Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2741/tIV2NLuW5JJVXk09CaVhrThT06c.roa
File: tIV2NLuW5JJVXk09CaVhrThT06c.roa (raw, json)
Hash identifier: DrPhxqKwyy+vKWlZGo2T/5B3myYf0XHpIUleUinxPAk=
Subject key identifier: B4:85:76:34:BB:96:E4:92:55:5E:4D:3D:09:A5:61:AD:38:53:D3:A7
Certificate issuer: /CN=3C8625BACA079911E2B28299B4BD44FDCBFFF60C
Certificate serial: 0C7A
Authority key identifier: 3C:86:25:BA:CA:07:99:11:E2:B2:82:99:B4:BD:44:FD:CB:FF:F6:0C
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/PIYlusoHmRHisoKZtL1E_cv_9gw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/tIV2NLuW5JJVXk09CaVhrThT06c.roa
Signing time: Fri 17 Jan 2025 01:23:55 +0000
ROA not before: Fri 17 Jan 2025 01:23:55 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 41717
IP address blocks: 103.116.149.0/24 maxlen: 24
103.116.150.0/24 maxlen: 24
103.116.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3194 (0xc7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3C8625BACA079911E2B28299B4BD44FDCBFFF60C
Validity
Not Before: Jan 17 01:23:55 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=B4857634BB96E492555E4D3D09A561AD3853D3A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:d4:19:1b:9f:b1:b0:14:26:28:b9:3c:25:4e:
bc:2e:71:85:ce:1c:13:6e:5a:43:d4:a3:b3:cd:8e:
89:bb:ae:01:19:71:8a:8b:00:67:d4:4d:3b:76:ea:
dc:4d:d2:c1:04:0a:57:b1:1c:93:c7:f3:1a:bc:74:
14:8b:f7:bc:15:90:82:ea:b3:70:0c:4b:3e:b8:16:
2c:37:94:2f:24:56:5b:6c:56:99:d6:94:bd:1b:fd:
4e:c0:57:8e:1d:7d:c3:2c:4f:a0:a1:0a:bf:46:03:
fb:c6:21:03:11:81:8c:ad:a2:5d:9f:16:61:c4:fe:
f5:b0:8f:e1:c7:ed:0f:37:79:b4:3c:cd:76:a8:04:
21:96:8b:a8:f9:7b:c2:53:d1:7f:12:eb:3d:2d:bb:
4f:ab:76:bb:f6:28:02:36:ec:6a:4b:f0:a2:54:f0:
0d:6c:b1:0f:bc:2f:d8:64:75:de:38:4a:15:bc:52:
57:97:f5:9a:d7:22:a0:07:c4:19:dd:23:51:68:31:
72:00:7a:4a:9f:f9:fb:c5:cf:3e:36:90:1c:30:ed:
b0:02:91:45:a4:31:4f:30:3f:1f:6d:e1:75:b1:29:
8c:ce:f6:d9:9f:59:1c:96:5c:98:d6:d9:43:1a:09:
66:b7:3f:90:ee:44:4d:3f:1c:6d:7e:81:d0:7e:81:
72:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:85:76:34:BB:96:E4:92:55:5E:4D:3D:09:A5:61:AD:38:53:D3:A7
X509v3 Authority Key Identifier:
keyid:3C:86:25:BA:CA:07:99:11:E2:B2:82:99:B4:BD:44:FD:CB:FF:F6:0C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/PIYlusoHmRHisoKZtL1E_cv_9gw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/PIYlusoHmRHisoKZtL1E_cv_9gw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/tIV2NLuW5JJVXk09CaVhrThT06c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.149.0-103.116.151.255
