Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2639/jZb4pO6hNr2kqo_3TfgMx_5Dmig.roa
File: jZb4pO6hNr2kqo_3TfgMx_5Dmig.roa (raw, json)
Hash identifier: gToiYgyZRMBcIApnLZrMA7yq3vrsRdKvwtqkTnYj0fI=
Subject key identifier: 8D:96:F8:A4:EE:A1:36:BD:A4:AA:8F:F7:4D:F8:0C:C7:FE:43:9A:28
Certificate issuer: /CN=D1EA9A8B512505907299DA38CEA5BCCE610987CB
Certificate serial: 1FC4
Authority key identifier: D1:EA:9A:8B:51:25:05:90:72:99:DA:38:CE:A5:BC:CE:61:09:87:CB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0eqai1ElBZBymdo4zqW8zmEJh8s.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2639/jZb4pO6hNr2kqo_3TfgMx_5Dmig.roa
Signing time: Fri 17 Jan 2025 01:27:01 +0000
ROA not before: Fri 17 Jan 2025 01:27:01 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24424
IP address blocks: 103.104.152.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8132 (0x1fc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D1EA9A8B512505907299DA38CEA5BCCE610987CB
Validity
Not Before: Jan 17 01:27:01 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=8D96F8A4EEA136BDA4AA8FF74DF80CC7FE439A28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8a:b0:9a:57:75:ea:f2:89:24:6c:b9:9c:cb:
e6:e2:8e:67:86:ac:3a:ad:a6:0d:c1:c9:f5:06:60:
da:02:bb:65:cd:6a:86:9c:fa:df:2f:02:16:f0:20:
ee:73:0c:0d:b3:57:6d:88:c5:88:2c:0a:0f:98:43:
de:ff:8c:64:65:02:f8:98:78:53:fa:e0:15:55:c9:
7a:7b:fe:cd:37:43:78:25:5d:44:70:d1:57:01:a1:
ca:f2:04:2c:ec:07:cb:d6:e0:1b:09:e2:f3:17:f6:
c3:7f:a5:bb:a8:ad:fc:34:c8:48:b3:2b:6d:50:de:
36:16:58:42:36:5e:a5:87:dd:4c:c4:ae:4b:d9:86:
98:1f:4f:48:ba:cc:fb:a4:10:90:06:aa:fc:78:6b:
d6:d5:49:34:4b:a3:af:27:b5:d6:c1:bc:2f:82:22:
4d:28:74:0a:0b:85:26:48:fd:08:14:90:50:2a:aa:
ba:14:0a:2e:a7:ee:d2:31:91:70:73:b8:7a:cb:15:
e8:48:0f:49:91:cf:2f:e3:00:e0:fa:ca:08:68:c8:
c8:9e:b2:c4:81:3b:0e:fb:1f:3a:2f:4b:97:79:8b:
e5:bc:85:75:55:57:3b:88:28:36:49:8f:c6:61:b9:
fc:05:28:6d:38:44:93:d0:7f:86:1b:e7:ac:41:80:
7f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:96:F8:A4:EE:A1:36:BD:A4:AA:8F:F7:4D:F8:0C:C7:FE:43:9A:28
X509v3 Authority Key Identifier:
keyid:D1:EA:9A:8B:51:25:05:90:72:99:DA:38:CE:A5:BC:CE:61:09:87:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2639/0eqai1ElBZBymdo4zqW8zmEJh8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0eqai1ElBZBymdo4zqW8zmEJh8s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2639/jZb4pO6hNr2kqo_3TfgMx_5Dmig.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.104.152.0/22
