Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2823/zvqXOSbdtsv7hCUcmFnyjlRIOig.roa
File: zvqXOSbdtsv7hCUcmFnyjlRIOig.roa (raw, json)
Hash identifier: 4lyxdCMJftXtMBw/MUejR/1sv4VVSzaOYW/+Kgsl7oU=
Subject key identifier: CE:FA:97:39:26:DD:B6:CB:FB:84:25:1C:98:59:F2:8E:54:48:3A:28
Certificate issuer: /CN=6647DAB6455116964FAC00012CCC83174D4E46E1
Certificate serial: 0CA5
Authority key identifier: 66:47:DA:B6:45:51:16:96:4F:AC:00:01:2C:CC:83:17:4D:4E:46:E1
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/zvqXOSbdtsv7hCUcmFnyjlRIOig.roa
Signing time: Wed 13 Mar 2024 01:22:06 +0000
ROA not before: Wed 13 Mar 2024 01:22:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 137730
IP address blocks: 103.124.48.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3237 (0xca5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6647DAB6455116964FAC00012CCC83174D4E46E1
Validity
Not Before: Mar 13 01:22:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CEFA973926DDB6CBFB84251C9859F28E54483A28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:f5:47:40:e5:66:d5:4d:e9:dd:2f:cf:84:8a:
c2:1d:26:ae:7a:4b:e0:3e:c7:2e:1b:32:3f:23:e2:
5b:ba:6c:e3:3c:df:cf:bb:12:e0:93:56:11:72:93:
e6:f1:dc:3d:93:88:63:f8:52:39:df:d6:c1:6c:4b:
58:1b:79:e4:39:8e:2a:c4:11:42:fa:8d:bd:9f:40:
32:32:3d:d2:95:94:a4:7d:72:95:0d:94:0a:c3:6b:
dd:57:14:d1:eb:87:8c:63:3e:f9:02:47:9e:f4:d1:
ca:54:65:2b:5c:fb:96:47:f1:bf:a1:3d:b3:ed:06:
48:31:fd:f0:c8:5e:97:76:6a:49:7c:84:d6:8d:d9:
22:3e:15:ae:20:0f:f4:7f:79:8d:af:2b:65:9c:28:
63:b9:d6:5c:40:53:1e:33:22:1e:a6:93:6c:bf:54:
0d:a7:58:ab:54:5d:43:46:bd:67:ea:b5:a7:7c:12:
61:7c:cd:31:90:d7:00:ca:b7:5d:f7:54:c8:9e:14:
e8:5a:55:0d:e6:fc:62:5d:96:b7:49:be:16:a5:5e:
a9:18:33:16:70:40:50:4b:da:35:6f:29:88:30:d1:
82:ec:81:c0:15:f4:0d:cc:80:23:f3:4f:c3:42:95:
c4:6f:86:1c:69:be:1a:6e:99:fa:dd:ec:4f:4e:06:
b8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:FA:97:39:26:DD:B6:CB:FB:84:25:1C:98:59:F2:8E:54:48:3A:28
X509v3 Authority Key Identifier:
keyid:66:47:DA:B6:45:51:16:96:4F:AC:00:01:2C:CC:83:17:4D:4E:46:E1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/ZkfatkVRFpZPrAABLMyDF01ORuE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/zvqXOSbdtsv7hCUcmFnyjlRIOig.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.124.48.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:89:51:e2:55:b1:60:ce:4d:79:8c:cf:aa:b5:03:c9:37:0a:
3a:ad:e4:06:3a:98:df:2a:b9:1b:80:ae:df:f9:bf:0c:6c:bf:
a6:8c:35:12:d5:ef:a4:2d:05:e0:e9:f5:31:4a:75:15:3d:a4:
fa:bd:34:b6:e7:29:40:4f:30:65:97:21:27:a5:69:31:bb:f7:
20:21:56:74:36:a4:3f:ce:dc:80:c0:6e:ef:f6:9d:ca:e2:14:
90:38:24:6e:3d:4b:d7:5f:b0:8e:a1:5d:66:9f:78:6d:4b:19:
b2:22:ab:24:d8:7f:85:a4:8b:21:98:1f:41:4d:d2:20:3e:a3:
4d:84:6e:f7:bd:13:6b:2d:bf:33:92:f3:eb:45:5b:fc:3b:26:
58:3b:d3:5f:9b:bc:04:13:e1:ba:b5:6f:cb:49:86:58:ca:7f:
76:9a:a7:d5:28:d2:83:c7:bb:55:cf:cd:02:98:22:8e:10:87:
db:3d:e1:40:5a:98:45:1d:79:ce:2e:08:f3:8d:5d:be:cb:82:
5f:21:6f:4f:37:e3:de:bf:b5:b9:ef:1a:87:32:87:90:db:c4:
b9:31:d7:2a:09:2d:8b:3b:ce:3e:aa:50:0d:58:d7:26:97:9e:
ce:7b:a7:ca:bc:a0:3e:70:3f:22:9a:0a:d7:00:d7:6f:25:77:
2a:5f:dd:b4
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICDKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjY0
N0RBQjY0NTUxMTY5NjRGQUMwMDAxMkNDQzgzMTc0RDRFNDZFMTAeFw0yNDAzMTMw
MTIyMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENFRkE5NzM5MjZEREI2
Q0JGQjg0MjUxQzk4NTlGMjhFNTQ0ODNBMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDy9UdA5WbVTendL8+EisIdJq56S+A+xy4bMj8j4lu6bOM838+7
EuCTVhFyk+bx3D2TiGP4Ujnf1sFsS1gbeeQ5jirEEUL6jb2fQDIyPdKVlKR9cpUN
lArDa91XFNHrh4xjPvkCR5700cpUZStc+5ZH8b+hPbPtBkgx/fDIXpd2akl8hNaN
2SI+Fa4gD/R/eY2vK2WcKGO51lxAUx4zIh6mk2y/VA2nWKtUXUNGvWfqtad8EmF8
zTGQ1wDKt133VMieFOhaVQ3m/GJdlrdJvhalXqkYMxZwQFBL2jVvKYgw0YLsgcAV
9A3MgCPzT8NClcRvhhxpvhpumfrd7E9OBriVAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUzvqXOSbdtsv7hCUcmFnyjlRIOigwHwYDVR0jBBgwFoAUZkfatkVRFpZPrAAB
LMyDF01ORuEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgy
My9aa2ZhdGtWUkZwWlByQUFCTE15REYwMU9SdUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1prZmF0a1ZSRnBaUHJBQUJMTXlERjAxT1J1RS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MjMvenZxWE9TYmR0c3Y3
aENVY21GbnlqbFJJT2lnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGd8MDANBgkqhkiG9w0BAQsFAAOCAQEAGolR4lWxYM5NeYzPqrUDyTcKOq3k
BjqY3yq5G4Cu3/m/DGy/pow1EtXvpC0F4On1MUp1FT2k+r00tucpQE8wZZchJ6Vp
Mbv3ICFWdDakP87cgMBu7/adyuIUkDgkbj1L11+wjqFdZp94bUsZsiKrJNh/haSL
IZgfQU3SID6jTYRu970Tay2/M5Lz60Vb/DsmWDvTX5u8BBPhurVvy0mGWMp/dpqn
1SjSg8e7Vc/NApgijhCH2z3hQFqYRR15zi4I841dvsuCXyFvTzfj3r+1ue8ahzKH
kNvEuTHXKgktizvOPqpQDVjXJpeeznunyrygPnA/IpoK1wDXbyV3Kl/dtA==
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:14:15 2025 by rpki-client