Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/ZU9LEfdkz_ai2UlyXANueDI1OgU.roa
File: ZU9LEfdkz_ai2UlyXANueDI1OgU.roa (raw, json)
Hash identifier: 10Nds2ZZb3+nVop90gK3sKg4ABGYNC+bvs2aqxObyC0=
Subject key identifier: 65:4F:4B:11:F7:64:CF:F6:A2:D9:49:72:5C:03:6E:78:32:35:3A:05
Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98
Certificate serial: 095F
Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/ZU9LEfdkz_ai2UlyXANueDI1OgU.roa
Signing time: Mon 20 Jan 2025 01:30:15 +0000
ROA not before: Mon 20 Jan 2025 01:30:15 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 37968
IP address blocks: 103.2.164.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2399 (0x95f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98
Validity
Not Before: Jan 20 01:30:15 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=654F4B11F764CFF6A2D949725C036E7832353A05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9e:68:fc:97:77:6a:82:f2:b6:a5:2f:e1:d2:
da:aa:3d:3c:e5:29:ae:62:ca:b2:05:3f:7a:39:00:
a9:f2:19:b5:64:37:fc:a2:ae:20:5a:b1:fd:ea:9f:
ae:89:6f:a4:77:8e:9f:85:66:cd:36:09:d8:0c:26:
46:ed:ec:45:68:74:ec:ff:a3:a7:1d:aa:a6:5e:fe:
39:85:36:96:c0:06:9c:a5:ad:61:d8:d6:52:98:5d:
c3:4b:76:1d:2b:00:40:5a:62:16:58:77:ee:fc:fb:
a0:3a:59:79:34:3f:12:8a:fd:fa:f6:3b:92:dc:17:
a4:67:55:a3:58:f2:a6:6e:f9:fb:c4:99:a7:81:87:
d0:82:c5:86:43:bd:4d:51:50:07:e5:1f:a6:fa:50:
cd:62:c0:ca:16:d8:22:e0:94:9c:5f:fb:69:d8:10:
0d:0c:22:b7:ee:9d:cf:76:58:0f:55:ed:3e:9e:34:
41:55:bf:be:d4:62:ce:f6:eb:c2:b7:68:b4:a5:6e:
78:48:a8:e3:93:fa:49:95:7e:55:55:91:8f:09:f5:
c1:ff:f2:18:bc:c7:01:21:4b:d7:cc:dd:2e:95:c1:
33:81:5d:aa:9c:8f:af:5b:f1:c3:d6:53:01:7a:40:
6e:a9:04:e4:cf:94:fe:07:d8:86:04:d6:91:75:fd:
51:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4F:4B:11:F7:64:CF:F6:A2:D9:49:72:5C:03:6E:78:32:35:3A:05
X509v3 Authority Key Identifier:
keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/ZU9LEfdkz_ai2UlyXANueDI1OgU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.2.164.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:c5:e8:41:27:64:38:d5:dc:17:06:f6:3b:2a:bd:3e:93:4f:
84:bb:f1:3d:c8:38:72:3f:25:fe:dc:af:87:c9:25:f3:5b:4d:
9d:5e:5f:76:9b:3c:b9:48:b9:26:09:6b:c6:a1:b0:d5:45:2e:
e3:e6:0e:1b:ea:84:6c:a7:d6:c5:19:5c:8b:f1:ce:a9:45:c8:
ae:43:e9:cd:8e:38:a7:be:bf:6b:59:f6:d8:71:e0:d1:6b:62:
78:30:69:a3:a4:e1:e3:b4:b8:cf:99:cd:ab:8e:1f:fb:a8:f0:
12:00:b4:04:55:d3:1b:a7:d5:de:5f:28:6b:74:ab:35:5b:89:
ed:95:a5:2e:0d:b8:8c:4e:ec:3e:f2:cb:62:0b:6c:dd:69:ca:
82:ed:2b:30:67:3a:71:e8:6b:6a:c1:5d:87:b9:39:29:a5:ff:
a9:6b:36:28:d0:cf:57:25:c3:0e:fd:51:a7:ec:9d:b8:0d:27:
dc:ba:db:b0:d2:9f:02:db:6d:a8:19:29:44:48:48:c4:ee:9c:
39:14:4b:0a:9e:5c:2d:20:9d:93:33:64:35:66:6a:c7:29:f2:
d9:d4:e2:f5:8f:52:96:02:3f:8e:95:0c:01:98:3a:3b:de:aa:
d0:39:57:ff:1a:87:31:4d:f8:48:01:2d:d5:0e:af:e5:8e:31:
f3:97:50:00
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCV8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix
NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNTAxMjAw
MTMwMTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY1NEY0QjExRjc2NENG
RjZBMkQ5NDk3MjVDMDM2RTc4MzIzNTNBMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1nmj8l3dqgvK2pS/h0tqqPTzlKa5iyrIFP3o5AKnyGbVkN/yi
riBasf3qn66Jb6R3jp+FZs02CdgMJkbt7EVodOz/o6cdqqZe/jmFNpbABpylrWHY
1lKYXcNLdh0rAEBaYhZYd+78+6A6WXk0PxKK/fr2O5LcF6RnVaNY8qZu+fvEmaeB
h9CCxYZDvU1RUAflH6b6UM1iwMoW2CLglJxf+2nYEA0MIrfunc92WA9V7T6eNEFV
v77UYs7268K3aLSlbnhIqOOT+kmVflVVkY8J9cH/8hi8xwEhS9fM3S6VwTOBXaqc
j69b8cPWUwF6QG6pBOTPlP4H2IYE1pF1/VEvAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUZU9LEfdkz/ai2UlyXANueDI1OgUwHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b
3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvWlU5TEVmZGt6X2Fp
MlVseVhBTnVlREkxT2dVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmcCpDANBgkqhkiG9w0BAQsFAAOCAQEATMXoQSdkONXcFwb2Oyq9PpNPhLvx
Pcg4cj8l/tyvh8kl81tNnV5fdps8uUi5JglrxqGw1UUu4+YOG+qEbKfWxRlci/HO
qUXIrkPpzY44p76/a1n22HHg0WtieDBpo6Th47S4z5nNq44f+6jwEgC0BFXTG6fV
3l8oa3SrNVuJ7ZWlLg24jE7sPvLLYgts3WnKgu0rMGc6cehrasFdh7k5KaX/qWs2
KNDPVyXDDv1Rp+yduA0n3LrbsNKfAtttqBkpREhIxO6cORRLCp5cLSCdkzNkNWZq
xyny2dTi9Y9SlgI/jpUMAZg6O96q0DlX/xqHMU34SAEt1Q6v5Y4x85dQAA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:39 2025 by rpki-client