Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/2iLGREyjvYMTsYArH5iFAHb40mI.roa
File: 2iLGREyjvYMTsYArH5iFAHb40mI.roa (raw, json)
Hash identifier: g3OqZtQKJQzJIzs2j19EukUSWefnq3PzOpRn7e2GmQw=
Subject key identifier: DA:22:C6:44:4C:A3:BD:83:13:B1:80:2B:1F:98:85:00:76:F8:D2:62
Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708
Certificate serial: 1CB4
Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/2iLGREyjvYMTsYArH5iFAHb40mI.roa
Signing time: Thu 02 Jan 2025 13:58:21 +0000
ROA not before: Thu 02 Jan 2025 13:58:21 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4811
IP address blocks: 14.103.64.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7348 (0x1cb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708
Validity
Not Before: Jan 2 13:58:21 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=DA22C6444CA3BD8313B1802B1F98850076F8D262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a5:51:20:bc:cd:20:63:df:03:0f:5b:94:05:
ce:5e:28:9c:1d:1c:35:65:5b:02:d8:34:58:50:6d:
c8:05:74:ba:f9:2e:eb:4e:25:8f:81:95:8d:f0:1d:
39:01:78:8a:bc:cd:0c:45:88:fe:03:0c:df:0d:45:
e4:d8:26:c5:32:36:01:e8:94:d4:7a:1d:5a:17:df:
1d:8b:0b:4b:d5:c7:79:a7:ef:92:9f:49:87:e2:c7:
8b:07:77:00:55:f4:57:25:02:87:d8:14:51:f6:b2:
62:74:d1:a0:a7:95:d7:bc:ec:67:46:f0:68:b1:42:
6f:76:aa:34:49:3e:49:8e:fb:01:60:35:8e:70:d9:
0a:c0:d7:2f:45:80:b0:93:95:ae:9e:f8:fa:2e:64:
a6:0c:d8:c5:96:b1:f4:5d:e4:11:9b:f7:28:f1:ae:
fe:3a:3f:b2:00:1c:d7:59:3c:31:b6:64:f5:02:07:
cc:4d:2e:29:ec:e6:95:18:18:93:58:99:0f:61:7a:
09:56:96:e4:e3:d0:fc:74:29:87:3b:9d:cd:67:28:
b0:43:04:9e:1c:83:e8:56:ae:2b:bb:ef:a9:1b:3e:
a2:f3:56:62:88:0a:a4:d2:c7:89:78:3a:87:25:5a:
0e:67:61:00:be:3a:fd:24:50:54:44:f4:85:f3:27:
10:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:22:C6:44:4C:A3:BD:83:13:B1:80:2B:1F:98:85:00:76:F8:D2:62
X509v3 Authority Key Identifier:
keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/2iLGREyjvYMTsYArH5iFAHb40mI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
14.103.64.0/21
Signature Algorithm: sha256WithRSAEncryption
c6:b1:4b:02:71:9e:18:82:31:80:78:bf:c2:17:45:22:91:04:
19:3e:2f:9b:18:a0:4f:48:1e:02:9b:69:56:b0:e5:c8:0d:bc:
b5:7f:d2:ae:07:c5:b4:31:9b:ec:3b:ac:16:1e:9a:8a:2c:4d:
99:83:aa:d5:ba:3d:79:58:c1:34:40:0e:71:f2:c0:e6:ac:4c:
cf:7e:40:08:e6:72:fd:6b:90:64:51:a6:12:0c:d7:9d:f6:2c:
73:fc:c1:bf:75:07:77:d6:af:69:f5:37:4c:61:d1:96:9e:3b:
f0:1a:ab:41:b2:ce:ab:ec:68:66:4a:73:a8:1e:0e:bb:0c:dd:
5f:74:00:c3:c1:2b:c5:79:9c:06:d0:36:44:7c:9d:2e:c7:91:
46:01:fe:85:49:61:43:73:4f:9c:ee:6a:41:e0:2e:4f:24:23:
ca:80:fa:fe:75:81:0a:56:5f:24:f1:15:15:10:88:64:a0:c5:
53:56:c3:cd:44:cb:e1:ae:a9:2b:7c:7e:ce:79:ed:fa:9b:67:
7d:f2:42:c4:e6:18:c3:53:f7:1c:1d:3e:59:5e:89:8e:73:1d:
5d:54:48:29:52:cc:c4:67:a1:e2:28:cb:ef:f7:87:55:ab:9f:
85:55:dc:d0:39:32:cd:a3:6a:97:3e:d0:e4:3a:75:9b:50:0c:
c7:bc:1d:04
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHLQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4
QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx
MzU4MjFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERBMjJDNjQ0NENBM0JE
ODMxM0IxODAyQjFGOTg4NTAwNzZGOEQyNjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtpVEgvM0gY98DD1uUBc5eKJwdHDVlWwLYNFhQbcgFdLr5LutO
JY+BlY3wHTkBeIq8zQxFiP4DDN8NReTYJsUyNgHolNR6HVoX3x2LC0vVx3mn75Kf
SYfix4sHdwBV9FclAofYFFH2smJ00aCnlde87GdG8GixQm92qjRJPkmO+wFgNY5w
2QrA1y9FgLCTla6e+PouZKYM2MWWsfRd5BGb9yjxrv46P7IAHNdZPDG2ZPUCB8xN
Lins5pUYGJNYmQ9heglWluTj0Px0KYc7nc1nKLBDBJ4cg+hWriu776kbPqLzVmKI
CqTSx4l4OoclWg5nYQC+Ov0kUFRE9IXzJxC7AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU2iLGREyjvYMTsYArH5iFAHb40mIwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw
dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvMmlMR1JFeWp2WU1U
c1lBckg1aUZBSGI0MG1JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAw5nQDANBgkqhkiG9w0BAQsFAAOCAQEAxrFLAnGeGIIxgHi/whdFIpEEGT4v
mxigT0geAptpVrDlyA28tX/SrgfFtDGb7DusFh6aiixNmYOq1bo9eVjBNEAOcfLA
5qxMz35ACOZy/WuQZFGmEgzXnfYsc/zBv3UHd9avafU3TGHRlp478BqrQbLOq+xo
ZkpzqB4OuwzdX3QAw8ErxXmcBtA2RHydLseRRgH+hUlhQ3NPnO5qQeAuTyQjyoD6
/nWBClZfJPEVFRCIZKDFU1bDzUTL4a6pK3x+znnt+ptnffJCxOYYw1P3HB0+WV6J
jnMdXVRIKVLMxGeh4ijL7/eHVaufhVXc0DkyzaNqlz7Q5Dp1m1AMx7wdBA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:19:59 2025 by rpki-client