Signature Algorithm: sha256WithRSAEncryption
c6:95:20:73:80:4d:50:f1:3d:81:29:b5:37:9a:57:e8:13:3b:
66:ab:d5:0c:8d:66:58:ef:b4:74:b2:1d:a6:d6:ff:2a:88:bd:
78:b2:8d:7f:94:41:c4:b4:11:4e:37:78:2a:5c:76:f6:15:4a:
d0:75:dc:97:8f:87:78:93:8d:c2:62:90:e2:75:62:1c:fd:f0:
3d:de:b5:98:93:22:6f:e7:3b:f7:85:a9:94:e4:3e:86:10:c1:
e9:63:54:6b:31:a9:a6:f8:4c:91:a3:75:f9:84:dc:ef:aa:83:
c6:92:cf:66:0f:71:70:25:fa:26:4f:cf:8e:0b:ac:6a:c9:d1:
09:8d:82:f4:e9:34:b2:aa:c3:66:27:44:82:54:35:0d:57:0d:
d2:bb:cf:e2:ad:4c:10:1e:80:14:8d:38:65:0e:23:1f:1c:2f:
7d:30:66:f2:96:04:f4:de:0c:b8:79:bd:40:96:0e:3c:ef:90:
73:83:db:e3:96:a3:69:6f:95:77:87:fa:ea:78:7c:4e:06:af:
85:8c:57:e1:ec:0c:18:3a:95:bb:7d:b6:42:ef:42:df:48:e1:
eb:4a:6a:ff:ba:f2:5d:fe:8c:49:a9:db:8c:ab:1d:fa:a3:b2:
2e:7c:7e:57:fa:68:ad:f4:78:ce:1c:85:3d:eb:a4:be:9a:15:
26:76:19:91
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgICDHowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0M4
NjI1QkFDQTA3OTkxMUUyQjI4Mjk5QjRCRDQ0RkRDQkZGRjYwQzAeFw0yNTAxMTcw
MTIzNTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEI0ODU3NjM0QkI5NkU0
OTI1NTVFNEQzRDA5QTU2MUFEMzg1M0QzQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDy1Bkbn7GwFCYouTwlTrwucYXOHBNuWkPUo7PNjom7rgEZcYqL
AGfUTTt26txN0sEEClexHJPH8xq8dBSL97wVkILqs3AMSz64Fiw3lC8kVltsVpnW
lL0b/U7AV44dfcMsT6ChCr9GA/vGIQMRgYytol2fFmHE/vWwj+HH7Q83ebQ8zXao
BCGWi6j5e8JT0X8S6z0tu0+rdrv2KAI27GpL8KJU8A1ssQ+8L9hkdd44ShW8UleX
9ZrXIqAHxBndI1FoMXIAekqf+fvFzz42kBww7bACkUWkMU8wPx9t4XWxKYzO9tmf
WRyWXJjW2UMaCWa3P5DuRE0/HG1+gdB+gXLpAgMBAAGjggH7MIIB9zAdBgNVHQ4E
FgQUtIV2NLuW5JJVXk09CaVhrThT06cwHwYDVR0jBBgwFoAUPIYlusoHmRHisoKZ
tL1E/cv/9gwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0
MS9QSVlsdXNvSG1SSGlzb0tadEwxRV9jdl85Z3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1BJWWx1c29IbVJIaXNvS1p0TDFFX2N2Xzlndy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDEvdElWMk5MdVc1SkpW
WGswOUNhVmhyVGhUMDZjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEw
DjAMAwQAZ3SVAwQDZ3SQMA0GCSqGSIb3DQEBCwUAA4IBAQDGlSBzgE1Q8T2BKbU3
mlfoEztmq9UMjWZY77R0sh2m1v8qiL14so1/lEHEtBFON3gqXHb2FUrQddyXj4d4
k43CYpDidWIc/fA93rWYkyJv5zv3hamU5D6GEMHpY1RrMamm+EyRo3X5hNzvqoPG
ks9mD3FwJfomT8+OC6xqydEJjYL06TSyqsNmJ0SCVDUNVw3Su8/irUwQHoAUjThl
DiMfHC99MGbylgT03gy4eb1Alg4875Bzg9vjlqNpb5V3h/rqeHxOBq+FjFfh7AwY
OpW7fbZC70LfSOHrSmr/uvJd/oxJqduMqx36o7IufH5X+mit9HjOHIU966S+mhUm
dhmR
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:17:14 2025 by rpki-client