Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2741/oNx-2622tESiWCt9JkvnNZDXVFE.roa
File: oNx-2622tESiWCt9JkvnNZDXVFE.roa (raw, json)
Hash identifier: AqzUw5v02HW+kpBq/ImcwWJ9YIWHcvConEAWor/jLtE=
Subject key identifier: A0:DC:7E:DB:AD:B6:B4:44:A2:58:2B:7D:26:4B:E7:35:90:D7:54:51
Certificate issuer: /CN=3C8625BACA079911E2B28299B4BD44FDCBFFF60C
Certificate serial: 06CE
Authority key identifier: 3C:86:25:BA:CA:07:99:11:E2:B2:82:99:B4:BD:44:FD:CB:FF:F6:0C
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/PIYlusoHmRHisoKZtL1E_cv_9gw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/oNx-2622tESiWCt9JkvnNZDXVFE.roa
Signing time: Sat 30 Mar 2024 07:21:40 +0000
ROA not before: Sat 30 Mar 2024 07:21:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 41717
IP address blocks: 103.116.149.0/24 maxlen: 24
103.116.150.0/24 maxlen: 24
103.116.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1742 (0x6ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3C8625BACA079911E2B28299B4BD44FDCBFFF60C
Validity
Not Before: Mar 30 07:21:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A0DC7EDBADB6B444A2582B7D264BE73590D75451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ba:3d:66:76:b8:77:40:c6:7f:8c:94:3b:20:
12:c2:57:1b:03:77:f0:f0:af:74:a9:3f:cf:f4:77:
e9:56:33:9b:08:c2:c6:b5:93:0c:24:d0:0c:a4:93:
6f:97:a9:94:da:e9:67:2c:b3:02:bd:c0:d4:da:83:
bb:c5:f9:d9:5d:dc:ce:e8:7c:7d:97:55:78:a1:00:
b9:f6:09:ea:6b:a4:97:48:c6:16:17:95:66:82:85:
a3:5d:e5:02:24:c6:8b:db:c2:83:91:ee:8d:19:75:
02:aa:e8:4a:2e:d8:51:8d:36:e5:77:c5:6d:8e:c8:
d1:78:e9:4c:55:36:b7:01:22:13:b4:a5:3e:af:e8:
02:21:6e:a9:92:5e:d6:ef:76:6b:23:ce:6a:73:15:
50:73:8b:d7:28:b0:22:68:42:4f:94:44:78:1c:dc:
31:bd:61:1b:10:23:66:78:9f:0b:d9:0a:55:00:d7:
ef:4e:6f:33:20:66:1e:1e:42:b6:94:59:f1:11:c5:
5d:b0:66:45:a5:bb:81:88:b0:26:f0:98:2d:56:03:
6b:8c:de:51:3e:a2:9f:20:16:13:f9:53:49:e7:aa:
19:8e:59:a3:fd:ed:eb:fd:2d:b2:80:ac:d6:0f:e5:
98:25:ec:51:74:1d:6e:19:72:1e:d0:95:05:89:dc:
cf:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DC:7E:DB:AD:B6:B4:44:A2:58:2B:7D:26:4B:E7:35:90:D7:54:51
X509v3 Authority Key Identifier:
keyid:3C:86:25:BA:CA:07:99:11:E2:B2:82:99:B4:BD:44:FD:CB:FF:F6:0C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/PIYlusoHmRHisoKZtL1E_cv_9gw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/PIYlusoHmRHisoKZtL1E_cv_9gw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/oNx-2622tESiWCt9JkvnNZDXVFE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.149.0-103.116.151.255
