Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/KUju08L-usP_Yr1lDh5ITxKH6eQ.roa
File: KUju08L-usP_Yr1lDh5ITxKH6eQ.roa (raw, json)
Hash identifier: e7zv3No7BKZ5I9Nr1Dt9jkNIhRWV0EIS6TMFEHeZTro=
Subject key identifier: 29:48:EE:D3:C2:FE:BA:C3:FF:62:BD:65:0E:1E:48:4F:12:87:E9:E4
Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB
Certificate serial: 1BDD
Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/KUju08L-usP_Yr1lDh5ITxKH6eQ.roa
Signing time: Wed 13 Mar 2024 01:23:27 +0000
ROA not before: Wed 13 Mar 2024 01:23:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139139
IP address blocks: 103.152.186.0/24 maxlen: 24
103.152.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7133 (0x1bdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB
Validity
Not Before: Mar 13 01:23:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2948EED3C2FEBAC3FF62BD650E1E484F1287E9E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cb:47:8c:be:80:25:ea:45:91:c9:10:b2:c1:
46:f6:2e:07:54:f9:8b:b4:cb:bd:89:c1:26:ed:5e:
ce:c3:8b:1e:3d:72:bd:e7:23:cb:a1:86:50:b3:98:
ce:23:59:98:c0:c5:e2:8c:f7:78:2d:2a:29:80:4f:
bf:9f:4e:8b:ae:d2:23:05:bf:04:ff:ed:df:dc:10:
58:fb:3d:5a:d0:45:e3:b3:11:48:cd:fa:87:32:48:
f8:16:57:c4:4f:65:6d:a4:af:23:c6:11:9d:0f:70:
07:82:46:77:ba:9a:44:35:5a:6c:42:7c:55:88:32:
d4:2a:94:b1:7a:4f:de:67:79:87:d9:08:a6:fe:25:
a3:48:30:75:1c:3b:bf:93:38:83:12:c5:a7:e8:1d:
a7:9a:03:4e:d1:3e:c3:d4:4d:5c:77:54:02:fb:ac:
1c:47:e0:7a:91:cd:17:45:cb:29:27:f6:a4:cb:25:
dd:ff:83:1a:cf:5e:4b:c4:42:b6:42:00:f9:3f:f3:
2a:f4:7c:1c:e5:43:fa:0f:6a:1a:9b:f8:02:76:66:
ca:66:3e:ce:47:36:1d:35:32:fa:e6:66:e7:51:dc:
3c:cf:a9:10:2b:64:3d:e6:b6:ed:8f:9d:e2:dd:15:
10:37:d9:b8:2a:0d:59:20:cb:7e:f3:a5:69:e1:7b:
11:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:48:EE:D3:C2:FE:BA:C3:FF:62:BD:65:0E:1E:48:4F:12:87:E9:E4
X509v3 Authority Key Identifier:
keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/KUju08L-usP_Yr1lDh5ITxKH6eQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.186.0/23
Signature Algorithm: sha256WithRSAEncryption
43:9d:0f:8a:cb:de:23:c8:4c:29:b8:e7:2b:e5:7b:05:e0:15:
67:04:b4:ca:58:90:5e:e4:e2:0e:a9:e1:8e:67:c5:a6:db:f0:
92:8b:83:8a:2b:3c:ce:81:11:23:6a:1f:8a:7b:d6:46:8d:65:
8c:fe:6b:e8:15:41:7a:9f:47:c1:30:e5:5d:24:4e:43:de:61:
4d:4b:31:d4:90:f3:a0:4f:63:5b:35:6f:ca:12:95:90:90:99:
65:51:70:39:a0:2a:93:e7:a9:be:77:2b:81:8c:ec:ff:60:09:
ed:4f:d7:f5:5f:71:dd:18:26:9d:f6:6e:e9:35:a1:c2:76:87:
e0:0a:82:31:e0:23:a7:d2:b0:8e:3c:9c:c5:a9:9f:af:f1:1c:
0f:87:76:e2:b9:66:35:63:35:3a:0d:41:37:00:bf:cc:53:8a:
fb:6b:2c:45:a8:2f:c3:dd:0d:47:5f:96:5c:9e:bb:b9:e1:e9:
e2:7e:3f:0e:12:fd:2a:2c:35:50:8b:10:f3:c8:20:3f:ff:ad:
7d:3a:a0:d4:f4:80:a0:6f:52:44:7a:18:c1:af:52:71:0b:7c:
fa:2b:4f:b9:d9:e2:50:1d:27:2d:55:df:6a:bc:fb:98:83:b8:
b6:67:79:05:24:58:f3:f4:e1:4f:53:cd:92:1b:3a:bb:be:89:
c3:47:be:4b
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICG90wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy
RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNDAzMTMw
MTIzMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5NDhFRUQzQzJGRUJB
QzNGRjYyQkQ2NTBFMUU0ODRGMTI4N0U5RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1y0eMvoAl6kWRyRCywUb2LgdU+Yu0y72JwSbtXs7Dix49cr3n
I8uhhlCzmM4jWZjAxeKM93gtKimAT7+fTouu0iMFvwT/7d/cEFj7PVrQReOzEUjN
+ocySPgWV8RPZW2kryPGEZ0PcAeCRne6mkQ1WmxCfFWIMtQqlLF6T95neYfZCKb+
JaNIMHUcO7+TOIMSxafoHaeaA07RPsPUTVx3VAL7rBxH4HqRzRdFyykn9qTLJd3/
gxrPXkvEQrZCAPk/8yr0fBzlQ/oPahqb+AJ2ZspmPs5HNh01MvrmZudR3DzPqRAr
ZD3mtu2PneLdFRA32bgqDVkgy37zpWnhexFhAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUKUju08L+usP/Yr1lDh5ITxKH6eQwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J
D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4
OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvS1VqdTA4TC11c1Bf
WXIxbERoNUlUeEtINmVRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWeYujANBgkqhkiG9w0BAQsFAAOCAQEAQ50PisveI8hMKbjnK+V7BeAVZwS0
yliQXuTiDqnhjmfFptvwkouDiis8zoERI2ofinvWRo1ljP5r6BVBep9HwTDlXSRO
Q95hTUsx1JDzoE9jWzVvyhKVkJCZZVFwOaAqk+epvncrgYzs/2AJ7U/X9V9x3Rgm
nfZu6TWhwnaH4AqCMeAjp9Kwjjycxamfr/EcD4d24rlmNWM1Og1BNwC/zFOK+2ss
Ragvw90NR1+WXJ67ueHp4n4/DhL9Kiw1UIsQ88ggP/+tfTqg1PSAoG9SRHoYwa9S
cQt8+itPudniUB0nLVXfarz7mIO4tmd5BSRY8/ThT1PNkhs6u76Jw0e+Sw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:06 2025 by rpki-client