Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2578/jeRqT-U67iHCPC6sGRXxmqGg3To.roa
File: jeRqT-U67iHCPC6sGRXxmqGg3To.roa (raw, json)
Hash identifier: a/ZnvznW8+bmn2gNXwFRyzDr6mmblMwmC0wW6Xa1SWM=
Subject key identifier: 8D:E4:6A:4F:E5:3A:EE:21:C2:3C:2E:AC:19:15:F1:9A:A1:A0:DD:3A
Certificate issuer: /CN=1817D1D97E8A11B6D73F1C165EEAAE97483DFDE9
Certificate serial: 13E7
Authority key identifier: 18:17:D1:D9:7E:8A:11:B6:D7:3F:1C:16:5E:EA:AE:97:48:3D:FD:E9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GBfR2X6KEbbXPxwWXuqul0g9_ek.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/jeRqT-U67iHCPC6sGRXxmqGg3To.roa
Signing time: Fri 17 Jan 2025 01:27:56 +0000
ROA not before: Fri 17 Jan 2025 01:27:56 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 41717
IP address blocks: 103.99.76.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5095 (0x13e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1817D1D97E8A11B6D73F1C165EEAAE97483DFDE9
Validity
Not Before: Jan 17 01:27:56 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=8DE46A4FE53AEE21C23C2EAC1915F19AA1A0DD3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5c:f0:c0:39:7b:89:f5:23:12:a9:c9:1a:0e:
e4:b0:1c:e4:68:30:3e:af:ac:f7:0c:7a:92:09:35:
13:5a:ef:19:0a:43:81:e6:50:9a:c6:06:7f:d0:2a:
33:cd:f9:ac:06:71:32:de:11:c8:b7:90:28:20:7b:
b9:0e:7a:e2:b5:e2:34:77:e2:f1:5d:3e:81:5b:5f:
d6:12:7c:c0:8d:84:27:04:e3:9e:01:1a:c6:fc:ea:
91:32:43:f2:67:69:df:4e:fb:0d:19:cb:0e:a6:74:
09:69:f2:36:11:21:35:68:e4:80:22:df:1d:7a:38:
dc:9f:db:aa:98:c6:22:81:d0:e2:16:57:85:94:1a:
18:e2:60:51:c8:66:c8:4e:e8:05:a9:1f:9f:ec:86:
a8:4f:c4:57:2f:15:cb:32:3b:fd:b3:af:c8:89:e8:
e9:44:25:22:a0:8f:d4:a5:61:c0:c7:ce:92:34:3e:
34:33:02:66:9d:86:55:8c:ec:31:aa:42:ca:01:ab:
14:24:39:ec:ce:f4:55:5e:54:3f:ba:60:f1:ac:50:
89:ca:8e:81:84:11:9f:08:d9:31:0e:12:ff:10:6e:
98:62:b5:3b:82:59:41:d9:85:a7:67:d4:0c:d2:b7:
53:7c:ba:c7:20:61:a2:e2:f7:60:42:a4:d6:e1:eb:
1d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:E4:6A:4F:E5:3A:EE:21:C2:3C:2E:AC:19:15:F1:9A:A1:A0:DD:3A
X509v3 Authority Key Identifier:
keyid:18:17:D1:D9:7E:8A:11:B6:D7:3F:1C:16:5E:EA:AE:97:48:3D:FD:E9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/GBfR2X6KEbbXPxwWXuqul0g9_ek.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GBfR2X6KEbbXPxwWXuqul0g9_ek.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/jeRqT-U67iHCPC6sGRXxmqGg3To.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.76.0/22
