Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2741/quj3JK30OXbnje-5SHznSVufOkU.roa
File: quj3JK30OXbnje-5SHznSVufOkU.roa (raw, json)
Hash identifier: QFco1R1nZco2MXFS8wJ24/UVjY0SEkcS4e5JbGrfWNA=
Subject key identifier: AA:E8:F7:24:AD:F4:39:76:E7:8D:EF:B9:48:7C:E7:49:5B:9F:3A:45
Certificate issuer: /CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F
Certificate serial: 0DB7
Authority key identifier: FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/quj3JK30OXbnje-5SHznSVufOkU.roa
Signing time: Fri 21 Mar 2025 03:27:40 +0000
ROA not before: Fri 21 Mar 2025 03:27:40 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 41717
IP address blocks: 103.116.149.0/24 maxlen: 24
103.116.150.0/24 maxlen: 24
103.116.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3511 (0xdb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F
Validity
Not Before: Mar 21 03:27:40 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=AAE8F724ADF43976E78DEFB9487CE7495B9F3A45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:68:1d:fc:76:b0:61:c5:cf:69:1c:25:ad:fb:
84:c3:4a:1b:67:d0:01:9b:a8:e6:e8:4a:5a:33:8c:
94:a1:f7:5c:97:3c:86:46:14:3a:14:33:0c:50:c0:
08:f0:95:d2:2e:16:95:af:97:9b:8a:97:49:be:4c:
a2:63:9a:0b:9e:1a:25:cf:9a:22:90:86:56:9f:4a:
f6:62:88:e5:00:5d:30:e3:91:34:27:ed:7b:8f:b8:
ce:23:ea:43:e7:98:e3:35:e6:71:81:ba:82:e1:fb:
6c:bd:f2:64:2c:3d:53:cd:f0:51:1b:f0:99:f2:f8:
f2:67:f7:36:f9:9e:d0:c1:9a:6f:91:5a:23:85:35:
79:a5:ab:58:c6:94:6d:6d:80:9b:f6:23:23:23:7e:
f3:e1:59:59:d1:1e:84:1d:19:98:f3:9e:25:76:94:
b4:11:36:f4:a9:2f:4e:a8:b9:f9:c0:d4:27:61:b7:
fb:a8:16:00:5d:dc:39:d7:2c:fa:5c:29:e9:ed:56:
72:55:28:a3:76:bb:f0:20:0e:19:1b:e8:1b:23:f7:
ba:75:63:60:59:54:c2:bf:ff:57:96:ca:a0:f0:2a:
76:1d:ee:f9:e5:5e:d4:95:08:c5:94:c6:6b:82:a5:
0c:59:96:ce:7b:12:42:66:0c:61:27:26:25:87:98:
68:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:E8:F7:24:AD:F4:39:76:E7:8D:EF:B9:48:7C:E7:49:5B:9F:3A:45
X509v3 Authority Key Identifier:
keyid:FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/quj3JK30OXbnje-5SHznSVufOkU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.149.0-103.116.151.255
Signature Algorithm: sha256WithRSAEncryption
22:00:44:49:17:5a:06:5c:bd:9f:8b:64:50:d6:6b:3c:48:cd:
40:4b:e9:a4:b2:7c:04:55:44:e0:5f:a5:b9:ad:55:57:1e:86:
a5:78:1e:ca:fa:03:13:cf:2f:95:5c:78:6b:dd:0a:fa:4e:b2:
5e:86:a8:e6:48:7c:f4:89:de:3a:3b:28:7d:66:3f:71:2c:6a:
15:0d:5e:5c:e8:c6:6a:27:71:79:3f:58:a0:94:a1:09:15:b8:
17:fa:75:a2:1e:0d:8d:c1:bc:e7:ec:9e:90:4e:12:ce:dd:2a:
b6:f0:3b:d7:b3:d2:6b:9d:8f:fb:c7:c8:e8:ab:0f:28:13:1d:
c9:79:ea:bf:46:f5:b9:25:1f:ef:26:42:2b:1e:c5:0a:fe:df:
66:46:b2:fe:23:99:0d:fb:fb:a8:33:33:2a:d5:c1:43:57:8e:
eb:fe:e2:8e:d3:e8:e0:e0:f8:e4:31:33:8e:d8:9c:1d:4b:57:
c5:1c:94:b1:24:44:e6:b8:f4:38:b5:8b:1b:b9:98:23:dc:d1:
b9:1c:50:31:47:ed:21:57:95:f9:c5:95:52:ba:a3:f6:93:69:
ce:06:82:d4:6e:22:ed:52:1e:88:c6:51:20:a4:c7:e4:e7:54:
98:76:46:52:57:a7:44:1b:e0:b2:ec:44:34:83:86:a4:93:f5:
95:15:cf:e8
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgICDbcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkFE
NkI0M0MwOUQwNDkwQTBERjdGODkxREY5RjYzQjUyMENGMjEwRjAeFw0yNTAzMjEw
MzI3NDBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEFBRThGNzI0QURGNDM5
NzZFNzhERUZCOTQ4N0NFNzQ5NUI5RjNBNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjaB38drBhxc9pHCWt+4TDShtn0AGbqOboSlozjJSh91yXPIZG
FDoUMwxQwAjwldIuFpWvl5uKl0m+TKJjmgueGiXPmiKQhlafSvZiiOUAXTDjkTQn
7XuPuM4j6kPnmOM15nGBuoLh+2y98mQsPVPN8FEb8Jny+PJn9zb5ntDBmm+RWiOF
NXmlq1jGlG1tgJv2IyMjfvPhWVnRHoQdGZjzniV2lLQRNvSpL06oufnA1Cdht/uo
FgBd3DnXLPpcKentVnJVKKN2u/AgDhkb6Bsj97p1Y2BZVMK//1eWyqDwKnYd7vnl
XtSVCMWUxmuCpQxZls57EkJmDGEnJiWHmGj7AgMBAAGjggH7MIIB9zAdBgNVHQ4E
FgQUquj3JK30OXbnje+5SHznSVufOkUwHwYDVR0jBBgwFoAU+ta0PAnQSQoN9/iR
359jtSDPIQ8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0
MS8tdGEwUEFuUVNRb045X2lSMzU5anRTRFBJUTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLy10YTBQQW5RU1FvTjlfaVIzNTlqdFNEUElROC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDEvcXVqM0pLMzBPWGJu
amUtNVNIem5TVnVmT2tVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEw
DjAMAwQAZ3SVAwQDZ3SQMA0GCSqGSIb3DQEBCwUAA4IBAQAiAERJF1oGXL2fi2RQ
1ms8SM1AS+mksnwEVUTgX6W5rVVXHoaleB7K+gMTzy+VXHhr3Qr6TrJehqjmSHz0
id46Oyh9Zj9xLGoVDV5c6MZqJ3F5P1iglKEJFbgX+nWiHg2Nwbzn7J6QThLO3Sq2
8DvXs9JrnY/7x8joqw8oEx3Jeeq/RvW5JR/vJkIrHsUK/t9mRrL+I5kN+/uoMzMq
1cFDV47r/uKO0+jg4PjkMTOO2JwdS1fFHJSxJETmuPQ4tYsbuZgj3NG5HFAxR+0h
V5X5xZVSuqP2k2nOBoLUbiLtUh6IxlEgpMfk51SYdkZSV6dEG+Cy7EQ0g4akk/WV
Fc/o
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:01 2025 by rpki-client