Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2739/L3J-Ozzbv0bVXm0ZoLiQbsMXLX0.roa
File: L3J-Ozzbv0bVXm0ZoLiQbsMXLX0.roa (raw, json)
Hash identifier: nqUDhWOlvW/uNH8zbyHGfUFi+r+d8f8JhE2S7VPYhmw=
Subject key identifier: 2F:72:7E:3B:3C:DB:BF:46:D5:5E:6D:19:A0:B8:90:6E:C3:17:2D:7D
Certificate issuer: /CN=65DA61BDCA2CC0F8CA95D24D3942BC087D8C92A6
Certificate serial: 1593
Authority key identifier: 65:DA:61:BD:CA:2C:C0:F8:CA:95:D2:4D:39:42:BC:08:7D:8C:92:A6
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZdphvcoswPjKldJNOUK8CH2MkqY.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/L3J-Ozzbv0bVXm0ZoLiQbsMXLX0.roa
Signing time: Wed 13 Mar 2024 01:22:04 +0000
ROA not before: Wed 13 Mar 2024 01:22:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 131482
IP address blocks: 103.116.120.0/22 maxlen: 24
103.116.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5523 (0x1593)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65DA61BDCA2CC0F8CA95D24D3942BC087D8C92A6
Validity
Not Before: Mar 13 01:22:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2F727E3B3CDBBF46D55E6D19A0B8906EC3172D7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:09:6b:9f:0e:ab:06:49:94:be:b0:08:33:ec:
8d:81:02:b6:06:b8:75:0d:3d:a3:b5:f7:3f:9f:1d:
f8:e5:1a:ae:71:25:0f:f8:1a:20:f7:cc:01:d5:8e:
92:08:d3:f6:cd:3f:02:70:8e:b3:76:b5:c4:45:0e:
d8:a4:d0:1d:20:f7:c8:74:44:60:6c:fb:4e:2d:3d:
50:bd:d9:98:b4:51:f5:db:e4:95:59:d5:48:86:a5:
56:d9:9e:df:dc:59:22:03:06:d9:b4:b9:95:92:9b:
a3:ff:33:94:08:14:5a:22:ba:3f:8f:25:dd:b9:21:
2d:f6:d6:50:67:93:d4:7a:07:c2:be:bf:e4:bd:1e:
e1:58:7b:d7:c7:81:ef:90:87:3b:c5:ba:2e:ce:c8:
2f:84:cd:b5:2c:5e:53:b3:ca:32:3f:48:7b:b9:bf:
2d:8d:c3:d0:83:c0:fd:b6:a1:18:e1:c0:dc:4a:10:
99:75:eb:7f:af:2e:4e:de:63:69:5e:51:08:21:a1:
4c:aa:38:01:15:f2:99:b7:16:b1:d5:3f:ca:e6:0c:
ac:af:22:a7:96:bc:62:33:3b:44:9d:80:7d:e3:7f:
3b:51:2a:97:a8:df:df:63:80:e9:43:a0:e3:75:09:
3f:e1:90:2f:58:73:b3:08:d1:0e:16:cb:c5:07:f4:
49:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:72:7E:3B:3C:DB:BF:46:D5:5E:6D:19:A0:B8:90:6E:C3:17:2D:7D
X509v3 Authority Key Identifier:
keyid:65:DA:61:BD:CA:2C:C0:F8:CA:95:D2:4D:39:42:BC:08:7D:8C:92:A6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/ZdphvcoswPjKldJNOUK8CH2MkqY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZdphvcoswPjKldJNOUK8CH2MkqY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/L3J-Ozzbv0bVXm0ZoLiQbsMXLX0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.120.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:d5:b3:c1:3a:be:62:3d:95:30:a2:97:90:73:4c:96:6d:0f:
11:c4:66:2c:c7:02:fe:d1:8a:0c:64:55:39:3a:0a:14:98:86:
ad:8e:98:01:9d:46:3d:20:0d:82:51:2b:48:8b:6c:76:68:5d:
36:d6:92:9d:f3:22:8f:29:53:74:54:1f:f4:ef:e5:6d:57:f3:
53:6e:4a:fe:39:e5:00:d5:90:61:84:c9:d9:04:20:7c:cd:56:
c4:c7:97:9d:9a:b0:48:81:54:83:30:bf:6c:64:d3:79:ca:28:
94:c6:c6:b8:82:d6:1b:13:1a:99:22:f4:e0:19:c4:62:1e:f5:
fd:0e:45:f0:2b:19:ec:80:4c:40:86:56:67:98:18:97:9d:df:
c5:23:f9:67:fb:29:d5:f8:17:6f:44:69:8e:6e:34:eb:0c:29:
2b:2f:0e:b9:09:5b:a3:ac:b2:e5:b0:3e:2e:48:77:9a:cb:5c:
57:50:a7:0c:48:fa:a1:20:ae:6d:f9:76:5b:1a:30:92:6d:1b:
cb:83:45:f7:84:7a:48:d0:48:26:5d:12:bf:3d:45:e0:83:68:
28:fe:5b:cd:7f:82:0d:05:48:15:62:9c:e3:84:36:ab:19:90:
35:f2:95:a3:09:dd:bd:c3:59:47:fa:07:f4:9c:45:08:47:30:
f7:a3:cb:c3
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFZMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjVE
QTYxQkRDQTJDQzBGOENBOTVEMjREMzk0MkJDMDg3RDhDOTJBNjAeFw0yNDAzMTMw
MTIyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJGNzI3RTNCM0NEQkJG
NDZENTVFNkQxOUEwQjg5MDZFQzMxNzJEN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBCWufDqsGSZS+sAgz7I2BArYGuHUNPaO19z+fHfjlGq5xJQ/4
GiD3zAHVjpII0/bNPwJwjrN2tcRFDtik0B0g98h0RGBs+04tPVC92Zi0UfXb5JVZ
1UiGpVbZnt/cWSIDBtm0uZWSm6P/M5QIFFoiuj+PJd25IS321lBnk9R6B8K+v+S9
HuFYe9fHge+QhzvFui7OyC+EzbUsXlOzyjI/SHu5vy2Nw9CDwP22oRjhwNxKEJl1
63+vLk7eY2leUQghoUyqOAEV8pm3FrHVP8rmDKyvIqeWvGIzO0SdgH3jfztRKpeo
399jgOlDoON1CT/hkC9Yc7MI0Q4Wy8UH9EkLAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUL3J+Ozzbv0bVXm0ZoLiQbsMXLX0wHwYDVR0jBBgwFoAUZdphvcoswPjKldJN
OUK8CH2MkqYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcz
OS9aZHBodmNvc3dQaktsZEpOT1VLOENIMk1rcVkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1pkcGh2Y29zd1BqS2xkSk5PVUs4Q0gyTWtxWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MzkvTDNKLU96emJ2MGJW
WG0wWm9MaVFic01YTFgwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmd0eDANBgkqhkiG9w0BAQsFAAOCAQEAetWzwTq+Yj2VMKKXkHNMlm0PEcRm
LMcC/tGKDGRVOToKFJiGrY6YAZ1GPSANglErSItsdmhdNtaSnfMijylTdFQf9O/l
bVfzU25K/jnlANWQYYTJ2QQgfM1WxMeXnZqwSIFUgzC/bGTTecoolMbGuILWGxMa
mSL04BnEYh71/Q5F8CsZ7IBMQIZWZ5gYl53fxSP5Z/sp1fgXb0Rpjm406wwpKy8O
uQlbo6yy5bA+Lkh3mstcV1CnDEj6oSCubfl2Wxowkm0by4NF94R6SNBIJl0Svz1F
4INoKP5bzX+CDQVIFWKc44Q2qxmQNfKVowndvcNZR/oH9JxFCEcw96PLww==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:54 2025 by rpki-client