Signature Algorithm: sha256WithRSAEncryption
c4:4b:74:1e:8d:d6:8b:05:51:a8:cf:b3:2d:4a:41:29:43:3e:
1c:cb:d8:b2:15:f5:ef:f3:ff:f4:e0:9f:95:fe:3e:8d:65:71:
70:8d:9d:f4:91:bc:d7:07:9b:c6:16:7e:aa:54:72:41:20:0b:
9a:2f:b7:f8:76:14:1f:3f:4a:a0:da:6b:e8:73:53:1e:28:de:
a4:79:b0:24:74:b1:ef:cb:b4:d9:d2:d8:9f:66:a9:ff:47:ad:
91:e3:3e:99:d2:7d:21:c5:b2:c6:60:a7:fc:49:4c:c3:3a:0d:
6d:08:97:19:95:be:75:d2:2e:a3:23:bd:6f:b5:92:ca:85:2d:
e0:d4:78:52:4d:00:99:e1:bd:f1:82:44:ad:28:21:c5:70:01:
47:51:fd:6e:82:65:e6:83:1e:10:91:5e:12:89:80:db:17:ef:
a0:b2:47:fd:2b:e8:b8:1a:86:f9:46:7e:5c:fd:4a:20:4f:63:
bc:2e:3f:ef:51:3e:04:a7:b9:c4:61:6e:08:9a:4e:11:6c:d2:
e5:53:58:2c:0c:00:8b:cd:47:89:8c:0a:c2:c5:66:ea:cf:1e:
cc:bf:44:6e:ec:e4:a9:d8:ec:6f:bd:77:c2:35:b8:ea:6d:37:
0e:46:cb:c3:20:65:bc:49:2d:43:bb:69:04:24:1a:dc:57:16:
fa:a4:cf:b1
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICE+cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTgx
N0QxRDk3RThBMTFCNkQ3M0YxQzE2NUVFQUFFOTc0ODNERkRFOTAeFw0yNTAxMTcw
MTI3NTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhERTQ2QTRGRTUzQUVF
MjFDMjNDMkVBQzE5MTVGMTlBQTFBMEREM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8XPDAOXuJ9SMSqckaDuSwHORoMD6vrPcMepIJNRNa7xkKQ4Hm
UJrGBn/QKjPN+awGcTLeEci3kCgge7kOeuK14jR34vFdPoFbX9YSfMCNhCcE454B
Gsb86pEyQ/Jnad9O+w0Zyw6mdAlp8jYRITVo5IAi3x16ONyf26qYxiKB0OIWV4WU
GhjiYFHIZshO6AWpH5/shqhPxFcvFcsyO/2zr8iJ6OlEJSKgj9SlYcDHzpI0PjQz
AmadhlWM7DGqQsoBqxQkOezO9FVeVD+6YPGsUInKjoGEEZ8I2TEOEv8QbphitTuC
WUHZhadn1AzSt1N8uscgYaLi92BCpNbh6x0BAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUjeRqT+U67iHCPC6sGRXxmqGg3TowHwYDVR0jBBgwFoAUGBfR2X6KEbbXPxwW
Xuqul0g9/ekwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU3
OC9HQmZSMlg2S0ViYlhQeHdXWHVxdWwwZzlfZWsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0dCZlIyWDZLRWJiWFB4d1dYdXF1bDBnOV9lay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NzgvamVScVQtVTY3aUhD
UEM2c0dSWHhtcUdnM1RvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdjTDANBgkqhkiG9w0BAQsFAAOCAQEAxEt0Ho3WiwVRqM+zLUpBKUM+HMvY
shX17/P/9OCflf4+jWVxcI2d9JG81webxhZ+qlRyQSALmi+3+HYUHz9KoNpr6HNT
HijepHmwJHSx78u02dLYn2ap/0etkeM+mdJ9IcWyxmCn/ElMwzoNbQiXGZW+ddIu
oyO9b7WSyoUt4NR4Uk0AmeG98YJErSghxXABR1H9boJl5oMeEJFeEomA2xfvoLJH
/SvouBqG+UZ+XP1KIE9jvC4/71E+BKe5xGFuCJpOEWzS5VNYLAwAi81HiYwKwsVm
6s8ezL9Ebuzkqdjsb713wjW46m03DkbLwyBlvEktQ7tpBCQa3FcW+qTPsQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:25 2025 by rpki-client