Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/uLl9tf16e7y8aZ3U5ALhXolfrZQ.roa
File: uLl9tf16e7y8aZ3U5ALhXolfrZQ.roa (raw, json)
Hash identifier: c+U9W5b5DtFUAJJHBPcxrLMu67ozyjfFmii0yG6Otq8=
Subject key identifier: B8:B9:7D:B5:FD:7A:7B:BC:BC:69:9D:D4:E4:02:E1:5E:89:5F:AD:94
Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Certificate serial: 1730
Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/uLl9tf16e7y8aZ3U5ALhXolfrZQ.roa
Signing time: Fri 24 May 2024 02:25:28 +0000
ROA not before: Fri 24 May 2024 02:25:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139021
IP address blocks: 103.139.0.0/23 maxlen: 23
218.247.84.0/23 maxlen: 23
218.247.86.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5936 (0x1730)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Validity
Not Before: May 24 02:25:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B8B97DB5FD7A7BBCBC699DD4E402E15E895FAD94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:60:fb:df:38:2d:f9:b2:2d:e4:87:39:1c:26:
79:12:6f:fe:da:f5:26:a4:5c:30:63:cd:5c:47:58:
2c:03:de:5b:02:b6:59:73:5b:e0:63:6a:e5:7f:fd:
0d:04:b3:ec:16:c4:29:0f:cf:34:d1:b2:e4:88:db:
e6:b0:60:c5:b2:0e:2f:d6:01:93:71:e9:a9:ae:99:
8d:d1:7c:e6:00:3d:8b:15:18:ca:63:71:19:a3:b1:
8c:2d:80:58:89:15:4a:e5:a4:48:3b:46:9e:be:1e:
c4:ef:ac:fd:10:44:56:4d:c1:e7:b3:8a:23:74:91:
c1:42:01:1a:2f:87:40:97:b7:06:75:b7:c3:bd:22:
8e:22:d2:21:18:57:28:07:91:ea:16:52:d9:0e:f9:
00:3c:13:fd:8f:f9:f2:f4:e7:4c:ef:51:0c:69:98:
79:f7:93:8a:f1:05:6e:bb:b3:51:34:da:0e:5a:cc:
b5:2e:14:32:f3:b6:8e:37:38:81:f6:4b:2b:b5:49:
d6:51:04:a3:4c:30:f4:1e:22:cc:80:ed:20:ad:ed:
1b:62:9d:61:7d:ee:a5:5d:1c:3b:ff:0f:df:77:9f:
ef:37:fe:6c:73:84:02:ea:52:f8:78:11:e2:b1:c0:
19:f3:c4:35:fe:08:a8:d6:36:bf:68:6e:a4:94:9d:
2d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B9:7D:B5:FD:7A:7B:BC:BC:69:9D:D4:E4:02:E1:5E:89:5F:AD:94
X509v3 Authority Key Identifier:
keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/uLl9tf16e7y8aZ3U5ALhXolfrZQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.0.0/23
218.247.84.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:a3:30:4b:08:26:14:ec:c2:02:99:b2:aa:ab:5e:50:6a:5c:
0a:9e:bd:e5:78:bf:24:0c:ee:69:64:5d:17:24:a8:20:cb:10:
88:4b:fb:b7:6f:9c:d9:77:21:db:78:32:e7:49:b3:51:6a:ca:
47:cc:1d:ba:4d:3e:92:4c:7c:29:c0:2c:ca:46:ff:c3:85:6e:
11:b7:e3:c5:ac:b1:c2:6f:ff:af:44:58:a2:a1:9a:0a:6c:7d:
7d:26:ec:7a:ed:d6:57:fe:37:fa:ed:f5:f2:c9:0f:04:7a:e0:
07:44:99:29:21:c9:87:b0:1a:37:d4:1a:76:62:e6:ea:be:59:
d5:ff:fe:21:23:8d:39:ba:14:76:62:8f:16:e4:03:0c:c2:c0:
b4:86:23:4b:30:97:7c:0f:85:44:e7:c2:97:24:5d:18:c5:55:
18:b6:cd:ad:5f:33:4d:be:79:7e:08:a6:bc:1e:2c:9c:35:8b:
13:37:a6:ee:9d:2d:c0:61:02:b1:3b:b3:b7:86:22:6a:b6:34:
87:8b:91:17:0d:f3:de:91:c9:67:35:d9:b9:77:a9:c1:92:79:
20:a9:ac:84:30:03:60:91:9f:72:98:33:d4:26:52:30:00:4a:
13:9b:50:f2:80:fe:f8:de:02:c5:f7:67:a9:81:df:5b:d3:20:
dc:db:92:73
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICFzAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz
QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNDA1MjQw
MjI1MjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI4Qjk3REI1RkQ3QTdC
QkNCQzY5OURENEU0MDJFMTVFODk1RkFEOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzYPvfOC35si3khzkcJnkSb/7a9SakXDBjzVxHWCwD3lsCtllz
W+BjauV//Q0Es+wWxCkPzzTRsuSI2+awYMWyDi/WAZNx6amumY3RfOYAPYsVGMpj
cRmjsYwtgFiJFUrlpEg7Rp6+HsTvrP0QRFZNweeziiN0kcFCARovh0CXtwZ1t8O9
Io4i0iEYVygHkeoWUtkO+QA8E/2P+fL050zvUQxpmHn3k4rxBW67s1E02g5azLUu
FDLzto43OIH2Syu1SdZRBKNMMPQeIsyA7SCt7RtinWF97qVdHDv/D993n+83/mxz
hALqUvh4EeKxwBnzxDX+CKjWNr9obqSUnS1VAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUuLl9tf16e7y8aZ3U5ALhXolfrZQwHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A
r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4
OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvdUxsOXRmMTZlN3k4
YVozVTVBTGhYb2xmclpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAWeLAAMEAtr3VDANBgkqhkiG9w0BAQsFAAOCAQEAnKMwSwgmFOzCApmyqqte
UGpcCp695Xi/JAzuaWRdFySoIMsQiEv7t2+c2Xch23gy50mzUWrKR8wduk0+kkx8
KcAsykb/w4VuEbfjxayxwm//r0RYoqGaCmx9fSbseu3WV/43+u318skPBHrgB0SZ
KSHJh7AaN9QadmLm6r5Z1f/+ISONOboUdmKPFuQDDMLAtIYjSzCXfA+FROfClyRd
GMVVGLbNrV8zTb55fgimvB4snDWLEzem7p0twGECsTuzt4YiarY0h4uRFw3z3pHJ
ZzXZuXepwZJ5IKmshDADYJGfcpgz1CZSMABKE5tQ8oD++N4CxfdnqYHfW9Mg3NuS
cw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:07 2025 by rpki-client