Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2537/rtLqb4gLaNofoaISUeU9kHQWtDU.roa
File: rtLqb4gLaNofoaISUeU9kHQWtDU.roa (raw, json)
Hash identifier: UjglH3914lXJyAJG/QXGAiW0Ird7Y8FuX01hcUXXay0=
Subject key identifier: AE:D2:EA:6F:88:0B:68:DA:1F:A1:A2:12:51:E5:3D:90:74:16:B4:35
Certificate issuer: /CN=7B5DC95599BE4DE454A99C0C25753D1E00C7414F
Certificate serial: 01E8
Authority key identifier: 7B:5D:C9:55:99:BE:4D:E4:54:A9:9C:0C:25:75:3D:1E:00:C7:41:4F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/rtLqb4gLaNofoaISUeU9kHQWtDU.roa
Signing time: Sat 30 Mar 2024 12:44:03 +0000
ROA not before: Sat 30 Mar 2024 12:44:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 152092
IP address blocks: 103.97.56.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 488 (0x1e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7B5DC95599BE4DE454A99C0C25753D1E00C7414F
Validity
Not Before: Mar 30 12:44:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AED2EA6F880B68DA1FA1A21251E53D907416B435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a6:55:0a:91:d0:df:1e:d4:64:4e:fa:d9:e2:
0f:8c:f7:32:80:46:f9:dd:59:8d:5a:6b:8c:7e:86:
32:8a:5c:1a:9b:75:f2:70:68:26:ab:98:a2:de:73:
4f:6b:0c:18:3e:3d:83:ea:b5:3f:22:2d:1d:2c:7d:
ad:64:03:aa:07:45:6e:42:d4:4a:5c:03:03:54:8e:
2b:13:e0:91:40:8b:53:95:33:36:6c:c5:bb:31:22:
7d:68:ed:ab:a7:e9:b5:29:30:2f:ba:36:be:8d:9b:
72:ee:60:58:a7:45:63:c0:fd:93:7f:31:d9:ea:01:
66:65:a0:a2:c8:cf:76:44:d4:c8:f8:e3:fa:7c:9f:
b1:00:43:5b:32:92:d3:ab:c5:d2:cb:d3:fa:b5:4f:
18:da:be:40:c7:3e:d8:54:12:5d:c0:a1:2f:b2:ca:
f2:68:77:1b:df:6b:2d:f9:ae:c9:1b:ab:99:af:90:
03:14:ea:b0:9f:5f:cc:a0:87:5d:89:8b:df:8b:64:
37:bb:d6:6c:03:55:04:20:47:7c:1d:2e:7a:79:a3:
36:03:dc:07:06:ac:06:6b:36:4d:6b:e2:82:21:26:
3f:3f:79:4c:2b:38:d4:0b:6c:4e:90:98:05:d2:c5:
78:a3:a6:d7:93:a3:a8:8b:06:6e:78:4f:95:57:ec:
b2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D2:EA:6F:88:0B:68:DA:1F:A1:A2:12:51:E5:3D:90:74:16:B4:35
X509v3 Authority Key Identifier:
keyid:7B:5D:C9:55:99:BE:4D:E4:54:A9:9C:0C:25:75:3D:1E:00:C7:41:4F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/e13JVZm-TeRUqZwMJXU9HgDHQU8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/rtLqb4gLaNofoaISUeU9kHQWtDU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.97.56.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:41:ac:13:58:5b:7e:24:89:53:7f:8f:d8:ac:a2:3c:93:4f:
6c:77:c7:a4:37:6e:5b:b0:c1:6e:84:f0:1d:68:a4:35:87:cc:
2d:47:8c:e3:6f:d1:b6:c1:16:d0:48:cd:03:06:8a:cd:93:fe:
a1:40:e7:c5:25:4f:10:c5:7a:f8:73:3c:ba:29:13:06:b1:66:
8a:66:e1:48:70:72:78:97:4b:f8:17:90:be:b5:49:96:cd:63:
c3:a4:7c:f3:c3:f3:01:f8:ba:bc:9a:13:df:1a:2d:75:11:a9:
40:25:f5:e6:e4:1d:b1:4f:88:62:f8:0e:36:d4:6d:ae:68:7e:
8d:dd:9c:a7:b9:32:5f:e5:88:88:50:69:5f:94:f6:33:3c:28:
4a:64:ac:95:ca:ea:ce:01:8f:6a:b1:01:c4:d7:08:5d:17:e8:
88:34:cb:38:4c:92:27:5c:be:94:d9:9f:92:82:55:e0:32:04:
9f:15:93:99:24:e4:82:04:bd:99:3e:fc:9c:5c:27:c8:14:e5:
6e:04:5f:11:b6:ae:66:78:47:c8:5a:b2:b5:bc:aa:0b:39:6f:
e7:16:de:85:f0:40:54:17:0e:06:f1:f2:cf:fb:af:1e:ab:4d:
48:bb:4a:eb:d2:ea:98:01:70:32:b0:7f:8a:b0:2f:ea:cf:25:
09:dd:08:51
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICAegwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0I1
REM5NTU5OUJFNERFNDU0QTk5QzBDMjU3NTNEMUUwMEM3NDE0RjAeFw0yNDAzMzAx
MjQ0MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFFRDJFQTZGODgwQjY4
REExRkExQTIxMjUxRTUzRDkwNzQxNkI0MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeplUKkdDfHtRkTvrZ4g+M9zKARvndWY1aa4x+hjKKXBqbdfJw
aCarmKLec09rDBg+PYPqtT8iLR0sfa1kA6oHRW5C1EpcAwNUjisT4JFAi1OVMzZs
xbsxIn1o7aun6bUpMC+6Nr6Nm3LuYFinRWPA/ZN/MdnqAWZloKLIz3ZE1Mj44/p8
n7EAQ1syktOrxdLL0/q1TxjavkDHPthUEl3AoS+yyvJodxvfay35rskbq5mvkAMU
6rCfX8ygh12Ji9+LZDe71mwDVQQgR3wdLnp5ozYD3AcGrAZrNk1r4oIhJj8/eUwr
ONQLbE6QmAXSxXijpteTo6iLBm54T5VX7LILAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUrtLqb4gLaNofoaISUeU9kHQWtDUwHwYDVR0jBBgwFoAUe13JVZm+TeRUqZwM
JXU9HgDHQU8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUz
Ny9lMTNKVlptLVRlUlVxWndNSlhVOUhnREhRVTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2UxM0pWWm0tVGVSVXFad01KWFU5SGdESFFVOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MzcvcnRMcWI0Z0xhTm9m
b2FJU1VlVTlrSFFXdERVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdhODANBgkqhkiG9w0BAQsFAAOCAQEAX0GsE1hbfiSJU3+P2KyiPJNPbHfH
pDduW7DBboTwHWikNYfMLUeM42/RtsEW0EjNAwaKzZP+oUDnxSVPEMV6+HM8uikT
BrFmimbhSHByeJdL+BeQvrVJls1jw6R888PzAfi6vJoT3xotdRGpQCX15uQdsU+I
YvgONtRtrmh+jd2cp7kyX+WIiFBpX5T2MzwoSmSslcrqzgGParEBxNcIXRfoiDTL
OEySJ1y+lNmfkoJV4DIEnxWTmSTkggS9mT78nFwnyBTlbgRfEbauZnhHyFqytbyq
Czlv5xbehfBAVBcOBvHyz/uvHqtNSLtK69LqmAFwMrB/irAv6s8lCd0IUQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:18 2025 by rpki-client