Signature Algorithm: sha256WithRSAEncryption
49:c2:5f:56:f4:2a:68:51:02:5e:af:e5:b1:23:ab:8f:85:d9:
49:cd:8b:ef:e5:f6:12:fe:51:c9:bc:02:a1:24:46:eb:60:b1:
72:41:3d:6f:d4:fd:17:26:7f:b5:a5:73:21:38:cb:89:26:76:
81:86:79:cb:b8:1d:cc:7d:0f:8c:ce:6d:be:be:b6:8b:40:ec:
f2:58:8a:aa:84:56:7d:ca:c8:cd:e4:83:17:ec:bc:96:b2:29:
40:85:28:ce:fb:03:c0:c4:11:32:4e:93:bf:47:eb:a4:67:01:
ac:af:38:1a:db:39:d8:05:1e:5c:cf:65:f1:4b:e3:f5:fc:bb:
5d:58:c2:d2:d6:fb:0d:82:a8:bb:8c:2d:f5:24:2b:35:61:1f:
61:4b:1c:7f:7d:03:ce:07:d6:b2:d9:70:b8:43:44:12:1c:b6:
fc:5d:43:cd:01:64:d7:57:4a:f5:3c:7e:8b:db:ce:cc:7e:fe:
e8:d1:3d:4f:23:d4:9b:e9:fd:fb:ec:29:d8:be:5c:06:47:7a:
25:d3:f1:95:6a:10:47:b0:bd:01:bf:80:ca:17:bb:ba:e9:29:
cb:dd:47:0f:01:23:1a:63:00:84:93:dd:6c:f8:8d:15:27:70:
43:44:5b:92:a5:78:bf:cb:2f:15:74:31:70:53:84:01:2f:4d:
74:ed:01:20
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgICBs4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0M4
NjI1QkFDQTA3OTkxMUUyQjI4Mjk5QjRCRDQ0RkRDQkZGRjYwQzAeFw0yNDAzMzAw
NzIxNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEwREM3RURCQURCNkI0
NDRBMjU4MkI3RDI2NEJFNzM1OTBENzU0NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBuj1mdrh3QMZ/jJQ7IBLCVxsDd/Dwr3SpP8/0d+lWM5sIwsa1
kwwk0Aykk2+XqZTa6WcsswK9wNTag7vF+dld3M7ofH2XVXihALn2CeprpJdIxhYX
lWaChaNd5QIkxovbwoOR7o0ZdQKq6Eou2FGNNuV3xW2OyNF46UxVNrcBIhO0pT6v
6AIhbqmSXtbvdmsjzmpzFVBzi9cosCJoQk+URHgc3DG9YRsQI2Z4nwvZClUA1+9O
bzMgZh4eQraUWfERxV2wZkWlu4GIsCbwmC1WA2uM3lE+op8gFhP5U0nnqhmOWaP9
7ev9LbKArNYP5Zgl7FF0HW4Zch7QlQWJ3M8/AgMBAAGjggH7MIIB9zAdBgNVHQ4E
FgQUoNx+2622tESiWCt9JkvnNZDXVFEwHwYDVR0jBBgwFoAUPIYlusoHmRHisoKZ
tL1E/cv/9gwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0
MS9QSVlsdXNvSG1SSGlzb0tadEwxRV9jdl85Z3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1BJWWx1c29IbVJIaXNvS1p0TDFFX2N2Xzlndy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDEvb054LTI2MjJ0RVNp
V0N0OUprdm5OWkRYVkZFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEw
DjAMAwQAZ3SVAwQDZ3SQMA0GCSqGSIb3DQEBCwUAA4IBAQBJwl9W9CpoUQJer+Wx
I6uPhdlJzYvv5fYS/lHJvAKhJEbrYLFyQT1v1P0XJn+1pXMhOMuJJnaBhnnLuB3M
fQ+Mzm2+vraLQOzyWIqqhFZ9ysjN5IMX7LyWsilAhSjO+wPAxBEyTpO/R+ukZwGs
rzga2znYBR5cz2XxS+P1/LtdWMLS1vsNgqi7jC31JCs1YR9hSxx/fQPOB9ay2XC4
Q0QSHLb8XUPNAWTXV0r1PH6L287Mfv7o0T1PI9Sb6f377CnYvlwGR3ol0/GVahBH
sL0Bv4DKF7u66SnL3UcPASMaYwCEk91s+I0VJ3BDRFuSpXi/yy8VdDFwU4QBL010
7QEg
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:56 2025 by rpki-client