Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/mn_61Uh0dg5m8R77lzKSAlYF91o.roa
File: mn_61Uh0dg5m8R77lzKSAlYF91o.roa (raw, json)
Hash identifier: 3ltxYACGJn82Squrtq08gjCr8hy92b30+efZms5okys=
Subject key identifier: 9A:7F:FA:D5:48:74:76:0E:66:F1:1E:FB:97:32:92:02:56:05:F7:5A
Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB
Certificate serial: 21DE
Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/mn_61Uh0dg5m8R77lzKSAlYF91o.roa
Signing time: Fri 17 Jan 2025 01:28:45 +0000
ROA not before: Fri 17 Jan 2025 01:28:45 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139139
IP address blocks: 103.152.186.0/24 maxlen: 24
103.152.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8670 (0x21de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB
Validity
Not Before: Jan 17 01:28:45 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=9A7FFAD54874760E66F11EFB973292025605F75A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ae:04:d5:a9:b2:d9:bb:d0:34:20:89:64:5b:
36:f4:ff:e9:5e:2f:87:4f:e3:51:f2:ad:20:60:42:
f3:de:a4:d7:1a:b3:81:c8:b3:b1:42:55:1b:6e:eb:
a1:1d:55:e9:e4:52:75:43:1e:0d:02:db:02:8c:20:
18:ac:c7:07:5e:1c:c4:23:7d:ea:95:5e:2f:24:c7:
a5:24:f1:20:08:76:21:69:9f:2b:0b:f4:3e:40:09:
30:f7:65:58:5d:1e:8c:70:e1:fc:98:4b:09:b1:1f:
07:19:fb:e8:a8:02:12:9b:fa:26:8e:8d:b7:f3:f1:
7e:47:7b:80:97:8e:7e:73:a4:7b:56:a9:62:99:ba:
ec:10:86:b0:81:7a:2c:03:5a:4c:de:c6:87:cb:ae:
85:d7:50:66:0e:3b:29:52:68:0a:0f:37:95:8a:07:
21:84:6c:04:19:05:e6:a9:0e:3b:f3:20:6e:1d:9b:
46:ae:83:f3:13:1c:6b:c7:de:59:e6:89:ff:03:04:
21:7c:75:69:b7:47:63:5d:b9:09:76:32:5d:fb:05:
21:d4:f0:06:ed:91:72:f8:b8:69:84:9c:ca:9b:64:
07:fe:d1:2d:76:65:64:d8:e3:34:d9:93:86:0b:9a:
89:80:03:3a:40:e9:20:f4:94:79:3f:e0:8f:8c:3a:
b2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:7F:FA:D5:48:74:76:0E:66:F1:1E:FB:97:32:92:02:56:05:F7:5A
X509v3 Authority Key Identifier:
keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/mn_61Uh0dg5m8R77lzKSAlYF91o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.186.0/23
Signature Algorithm: sha256WithRSAEncryption
08:ce:07:3d:42:c8:65:f3:c0:12:a6:e8:ba:f8:69:96:53:94:
d8:e1:d3:ac:b8:50:8d:d3:0a:df:54:69:0e:15:9a:ad:28:c9:
88:d3:a2:b4:c1:69:28:f5:a2:10:57:2e:1f:7b:45:d3:fe:f6:
de:97:15:db:70:8f:80:e0:69:63:20:d1:34:7e:5a:19:03:92:
e9:00:3f:5e:71:36:45:af:90:3d:57:26:98:c1:08:d4:38:7d:
df:84:25:7a:1e:82:25:21:53:60:aa:76:08:c8:15:c1:ee:36:
6c:60:b2:92:8c:c9:b9:f2:84:f0:73:e8:82:1e:8c:d0:f7:3e:
09:92:c6:a5:34:9b:46:e8:79:03:5f:b8:8d:4c:0a:62:f0:22:
82:6e:1e:ab:41:5d:d7:a7:51:3b:70:e6:08:71:dc:d4:b3:cc:
bf:47:1f:3b:39:d1:5e:29:8a:fa:39:c5:56:68:d1:70:b2:2f:
94:80:e4:2c:51:51:1f:5a:4d:78:1f:de:8a:2d:11:51:fa:75:
77:5b:1e:86:4d:1d:f4:e3:e0:dd:8c:28:f8:26:0b:9a:c4:42:
40:7c:5d:d4:ed:c7:f2:35:58:bf:33:79:50:d8:58:7c:79:bd:
89:4b:a7:1d:cc:ce:56:b0:03:6a:f9:23:2d:f2:a4:d8:81:e4:
f7:77:a5:c7
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICId4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy
RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNTAxMTcw
MTI4NDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlBN0ZGQUQ1NDg3NDc2
MEU2NkYxMUVGQjk3MzI5MjAyNTYwNUY3NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfrgTVqbLZu9A0IIlkWzb0/+leL4dP41HyrSBgQvPepNcas4HI
s7FCVRtu66EdVenkUnVDHg0C2wKMIBisxwdeHMQjfeqVXi8kx6Uk8SAIdiFpnysL
9D5ACTD3ZVhdHoxw4fyYSwmxHwcZ++ioAhKb+iaOjbfz8X5He4CXjn5zpHtWqWKZ
uuwQhrCBeiwDWkzexofLroXXUGYOOylSaAoPN5WKByGEbAQZBeapDjvzIG4dm0au
g/MTHGvH3lnmif8DBCF8dWm3R2NduQl2Ml37BSHU8AbtkXL4uGmEnMqbZAf+0S12
ZWTY4zTZk4YLmomAAzpA6SD0lHk/4I+MOrLfAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUmn/61Uh0dg5m8R77lzKSAlYF91owHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J
D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4
OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvbW5fNjFVaDBkZzVt
OFI3N2x6S1NBbFlGOTFvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWeYujANBgkqhkiG9w0BAQsFAAOCAQEACM4HPULIZfPAEqbouvhpllOU2OHT
rLhQjdMK31RpDhWarSjJiNOitMFpKPWiEFcuH3tF0/723pcV23CPgOBpYyDRNH5a
GQOS6QA/XnE2Ra+QPVcmmMEI1Dh934Qleh6CJSFTYKp2CMgVwe42bGCykozJufKE
8HPogh6M0Pc+CZLGpTSbRuh5A1+4jUwKYvAigm4eq0Fd16dRO3DmCHHc1LPMv0cf
OznRXimK+jnFVmjRcLIvlIDkLFFRH1pNeB/eii0RUfp1d1sehk0d9OPg3Ywo+CYL
msRCQHxd1O3H8jVYvzN5UNhYfHm9iUunHczOVrADavkjLfKk2IHk93elxw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:40 2025 by rpki-client