaT+f+I87UtbshzADXqvfgGPSCXaxK0=
Subject key identifier: 7D:DE:15:20:13:EF:2F:60:78:95:63:60:91:56:76:6D:F9:32:1F:4B
Certificate issuer: /CN=FB653B26775041687D362D4CEF768E58F99EC075
Certificate serial: 08DF
Authority key identifier: FB:65:3B:26:77:50:41:68:7D:36:2D:4C:EF:76:8E:58:F9:9E:C0:75
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-2U7JndQQWh9Ni1M73aOWPmewHU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/fd4VIBPvL2B4lWNgkVZ2bfkyH0s.roa
Signing time: Fri 21 Mar 2025 03:31:08 +0000
ROA not before: Fri 21 Mar 2025 03:31:08 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 152092
IP address blocks: 103.97.56.0/24 maxlen: 24
103.97.57.0/24 maxlen: 24
103.97.58.0/24 maxlen: 24
103.97.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2271 (0x8df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB653B26775041687D362D4CEF768E58F99EC075
Validity
Not Before: Mar 21 03:31:08 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=7DDE152013EF2F60789563609156766DF9321F4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:71:7e:f4:74:fc:50:6f:54:58:e5:24:da:56:
d5:6d:13:d9:d9:81:08:91:90:bf:78:d7:79:9a:83:
c9:72:95:b1:22:7a:34:23:c3:14:59:5d:03:5c:83:
78:b3:66:cf:1f:58:3f:28:06:e1:2d:a9:1d:ee:cf:
57:b6:e4:fd:6d:c5:29:00:54:41:1e:e3:7a:44:51:
e5:18:01:c8:20:b4:a7:01:20:da:86:6b:19:8d:ed:
a8:7f:03:9a:af:9d:37:72:5b:5a:0f:04:29:79:a0:
9f:c3:e2:f7:cc:75:5b:68:41:07:67:f0:05:0e:aa:
42:58:b3:b9:bb:5a:45:f9:74:74:eb:14:81:fa:5f:
1b:2e:6a:23:29:3b:59:49:40:80:c3:8d:d5:83:eb:
bc:9d:15:20:34:49:06:71:c9:c8:bf:34:1a:98:0d:
a0:a1:45:51:00:a2:90:0a:c8:9d:fb:8a:06:1a:17:
22:28:f6:80:2f:0c:ac:b6:15:41:02:76:32:f1:d5:
4d:94:f6:fb:f5:77:4a:70:3b:8a:07:6a:6b:77:87:
46:49:9b:fe:f4:1d:2b:9c:b6:ae:fc:f6:02:d9:74:
4b:05:14:4d:40:f0:08:cf:3e:b0:a8:dd:54:6a:96:
c6:1a:12:11:f3:60:0b:25:ac:4a:e9:e4:b8:d7:60:
3d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:DE:15:20:13:EF:2F:60:78:95:63:60:91:56:76:6D:F9:32:1F:4B
X509v3 Authority Key Identifier:
keyid:FB:65:3B:26:77:50:41:68:7D:36:2D:4C:EF:76:8E:58:F9:9E:C0:75
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/-2U7JndQQWh9Ni1M73aOWPmewHU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-2U7JndQQWh9Ni1M73aOWPmewHU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/fd4VIBPvL2B4lWNgkVZ2bfkyH0s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.97.56.0/22
Signature Algorithm: sha256WithRSAEncryption
21:47:01:34:4c:18:aa:e0:4b:44:bc:eb:b4:dc:3c:3e:56:9c:
d0:4c:8a:17:4b:c6:5a:fc:be:3c:1d:62:13:7c:d6:50:95:c0:
db:90:7d:5d:68:bf:18:4f:4c:b2:98:52:b3:de:03:dd:0b:28:
7b:6d:fa:0e:03:ce:fb:a2:c7:9e:83:87:ed:52:f9:5a:dc:8a:
89:ae:0f:8b:eb:3d:29:5e:5c:20:b0:c1:48:d4:1e:7f:d2:74:
02:40:78:de:ff:d8:2a:9c:53:f3:38:51:04:6d:45:93:b5:06:
8a:f3:1c:da:b7:2d:af:6a:8b:20:6f:2e:1e:03:c4:20:1a:93:
0d:ff:77:7b:f4:50:22:3c:b1:57:51:6c:6e:5c:c9:0a:2e:d4:
d4:b4:fe:f7:e9:84:cd:21:c3:c9:61:4e:1c:ea:ad:d9:82:f9:
a8:83:f7:13:4e:5a:93:36:d5:9a:57:48:16:d4:9b:f0:5e:10:
14:0e:e8:5c:22:f7:04:b9:3d:85:29:5c:c4:2d:33:84:22:be:
60:a8:ae:88:35:e9:7e:6e:39:08:7a:ec:ba:c0:fc:f1:5d:b5:
fb:81:db:e0:7b:46:44:52:27:22:f4:58:c1:71:7b:cd:43:31:
33:f2:5f:81:37:51:d6:c9:fe:f8:60:1e:55:c7:29:60:90:c5:
8f:ea:9c:f3
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCN8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkI2
NTNCMjY3NzUwNDE2ODdEMzYyRDRDRUY3NjhFNThGOTlFQzA3NTAeFw0yNTAzMjEw
MzMxMDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDdEREUxNTIwMTNFRjJG
NjA3ODk1NjM2MDkxNTY3NjZERjkzMjFGNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCccX70dPxQb1RY5STaVtVtE9nZgQiRkL9413mag8lylbEiejQj
wxRZXQNcg3izZs8fWD8oBuEtqR3uz1e25P1txSkAVEEe43pEUeUYAcggtKcBINqG
axmN7ah/A5qvnTdyW1oPBCl5oJ/D4vfMdVtoQQdn8AUOqkJYs7m7WkX5dHTrFIH6
XxsuaiMpO1lJQIDDjdWD67ydFSA0SQZxyci/NBqYDaChRVEAopAKyJ37igYaFyIo
9oAvDKy2FUECdjLx1U2U9vv1d0pwO4oHamt3h0ZJm/70HSuctq789gLZdEsFFE1A
8AjPPrCo3VRqlsYaEhHzYAslrErp5LjXYD21AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUfd4VIBPvL2B4lWNgkVZ2bfkyH0swHwYDVR0jBBgwFoAU+2U7JndQQWh9Ni1M
73aOWPmewHUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUz
Ny8tMlU3Sm5kUVFXaDlOaTFNNzNhT1dQbWV3SFUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLy0yVTdKbmRRUVdoOU5pMU03M2FPV1BtZXdIVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MzcvZmQ0VklCUHZMMkI0
bFdOZ2tWWjJiZmt5SDBzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdhODANBgkqhkiG9w0BAQsFAAOCAQEAIUcBNEwYquBLRLzrtNw8Plac0EyK
F0vGWvy+PB1iE3zWUJXA25B9XWi/GE9MsphSs94D3Qsoe236DgPO+6LHnoOH7VL5
WtyKia4Pi+s9KV5cILDBSNQef9J0AkB43v/YKpxT8zhRBG1Fk7UGivMc2rctr2qL
IG8uHgPEIBqTDf93e/RQIjyxV1FsblzJCi7U1LT+9+mEzSHDyWFOHOqt2YL5qIP3
E05akzbVmldIFtSb8F4QFA7oXCL3BLk9hSlcxC0zhCK+YKiuiDXpfm45CHrsusD8
8V21+4Hb4HtGRFInIvRYwXF7zUMxM/JfgTdR1sn++GAeVccpYJDFj+qc8w==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:53:43 2025 by rpki-client