Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2994/ObV1EwOf_xKxvkjyxZX3fPfjjhg.roa
File: ObV1EwOf_xKxvkjyxZX3fPfjjhg.roa (raw, json)
Hash identifier: aC/D4SGWKN5MpbX7jVbeUdllRiJHyjoSAnU78TKLKbs=
Subject key identifier: 39:B5:75:13:03:9F:FF:12:B1:BE:48:F2:C5:95:F7:7C:F7:E3:8E:18
Certificate issuer: /CN=17AC375112A562461949A3660A23C7E71C06335F
Certificate serial: 1F
Authority key identifier: 17:AC:37:51:12:A5:62:46:19:49:A3:66:0A:23:C7:E7:1C:06:33:5F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F6w3URKlYkYZSaNmCiPH5xwGM18.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/ObV1EwOf_xKxvkjyxZX3fPfjjhg.roa
Signing time: Thu 19 Sep 2024 04:20:08 +0000
ROA not before: Thu 19 Sep 2024 04:20:08 +0000
ROA not after: Sat 13 Sep 2025 09:30:43 +0000
asID: 152475
IP address blocks: 103.152.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31 (0x1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17AC375112A562461949A3660A23C7E71C06335F
Validity
Not Before: Sep 19 04:20:08 2024 GMT
Not After : Sep 13 09:30:43 2025 GMT
Subject: CN=39B57513039FFF12B1BE48F2C595F77CF7E38E18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:21:c7:fb:ba:bd:82:89:5f:6e:be:7d:4c:dd:
8e:e6:d8:1c:8a:cc:bd:b6:f5:ab:f9:11:94:87:51:
21:b2:40:bf:24:24:98:22:21:2a:0d:46:7c:0e:4d:
af:da:31:13:c8:e1:e2:f3:b8:ce:33:a3:6e:d1:bc:
f5:7c:f8:28:37:a5:8e:dd:2b:1f:89:70:62:16:9e:
1c:11:1a:f1:46:5c:9b:0e:2a:2a:ba:14:78:57:d7:
37:6a:24:6c:4c:7a:7d:a1:e2:0f:69:24:85:c2:ab:
43:e8:43:07:7d:bf:d8:d7:32:b1:58:a8:c8:70:2e:
9a:81:05:49:ac:aa:08:37:52:a7:03:c0:8f:de:24:
cf:12:96:bd:0b:70:8e:93:fe:cd:77:9d:6a:47:05:
39:19:22:ef:fb:9d:b5:4d:53:f5:10:67:e7:46:11:
08:93:a4:0c:aa:97:2c:23:c8:c2:f7:fd:ff:16:e4:
7a:ed:18:ff:e7:8a:5b:3d:f5:15:63:8b:79:99:0a:
16:7f:17:eb:89:31:82:66:5e:cb:f9:94:5d:9e:ea:
6e:6d:07:20:37:c2:74:5f:19:b7:44:d3:05:e3:b2:
28:4c:80:78:78:31:0d:4c:01:13:c7:ab:ca:87:7a:
48:dd:b0:c6:b8:78:cb:2f:33:83:89:d4:d2:6c:24:
b9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B5:75:13:03:9F:FF:12:B1:BE:48:F2:C5:95:F7:7C:F7:E3:8E:18
X509v3 Authority Key Identifier:
keyid:17:AC:37:51:12:A5:62:46:19:49:A3:66:0A:23:C7:E7:1C:06:33:5F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F6w3URKlYkYZSaNmCiPH5xwGM18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F6w3URKlYkYZSaNmCiPH5xwGM18.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/ObV1EwOf_xKxvkjyxZX3fPfjjhg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.247.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:e0:35:c3:52:ae:16:c2:1b:f7:b0:3e:2f:e7:29:e1:90:38:
