Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/qp6Gf54HwcpxFNxE1V9IBQ1uTCc.roa
File: qp6Gf54HwcpxFNxE1V9IBQ1uTCc.roa (raw, json)
Hash identifier: +54+lOciLvOJSyFmNOuvRxquzUIP39hKyQLnLEeQ6lA=
Subject key identifier: AA:9E:86:7F:9E:07:C1:CA:71:14:DC:44:D5:5F:48:05:0D:6E:4C:27
Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB
Certificate serial: 21DC
Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/qp6Gf54HwcpxFNxE1V9IBQ1uTCc.roa
Signing time: Fri 17 Jan 2025 01:28:44 +0000
ROA not before: Fri 17 Jan 2025 01:28:44 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4538
IP address blocks: 103.152.186.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8668 (0x21dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB
Validity
Not Before: Jan 17 01:28:44 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=AA9E867F9E07C1CA7114DC44D55F48050D6E4C27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:80:9d:5e:32:0b:0f:a8:65:83:65:af:d2:82:
e1:e2:79:40:7c:30:67:83:6e:92:98:a3:46:dd:fb:
ab:6a:e7:f7:ae:68:32:b4:e9:cb:93:65:41:b0:38:
ea:cc:da:dc:4f:f7:1c:61:1b:87:53:4d:f0:28:aa:
1c:46:02:e6:7a:68:44:c7:89:59:57:95:6b:53:fb:
69:ed:f4:c6:13:e5:f9:e4:be:e5:55:1a:eb:ea:5d:
5e:60:b9:f6:d7:42:c2:5b:b1:8c:74:40:59:ea:17:
99:30:4d:ae:9e:f1:4c:8b:73:b1:79:a3:ff:44:f2:
9c:e2:e0:bc:cd:fa:f5:6c:5c:47:e7:12:f1:a8:05:
11:f4:91:a4:a0:ae:fe:cf:5b:17:ae:22:69:da:58:
c4:19:bd:6d:b9:5f:1b:45:cb:1b:ab:90:6c:e7:86:
15:9b:83:be:0b:3c:a6:ec:cc:65:a0:e0:0a:f9:b7:
c6:81:9c:2b:a8:66:ee:8e:7b:81:25:f0:cb:da:51:
d1:a2:c4:b3:4c:a0:83:f3:c9:75:c2:fa:62:75:db:
c8:79:ce:f7:36:98:02:50:b9:4c:99:b9:14:d9:9c:
de:4a:82:f4:0a:08:20:5c:3f:0f:a4:99:aa:17:93:
cb:01:29:44:d8:2c:8d:8e:0d:88:d2:8a:b1:b7:8d:
e3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:9E:86:7F:9E:07:C1:CA:71:14:DC:44:D5:5F:48:05:0D:6E:4C:27
X509v3 Authority Key Identifier:
keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/qp6Gf54HwcpxFNxE1V9IBQ1uTCc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.186.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:bd:46:63:22:88:e6:34:22:cd:48:cf:9b:eb:89:6c:5b:06:
4a:a5:15:5c:92:e5:60:ac:df:4b:79:2a:11:5c:76:66:40:9b:
ff:20:fe:70:1c:90:7b:ca:0f:44:f9:bb:3c:7a:c6:bd:f4:93:
65:11:0f:0c:65:cf:fd:e4:94:46:14:76:3e:e5:0c:2a:11:96:
d2:11:a7:8c:42:8b:43:bb:5a:36:0a:12:63:80:54:81:14:1d:
2c:27:1e:b6:e2:bb:53:43:e3:4b:d3:08:2c:0c:d7:c5:1e:fe:
e2:78:62:14:40:32:14:4c:f3:53:16:76:80:94:f5:04:ea:90:
27:87:f8:a0:b6:67:ff:80:9b:ac:c4:84:a2:aa:90:08:28:cd:
86:a2:89:aa:a0:6c:63:5a:ea:ea:0d:15:f7:2f:17:c9:e0:69:
fd:c5:24:7d:da:74:07:36:1e:7f:e2:8e:98:97:a5:24:f6:40:
29:28:6b:64:f6:be:34:d7:c8:b3:50:04:1c:02:71:d4:d7:b4:
c3:07:8f:8c:95:96:2e:3a:e0:26:a1:48:1f:f6:95:6f:94:b7:
9e:49:3c:e8:ba:09:aa:03:1e:96:e2:9a:5c:e1:4e:95:76:d4:
02:16:11:1e:92:b5:f9:f2:c0:5a:7d:b0:e2:41:1a:78:66:a7:
85:0c:7c:61
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICIdwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy
RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNTAxMTcw
MTI4NDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEFBOUU4NjdGOUUwN0Mx
Q0E3MTE0REM0NEQ1NUY0ODA1MEQ2RTRDMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDegJ1eMgsPqGWDZa/SguHieUB8MGeDbpKYo0bd+6tq5/euaDK0
6cuTZUGwOOrM2txP9xxhG4dTTfAoqhxGAuZ6aETHiVlXlWtT+2nt9MYT5fnkvuVV
GuvqXV5gufbXQsJbsYx0QFnqF5kwTa6e8UyLc7F5o/9E8pzi4LzN+vVsXEfnEvGo
BRH0kaSgrv7PWxeuImnaWMQZvW25XxtFyxurkGznhhWbg74LPKbszGWg4Ar5t8aB
nCuoZu6Oe4El8MvaUdGixLNMoIPzyXXC+mJ128h5zvc2mAJQuUyZuRTZnN5KgvQK
CCBcPw+kmaoXk8sBKUTYLI2ODYjSirG3jeO7AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUqp6Gf54HwcpxFNxE1V9IBQ1uTCcwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J
D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4
OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvcXA2R2Y1NEh3Y3B4
Rk54RTFWOUlCUTF1VENjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWeYujANBgkqhkiG9w0BAQsFAAOCAQEAPL1GYyKI5jQizUjPm+uJbFsGSqUV
XJLlYKzfS3kqEVx2ZkCb/yD+cByQe8oPRPm7PHrGvfSTZREPDGXP/eSURhR2PuUM
KhGW0hGnjEKLQ7taNgoSY4BUgRQdLCcetuK7U0PjS9MILAzXxR7+4nhiFEAyFEzz
UxZ2gJT1BOqQJ4f4oLZn/4CbrMSEoqqQCCjNhqKJqqBsY1rq6g0V9y8XyeBp/cUk
fdp0BzYef+KOmJelJPZAKShrZPa+NNfIs1AEHAJx1Ne0wwePjJWWLjrgJqFIH/aV
b5S3nkk86LoJqgMeluKaXOFOlXbUAhYRHpK1+fLAWn2w4kEaeGanhQx8YQ==
-----END CERTIFICATE-----
Generated at Fri Apr 11 15:57:27 2025 by rpki-client