Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2537/xzgnXL4X4Mnp8vjJl7KMYz-fSDo.roa
File: xzgnXL4X4Mnp8vjJl7KMYz-fSDo.roa (raw, json)
Hash identifier: nYWQt5bArg3VV2bHWLfeb/ZRysXVjsaV65sDVImttJw=
Subject key identifier: C7:38:27:5C:BE:17:E0:C9:E9:F2:F8:C9:97:B2:8C:63:3F:9F:48:3A
Certificate issuer: /CN=7B5DC95599BE4DE454A99C0C25753D1E00C7414F
Certificate serial: 079A
Authority key identifier: 7B:5D:C9:55:99:BE:4D:E4:54:A9:9C:0C:25:75:3D:1E:00:C7:41:4F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/xzgnXL4X4Mnp8vjJl7KMYz-fSDo.roa
Signing time: Fri 17 Jan 2025 01:23:22 +0000
ROA not before: Fri 17 Jan 2025 01:23:22 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 137443
IP address blocks: 103.97.56.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1946 (0x79a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7B5DC95599BE4DE454A99C0C25753D1E00C7414F
Validity
Not Before: Jan 17 01:23:22 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=C738275CBE17E0C9E9F2F8C997B28C633F9F483A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:eb:d5:52:c0:38:52:4a:76:5e:63:b2:be:01:
f6:3e:84:26:9a:28:90:d7:8b:7e:32:9c:2b:9b:53:
ab:c2:3b:c0:d5:08:3a:b7:89:30:54:cc:72:5a:19:
4d:21:2c:4a:5d:80:49:e9:41:c9:a3:11:22:65:62:
e1:81:40:f2:f2:46:6e:ea:39:16:66:bf:b2:da:8d:
15:2b:38:ca:97:35:6f:5b:ad:cf:04:f1:94:49:fa:
7c:5e:c2:fb:3f:58:87:d0:dd:fc:46:4e:17:a9:36:
0b:e4:57:23:31:8b:1f:ce:6b:70:6e:ba:2b:cf:4f:
80:95:14:85:0a:5a:07:30:59:82:27:e0:ae:d5:64:
e6:7e:01:54:1a:27:ee:d3:8e:41:5a:12:10:37:2f:
c9:10:13:20:8d:30:6f:f9:08:20:8f:72:a1:3c:85:
b6:13:c2:93:77:0f:7f:a6:62:64:42:e1:c3:ef:bf:
28:6f:3a:81:6d:66:9d:aa:51:cd:0e:b5:ec:54:cc:
f9:8d:b0:da:e9:01:dd:ea:5d:74:1b:27:1b:1f:60:
93:f3:61:28:a5:48:11:7a:6d:f4:d2:2c:79:7f:66:
5f:01:4f:22:62:e8:01:e0:21:39:87:b6:e9:11:ef:
dd:d2:96:a2:22:8f:06:10:71:f8:1a:6d:7b:da:42:
da:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:38:27:5C:BE:17:E0:C9:E9:F2:F8:C9:97:B2:8C:63:3F:9F:48:3A
X509v3 Authority Key Identifier:
keyid:7B:5D:C9:55:99:BE:4D:E4:54:A9:9C:0C:25:75:3D:1E:00:C7:41:4F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/e13JVZm-TeRUqZwMJXU9HgDHQU8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/xzgnXL4X4Mnp8vjJl7KMYz-fSDo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.97.56.0/22
Signature Algorithm: sha256WithRSAEncryption
61:f8:97:b4:6b:e5:ab:d7:6e:ee:03:2c:33:49:24:79:4d:60:
4c:97:ef:6f:d7:9a:7c:95:77:69:26:17:7f:17:9d:9c:81:e3:
2a:a5:d1:25:26:b9:24:5e:7f:04:38:7f:15:80:be:2f:fd:00:
98:04:21:8d:ef:aa:17:cf:ea:e2:5f:af:ee:d7:2b:18:23:5c:
4e:94:d3:3e:b6:bf:ce:a5:13:f7:ed:2d:89:2d:7f:23:b4:cf:
19:a7:e8:3c:ea:05:38:5f:7b:bd:1b:55:c9:7f:19:e2:51:b8:
2f:bf:75:18:02:c7:99:b4:97:f1:d2:03:c8:8a:bc:c9:1a:36:
9e:dc:50:35:02:e0:08:92:9a:94:02:5d:b5:a5:1d:c2:3b:75:
20:5f:c3:36:8d:df:ab:56:75:c0:64:f9:09:5c:82:4f:10:ae:
b8:d4:ee:b4:ea:e8:cf:fe:75:ab:b8:25:f4:e5:0f:34:98:5b:
d7:cb:2d:e2:43:c3:86:b5:e4:fa:03:f5:5b:13:35:c8:de:9f:
49:5a:42:ce:13:20:30:e8:0a:8f:e2:16:2a:a5:6c:48:37:96:
de:50:37:46:ed:87:96:05:6e:81:32:7d:50:d4:e8:fd:d7:d0:
43:57:4d:bf:6d:48:bf:dd:17:94:0f:ed:b7:b7:6f:0e:f0:2e:
6f:b2:b6:8d
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICB5owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0I1
REM5NTU5OUJFNERFNDU0QTk5QzBDMjU3NTNEMUUwMEM3NDE0RjAeFw0yNTAxMTcw
MTIzMjJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM3MzgyNzVDQkUxN0Uw
QzlFOUYyRjhDOTk3QjI4QzYzM0Y5RjQ4M0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQ69VSwDhSSnZeY7K+AfY+hCaaKJDXi34ynCubU6vCO8DVCDq3
iTBUzHJaGU0hLEpdgEnpQcmjESJlYuGBQPLyRm7qORZmv7LajRUrOMqXNW9brc8E
8ZRJ+nxewvs/WIfQ3fxGThepNgvkVyMxix/Oa3BuuivPT4CVFIUKWgcwWYIn4K7V
ZOZ+AVQaJ+7TjkFaEhA3L8kQEyCNMG/5CCCPcqE8hbYTwpN3D3+mYmRC4cPvvyhv
OoFtZp2qUc0OtexUzPmNsNrpAd3qXXQbJxsfYJPzYSilSBF6bfTSLHl/Zl8BTyJi
6AHgITmHtukR793SlqIijwYQcfgabXvaQtpnAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUxzgnXL4X4Mnp8vjJl7KMYz+fSDowHwYDVR0jBBgwFoAUe13JVZm+TeRUqZwM
JXU9HgDHQU8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUz
Ny9lMTNKVlptLVRlUlVxWndNSlhVOUhnREhRVTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2UxM0pWWm0tVGVSVXFad01KWFU5SGdESFFVOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MzcveHpnblhMNFg0TW5w
OHZqSmw3S01Zei1mU0RvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdhODANBgkqhkiG9w0BAQsFAAOCAQEAYfiXtGvlq9du7gMsM0kkeU1gTJfv
b9eafJV3aSYXfxednIHjKqXRJSa5JF5/BDh/FYC+L/0AmAQhje+qF8/q4l+v7tcr
GCNcTpTTPra/zqUT9+0tiS1/I7TPGafoPOoFOF97vRtVyX8Z4lG4L791GALHmbSX
8dIDyIq8yRo2ntxQNQLgCJKalAJdtaUdwjt1IF/DNo3fq1Z1wGT5CVyCTxCuuNTu
tOroz/51q7gl9OUPNJhb18st4kPDhrXk+gP1WxM1yN6fSVpCzhMgMOgKj+IWKqVs
SDeW3lA3Ru2HlgVugTJ9UNTo/dfQQ1dNv21Iv90XlA/tt7dvDvAub7K2jQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:01 2025 by rpki-client