Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/hClPUnKZuAxsWwfQLw22FkUyHeM.roa
File: hClPUnKZuAxsWwfQLw22FkUyHeM.roa (raw, json)
Hash identifier: 3jlVgVH+FCbudtpl6tLV+UmB6U3EaSEXQMSz/+0UPtI=
Subject key identifier: 84:29:4F:52:72:99:B8:0C:6C:5B:07:D0:2F:0D:B6:16:45:32:1D:E3
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 195B
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/hClPUnKZuAxsWwfQLw22FkUyHeM.roa
Signing time: Fri 17 Jan 2025 01:23:49 +0000
ROA not before: Fri 17 Jan 2025 01:23:49 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 146845
IP address blocks: 103.169.50.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6491 (0x195b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jan 17 01:23:49 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=84294F527299B80C6C5B07D02F0DB61645321DE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3d:1f:92:3e:36:f9:29:1c:e3:3e:b8:83:82:
e7:9d:2b:db:04:a5:07:1f:ea:79:36:00:b7:93:5b:
48:5b:a0:7f:83:e0:95:0f:11:52:d5:e7:5e:0f:04:
13:d0:2f:e2:7e:d4:65:8a:db:50:6c:44:51:91:49:
51:92:ce:04:13:dd:48:33:e4:f2:00:06:57:2e:d4:
f6:c7:0f:9f:17:12:f8:68:e3:ed:29:eb:f6:96:20:
7f:82:1d:05:4a:83:fc:18:78:81:93:74:c5:51:e9:
66:b3:c8:f6:b9:4f:a0:99:e4:3d:6d:e0:14:d2:a4:
c5:f9:22:3c:f2:20:84:ff:dd:e2:7d:d8:bf:34:e6:
29:a8:fa:bd:5f:7d:33:11:8f:3d:a0:1d:a9:0e:7e:
88:28:e0:42:ac:ab:bb:01:02:98:2d:73:31:75:df:
5c:5e:dc:4b:5e:23:4e:36:8c:56:a2:de:29:c3:80:
02:89:70:0f:ab:c4:ce:63:d6:ff:f3:4d:d4:71:93:
56:30:1a:79:e7:13:b9:59:d0:2a:80:57:3f:7d:a6:
af:58:de:c9:be:86:cc:62:6d:c7:58:3e:74:ff:62:
02:90:9b:a7:42:b0:cb:06:83:49:da:19:b7:16:a8:
d2:3c:d1:bc:ec:81:97:92:92:b8:3c:ba:0d:14:67:
a3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:29:4F:52:72:99:B8:0C:6C:5B:07:D0:2F:0D:B6:16:45:32:1D:E3
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/hClPUnKZuAxsWwfQLw22FkUyHeM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.169.50.0/23
Signature Algorithm: sha256WithRSAEncryption
43:14:25:f2:36:98:ef:27:ea:5c:77:8d:9c:66:8d:45:a1:8d:
dd:cc:61:58:98:c0:1d:ae:55:ec:56:18:6f:ab:ab:f5:b6:ab:
d9:0e:f5:3a:21:b2:16:e7:2e:ea:76:1b:fe:55:0a:f6:d5:fe:
c1:41:6f:42:84:22:a0:6a:e1:76:6c:ed:1e:37:2c:2a:0b:35:
9b:74:0f:d4:4a:74:d1:2c:21:3f:55:16:83:c1:00:cf:55:32:
b6:25:0d:44:c6:0c:27:02:c3:17:03:27:0f:21:60:97:11:be:
a1:51:e3:92:c4:c1:d9:c5:33:97:ee:3e:96:c0:82:00:17:e5:
f4:0c:8b:d4:34:a2:1e:16:ae:28:ee:cd:93:1c:df:18:7b:47:
65:fc:40:fb:50:91:e4:b6:47:d4:f6:6d:eb:77:b3:07:7a:ce:
b1:52:98:19:05:08:f4:fa:c3:38:be:e8:27:dc:0f:73:5c:9a:
9b:35:75:85:f7:14:e1:bb:70:d5:5f:b5:22:01:07:b5:a0:84:
8a:5f:b9:d5:c8:af:bc:13:58:f6:19:b9:5e:a9:16:28:50:3e:
16:4f:4a:b2:7b:b7:cc:52:06:2a:45:1d:00:c8:29:96:1e:4e:
2c:04:4b:c2:89:0d:5c:f5:2e:f1:a6:38:d4:78:e0:58:a1:2c:
95:06:42:e7
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICGVswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTAxMTcw
MTIzNDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg0Mjk0RjUyNzI5OUI4
MEM2QzVCMDdEMDJGMERCNjE2NDUzMjFERTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7PR+SPjb5KRzjPriDguedK9sEpQcf6nk2ALeTW0hboH+D4JUP
EVLV514PBBPQL+J+1GWK21BsRFGRSVGSzgQT3Ugz5PIABlcu1PbHD58XEvho4+0p
6/aWIH+CHQVKg/wYeIGTdMVR6WazyPa5T6CZ5D1t4BTSpMX5IjzyIIT/3eJ92L80
5imo+r1ffTMRjz2gHakOfogo4EKsq7sBApgtczF131xe3EteI042jFai3inDgAKJ
cA+rxM5j1v/zTdRxk1YwGnnnE7lZ0CqAVz99pq9Y3sm+hsxibcdYPnT/YgKQm6dC
sMsGg0naGbcWqNI80bzsgZeSkrg8ug0UZ6P9AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUhClPUnKZuAxsWwfQLw22FkUyHeMwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvaENsUFVuS1p1QXhz
V3dmUUx3MjJGa1V5SGVNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWepMjANBgkqhkiG9w0BAQsFAAOCAQEAQxQl8jaY7yfqXHeNnGaNRaGN3cxh
WJjAHa5V7FYYb6ur9bar2Q71OiGyFucu6nYb/lUK9tX+wUFvQoQioGrhdmztHjcs
Kgs1m3QP1Ep00SwhP1UWg8EAz1UytiUNRMYMJwLDFwMnDyFglxG+oVHjksTB2cUz
l+4+lsCCABfl9AyL1DSiHhauKO7NkxzfGHtHZfxA+1CR5LZH1PZt63ezB3rOsVKY
GQUI9PrDOL7oJ9wPc1yamzV1hfcU4btw1V+1IgEHtaCEil+51civvBNY9hm5XqkW
KFA+Fk9Ksnu3zFIGKkUdAMgplh5OLARLwokNXPUu8aY41HjgWKEslQZC5w==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:19:31 2025 by rpki-client