d5:21:d6:57:96:98:24:3b:4a:14:ba:e2:87:b0:c7:8a:c4:08:
79:b8:71:2c:3a:39:0c:b3:e2:bd:60:e8:39:a3:7b:c4:98:c0:
fb:0f:e4:c2:63:45:d6:36:68:3d:d6:c7:70:76:64:9c:43:ba:
92:82:d5:28:a4:06:b5:37:81:1a:0e:e3:29:5e:49:0a:85:db:
ea:6a:70:4b:52:9e:45:d1:c9:e2:c9:fc:a8:6c:b5:5f:b9:cc:
a1:37:26:68:1f:5f:db:49:55:35:35:6d:ff:13:b4:86:33:64:
ec:bf:81:d5:13:33:62:75:f8:9b:e6:4a:38:a1:28:6a:d9:f2:
e2:3e:33:99:ab:ec:e3:17:77:89:de:31:f7:94:9a:2a:87:0e:
5c:3f:d4:84:49:26:6b:6a:76:7e:ba:5c:a5:46:ee:96:07:30:
12:c2:82:5e:3d:ab:5e:55:3e:7a:93:db:c4:aa:db:ce:94:c6:
da:20:29:bd:1c:7f:cb:59:22:cd:74:6b:0d:63:e2:0d:f3:0f:
c4:09:55:b6:19:f8:d9:6d:8e:f0:0c:5e:64:c8:04:26:f1:0d:
a7:c0:09:4b:6c:27:9a:d5:dc:b6:97:cf:13:89:bb:27:8c:b6:
36:61:8d:f8
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxN0FD
Mzc1MTEyQTU2MjQ2MTk0OUEzNjYwQTIzQzdFNzFDMDYzMzVGMB4XDTI0MDkxOTA0
MjAwOFoXDTI1MDkxMzA5MzA0M1owMzExMC8GA1UEAxMoMzlCNTc1MTMwMzlGRkYx
MkIxQkU0OEYyQzU5NUY3N0NGN0UzOEUxODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKQhx/u6vYKJX26+fUzdjubYHIrMvbb1q/kRlIdRIbJAvyQkmCIh
Kg1GfA5Nr9oxE8jh4vO4zjOjbtG89Xz4KDeljt0rH4lwYhaeHBEa8UZcmw4qKroU
eFfXN2okbEx6faHiD2kkhcKrQ+hDB32/2NcysVioyHAumoEFSayqCDdSpwPAj94k
zxKWvQtwjpP+zXedakcFORki7/udtU1T9RBn50YRCJOkDKqXLCPIwvf9/xbkeu0Y
/+eKWz31FWOLeZkKFn8X64kxgmZey/mUXZ7qbm0HIDfCdF8Zt0TTBeOyKEyAeHgx
DUwBE8eryod6SN2wxrh4yy8zg4nU0mwkuWkCAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBQ5tXUTA5//ErG+SPLFlfd89+OOGDAfBgNVHSMEGDAWgBQXrDdREqViRhlJo2YK
I8fnHAYzXzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yOTk0
L0Y2dzNVUktsWWtZWlNhTm1DaVBINXh3R00xOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvRjZ3M1VSS2xZa1laU2FObUNpUEg1eHdHTTE4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk5NC9PYlYxRXdPZl94S3h2
a2p5eFpYM2ZQZmpqaGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ5j3MA0GCSqGSIb3DQEBCwUAA4IBAQAf4DXDUq4Wwhv3sD4v5ynhkDjVIdZX
lpgkO0oUuuKHsMeKxAh5uHEsOjkMs+K9YOg5o3vEmMD7D+TCY0XWNmg91sdwdmSc
Q7qSgtUopAa1N4EaDuMpXkkKhdvqanBLUp5F0cniyfyobLVfucyhNyZoH1/bSVU1
NW3/E7SGM2Tsv4HVEzNidfib5ko4oShq2fLiPjOZq+zjF3eJ3jH3lJoqhw5cP9SE
SSZranZ+ulylRu6WBzASwoJePateVT56k9vEqtvOlMbaICm9HH/LWSLNdGsNY+IN
8w/ECVW2GfjZbY7wDF5kyAQm8Q2nwAlLbCea1dy2l88TibsnjLY2YY34
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:21:23 2025 by rpki-client