Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2815/oMIph03CV5pwGtuc7Fc6DjY4eSM.roa
File: oMIph03CV5pwGtuc7Fc6DjY4eSM.roa (raw, json)
Hash identifier: ZFW6eUi9Bvv4cI95xW3I6Ynqho/AKREUFd8s96oVzps=
Subject key identifier: A0:C2:29:87:4D:C2:57:9A:70:1A:DB:9C:EC:57:3A:0E:36:38:79:23
Certificate issuer: /CN=6E0ECC3BB7C7B01BE09A1189FBD223579E75A39F
Certificate serial: 22
Authority key identifier: 6E:0E:CC:3B:B7:C7:B0:1B:E0:9A:11:89:FB:D2:23:57:9E:75:A3:9F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/bg7MO7fHsBvgmhGJ-9IjV551o58.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/oMIph03CV5pwGtuc7Fc6DjY4eSM.roa
Signing time: Fri 28 Jun 2024 08:29:07 +0000
ROA not before: Fri 28 Jun 2024 08:29:07 +0000
ROA not after: Sat 28 Jun 2025 06:53:05 +0000
asID: 132019
IP address blocks: 103.69.116.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34 (0x22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6E0ECC3BB7C7B01BE09A1189FBD223579E75A39F
Validity
Not Before: Jun 28 08:29:07 2024 GMT
Not After : Jun 28 06:53:05 2025 GMT
Subject: CN=A0C229874DC2579A701ADB9CEC573A0E36387923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c2:b8:79:9d:83:f7:22:f1:58:f7:22:e8:93:
4e:02:fa:dd:af:03:b3:5a:d0:7d:0b:5d:03:f7:4e:
68:91:08:ab:28:20:1e:e0:ea:89:e8:04:b7:a0:57:
cb:24:4c:4c:3c:ad:21:7f:9d:59:f0:48:e1:71:57:
7b:37:52:2a:a6:9d:e9:2a:8a:75:a9:a5:8a:db:38:
7a:4b:f9:6b:a9:24:d9:c5:8e:5b:03:42:c9:52:10:
9c:6f:83:f7:02:c6:7a:35:33:26:14:e0:2c:72:04:
65:9f:f3:51:04:f2:34:92:6b:20:95:40:3e:aa:70:
1d:96:ca:6b:2a:ca:40:23:9c:d0:19:5b:ac:f0:b0:
6c:2c:6a:0f:09:fc:a5:dd:f0:8f:68:05:69:5e:c1:
8f:e2:25:7b:bf:f1:20:b9:b1:49:b3:07:96:3d:40:
ea:bd:8f:21:f0:56:9b:0f:25:63:1e:07:d6:81:bc:
dc:59:06:cf:07:2d:85:df:7a:99:0e:d2:ce:81:3f:
d0:73:89:e1:37:9d:06:05:bd:41:c2:1a:32:ef:02:
2c:66:23:a8:a9:e3:b4:36:15:3b:0b:27:63:67:19:
6b:a5:32:2d:55:ad:2b:cc:be:62:ed:a8:3d:d8:15:
59:5c:aa:13:a3:e0:78:43:c3:3b:a7:09:b8:d5:ec:
44:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C2:29:87:4D:C2:57:9A:70:1A:DB:9C:EC:57:3A:0E:36:38:79:23
X509v3 Authority Key Identifier:
keyid:6E:0E:CC:3B:B7:C7:B0:1B:E0:9A:11:89:FB:D2:23:57:9E:75:A3:9F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/bg7MO7fHsBvgmhGJ-9IjV551o58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/bg7MO7fHsBvgmhGJ-9IjV551o58.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/oMIph03CV5pwGtuc7Fc6DjY4eSM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.69.116.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:57:73:a1:43:25:6d:e4:c6:87:13:4e:91:98:11:62:46:98:
e2:b4:13:29:6f:9d:80:94:9d:61:1d:9e:e2:50:42:28:b8:c9:
1f:cd:2b:a4:e7:d2:f6:b2:44:eb:ea:36:52:41:73:86:27:48:
aa:ad:4b:e2:af:22:37:66:9c:97:84:19:78:bb:db:ff:0a:45:
21:a2:5c:8d:e0:f8:4c:45:96:86:57:32:ee:54:5b:9e:62:52:
32:f4:20:4b:84:3f:ca:79:1f:19:a0:56:e2:c2:38:62:5e:a0:
94:ad:f7:d4:88:99:57:bf:fd:5a:42:f6:cb:31:a5:2b:52:5e:
22:94:39:ff:c1:02:6a:d5:01:fb:85:47:07:ca:f7:cf:01:d8:
28:e6:5f:f2:a6:25:89:d2:45:e9:66:90:6b:a1:55:92:88:0c:
e6:b5:c0:ee:1d:14:81:f4:aa:83:00:37:02:55:d1:72:d4:2d:
24:f3:6f:81:9e:a3:4a:f9:9a:0a:eb:73:5d:e5:ed:3b:77:f1:
92:47:ff:34:11:a5:4f:aa:88:33:6c:0c:6f:64:a2:81:11:4b:
f6:fb:02:4d:fd:06:1f:36:e6:70:71:ce:ef:9a:fa:16:fb:4e:
a9:62:d2:bf:5a:28:c1:30:b1:4a:15:97:15:5c:28:fb:44:33:
70:68:f1:01
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2RTBF
Q0MzQkI3QzdCMDFCRTA5QTExODlGQkQyMjM1NzlFNzVBMzlGMB4XDTI0MDYyODA4
MjkwN1oXDTI1MDYyODA2NTMwNVowMzExMC8GA1UEAxMoQTBDMjI5ODc0REMyNTc5
QTcwMUFEQjlDRUM1NzNBMEUzNjM4NzkyMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJ3CuHmdg/ci8Vj3IuiTTgL63a8Ds1rQfQtdA/dOaJEIqyggHuDq
iegEt6BXyyRMTDytIX+dWfBI4XFXezdSKqad6SqKdamlits4ekv5a6kk2cWOWwNC
yVIQnG+D9wLGejUzJhTgLHIEZZ/zUQTyNJJrIJVAPqpwHZbKayrKQCOc0BlbrPCw
bCxqDwn8pd3wj2gFaV7Bj+Ile7/xILmxSbMHlj1A6r2PIfBWmw8lYx4H1oG83FkG
zwcthd96mQ7SzoE/0HOJ4TedBgW9QcIaMu8CLGYjqKnjtDYVOwsnY2cZa6UyLVWt
K8y+Yu2oPdgVWVyqE6PgeEPDO6cJuNXsRFMCAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBSgwimHTcJXmnAa25zsVzoONjh5IzAfBgNVHSMEGDAWgBRuDsw7t8ewG+CaEYn7
0iNXnnWjnzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yODE1
L2JnN01PN2ZIc0J2Z21oR0otOUlqVjU1MW81OC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvYmc3TU83ZkhzQnZnbWhHSi05SWpWNTUxbzU4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgxNS9vTUlwaDAzQ1Y1cHdH
dHVjN0ZjNkRqWTRlU00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ0V0MA0GCSqGSIb3DQEBCwUAA4IBAQBMV3OhQyVt5MaHE06RmBFiRpjitBMp
b52AlJ1hHZ7iUEIouMkfzSuk59L2skTr6jZSQXOGJ0iqrUviryI3ZpyXhBl4u9v/
CkUholyN4PhMRZaGVzLuVFueYlIy9CBLhD/KeR8ZoFbiwjhiXqCUrffUiJlXv/1a
QvbLMaUrUl4ilDn/wQJq1QH7hUcHyvfPAdgo5l/ypiWJ0kXpZpBroVWSiAzmtcDu
HRSB9KqDADcCVdFy1C0k82+BnqNK+ZoK63Nd5e07d/GSR/80EaVPqogzbAxvZKKB
EUv2+wJN/QYfNuZwcc7vmvoW+06pYtK/WijBMLFKFZcVXCj7RDNwaPEB
-----END CERTIFICATE-----
Generated at Fri Apr 11 20:26:13 2025 by rpki-client