Signature Algorithm: sha256WithRSAEncryption
03:3d:41:d6:2c:61:bb:03:a1:1e:75:20:bc:83:96:82:19:5f:
b9:3c:42:e5:88:1b:88:12:28:bc:b5:b4:52:9e:0b:54:86:89:
fe:c4:7c:b0:3e:25:90:32:ab:eb:7e:9d:24:16:3f:d3:8a:43:
5f:c7:97:88:aa:94:13:94:64:3b:6f:8c:56:39:5a:21:00:06:
c6:71:af:8b:3d:c0:90:4e:4d:de:91:fc:17:ba:fe:68:02:07:
e8:6b:5a:2d:14:d8:e7:1f:49:bc:f2:f4:f0:f3:15:53:41:50:
df:93:05:a4:b2:e4:bf:70:57:60:cc:a9:74:44:d3:c7:86:15:
1a:59:99:2e:b1:c6:a6:0a:d7:1c:59:3d:73:af:3a:10:dc:f8:
0d:2b:07:71:cb:e6:87:60:0c:a3:95:8c:42:c6:e6:e6:9c:5f:
b1:eb:6d:0c:51:ff:00:06:12:93:84:4a:06:37:ef:91:f7:55:
2d:37:31:d6:16:a0:f3:c1:b8:58:6a:de:6e:3b:44:cf:86:33:
02:7c:c6:25:32:04:5f:49:8d:0e:00:1f:ad:90:2d:eb:4a:3c:
05:44:a4:a3:9d:d7:cc:c2:d0:c0:f2:30:b2:72:8e:e9:32:52:
2a:28:2e:7e:a0:d4:c0:fa:37:9c:71:85:75:d9:54:a0:cc:87:
43:24:53:b4
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICH8QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDFF
QTlBOEI1MTI1MDU5MDcyOTlEQTM4Q0VBNUJDQ0U2MTA5ODdDQjAeFw0yNTAxMTcw
MTI3MDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhEOTZGOEE0RUVBMTM2
QkRBNEFBOEZGNzRERjgwQ0M3RkU0MzlBMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqirCaV3Xq8okkbLmcy+bijmeGrDqtpg3ByfUGYNoCu2XNaoac
+t8vAhbwIO5zDA2zV22IxYgsCg+YQ97/jGRlAviYeFP64BVVyXp7/s03Q3glXURw
0VcBocryBCzsB8vW4BsJ4vMX9sN/pbuorfw0yEizK21Q3jYWWEI2XqWH3UzErkvZ
hpgfT0i6zPukEJAGqvx4a9bVSTRLo68ntdbBvC+CIk0odAoLhSZI/QgUkFAqqroU
Ci6n7tIxkXBzuHrLFehID0mRzy/jAOD6yghoyMiessSBOw77HzovS5d5i+W8hXVV
VzuIKDZJj8ZhufwFKG04RJPQf4Yb56xBgH9hAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUjZb4pO6hNr2kqo/3TfgMx/5DmigwHwYDVR0jBBgwFoAU0eqai1ElBZBymdo4
zqW8zmEJh8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYz
OS8wZXFhaTFFbEJaQnltZG80enFXOHptRUpoOHMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBlcWFpMUVsQlpCeW1kbzR6cVc4em1FSmg4cy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MzkvalpiNHBPNmhOcjJr
cW9fM1RmZ014XzVEbWlnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdomDANBgkqhkiG9w0BAQsFAAOCAQEAAz1B1ixhuwOhHnUgvIOWghlfuTxC
5YgbiBIovLW0Up4LVIaJ/sR8sD4lkDKr636dJBY/04pDX8eXiKqUE5RkO2+MVjla
IQAGxnGviz3AkE5N3pH8F7r+aAIH6GtaLRTY5x9JvPL08PMVU0FQ35MFpLLkv3BX
YMypdETTx4YVGlmZLrHGpgrXHFk9c686ENz4DSsHccvmh2AMo5WMQsbm5pxfsett
DFH/AAYSk4RKBjfvkfdVLTcx1hag88G4WGrebjtEz4YzAnzGJTIEX0mNDgAfrZAt
60o8BUSko53XzMLQwPIwsnKO6TJSKigufqDUwPo3nHGFddlUoMyHQyRTtA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:14 2025 by rpki-client