Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3142/MnNcbe9O14sRk_FWeJBAQtufkHA.roa
File: MnNcbe9O14sRk_FWeJBAQtufkHA.roa (raw, json)
Hash identifier: NkbXFHqss24CBfR4KKHh2Dj1iAkwAH5ENkTqs/clmuE=
Subject key identifier: 32:73:5C:6D:EF:4E:D7:8B:11:93:F1:56:78:90:40:42:DB:9F:90:70
Certificate issuer: /CN=61A0E1E43F9C59876AA42B1F8C1AE12C21CC6EA0
Certificate serial: 04
Authority key identifier: 61:A0:E1:E4:3F:9C:59:87:6A:A4:2B:1F:8C:1A:E1:2C:21:CC:6E:A0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YaDh5D-cWYdqpCsfjBrhLCHMbqA.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3142/MnNcbe9O14sRk_FWeJBAQtufkHA.roa
Signing time: Wed 25 Sep 2024 07:27:25 +0000
ROA not before: Wed 25 Sep 2024 07:27:25 +0000
ROA not after: Thu 25 Sep 2025 07:10:27 +0000
asID: 146769
IP address blocks: 103.186.4.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61A0E1E43F9C59876AA42B1F8C1AE12C21CC6EA0
Validity
Not Before: Sep 25 07:27:25 2024 GMT
Not After : Sep 25 07:10:27 2025 GMT
Subject: CN=32735C6DEF4ED78B1193F15678904042DB9F9070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:e0:31:88:13:31:85:94:79:63:74:11:8c:dc:
83:09:0b:23:a3:22:d2:3e:1a:f5:e7:d5:3f:58:0c:
50:8f:3e:f5:4d:aa:04:bf:bf:8b:73:2f:52:42:4d:
c4:b2:5f:5a:ad:9e:2f:66:6b:23:cd:f4:dc:92:98:
cb:f9:f9:b2:13:5e:4a:24:0a:21:24:75:67:87:39:
47:68:b0:d9:e7:fe:68:71:92:55:5a:41:88:0f:28:
f1:43:81:89:25:13:8c:79:2e:a3:4b:c8:e0:ae:b3:
7d:cc:bb:4b:3b:ba:14:d9:ec:db:43:16:dc:52:d4:
e7:2f:72:d0:72:94:f4:6a:27:de:47:ee:c5:21:a2:
23:1d:24:d9:29:de:8e:76:58:7e:2c:22:11:4c:59:
7f:0a:0d:cc:c9:d8:eb:86:41:19:e2:de:1c:9f:2f:
1e:58:eb:72:10:01:90:6b:a1:27:ce:93:56:04:be:
7c:50:85:ae:8c:80:cb:f5:04:47:89:3d:f0:96:84:
31:b0:f6:b2:d9:53:72:e3:ce:81:dc:b7:62:42:33:
79:28:14:fa:9b:f5:d9:20:35:72:b0:67:ce:62:4b:
1f:eb:3a:19:de:af:35:45:60:85:83:41:99:4c:88:
d3:e4:dd:79:9e:9b:92:4c:be:e8:7a:4e:db:ef:65:
81:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:73:5C:6D:EF:4E:D7:8B:11:93:F1:56:78:90:40:42:DB:9F:90:70
X509v3 Authority Key Identifier:
keyid:61:A0:E1:E4:3F:9C:59:87:6A:A4:2B:1F:8C:1A:E1:2C:21:CC:6E:A0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3142/YaDh5D-cWYdqpCsfjBrhLCHMbqA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YaDh5D-cWYdqpCsfjBrhLCHMbqA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3142/MnNcbe9O14sRk_FWeJBAQtufkHA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.4.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:dc:ef:4b:0c:14:38:a2:9c:00:43:c4:b1:bc:2c:44:ad:5b:
60:94:19:be:77:86:fd:ea:8d:45:61:31:40:48:92:94:6c:f7:
7d:34:61:f6:6d:94:85:02:fa:d8:c8:5a:3b:31:36:0a:8a:bd:
82:89:01:fc:12:b2:f0:d4:70:6a:d1:8c:59:a2:65:d4:97:a8:
2e:35:cf:d2:84:04:ad:5c:b2:93:b7:fc:e4:37:76:c8:ce:96:
22:3c:ff:bc:72:d5:03:62:04:85:84:cf:94:c3:03:ab:17:c7:
02:3f:0d:9b:26:72:5b:e7:66:3d:a4:10:3c:fe:38:7b:e1:e0:
8f:d4:9e:fe:c9:c7:18:b2:3e:1c:e1:f4:e1:88:38:00:cb:4e:
92:dc:43:7d:62:cc:03:5b:19:c5:80:36:10:46:96:ad:06:7e:
ea:61:1f:c2:a9:58:de:20:cc:6c:23:fe:b0:26:85:98:10:1b:
74:32:0e:a9:57:10:58:e7:01:46:ad:25:c0:2b:ae:4f:0f:f0:
aa:ab:07:5f:6c:94:33:b4:c4:ee:af:dc:1d:0b:e7:3c:e0:40:
4e:ec:dd:8b:e1:81:50:31:46:84:97:f1:bb:98:1b:7c:f2:80:
ee:9c:9a:4b:11:a8:a8:b8:df:2e:e2:c2:64:80:70:6a:40:e0:
3c:12:3b:80
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2MUEw
RTFFNDNGOUM1OTg3NkFBNDJCMUY4QzFBRTEyQzIxQ0M2RUEwMB4XDTI0MDkyNTA3
MjcyNVoXDTI1MDkyNTA3MTAyN1owMzExMC8GA1UEAxMoMzI3MzVDNkRFRjRFRDc4
QjExOTNGMTU2Nzg5MDQwNDJEQjlGOTA3MDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAO/gMYgTMYWUeWN0EYzcgwkLI6Mi0j4a9efVP1gMUI8+9U2qBL+/
i3MvUkJNxLJfWq2eL2ZrI8303JKYy/n5shNeSiQKISR1Z4c5R2iw2ef+aHGSVVpB
iA8o8UOBiSUTjHkuo0vI4K6zfcy7Szu6FNns20MW3FLU5y9y0HKU9Gon3kfuxSGi
Ix0k2SnejnZYfiwiEUxZfwoNzMnY64ZBGeLeHJ8vHljrchABkGuhJ86TVgS+fFCF
royAy/UER4k98JaEMbD2stlTcuPOgdy3YkIzeSgU+pv12SA1crBnzmJLH+s6Gd6v
NUVghYNBmUyI0+TdeZ6bkky+6HpO2+9lgbsCAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBQyc1xt707XixGT8VZ4kEBC25+QcDAfBgNVHSMEGDAWgBRhoOHkP5xZh2qkKx+M
GuEsIcxuoDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMTQy
L1lhRGg1RC1jV1lkcXBDc2ZqQnJoTENITWJxQS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvWWFEaDVELWNXWWRxcENzZmpCcmhMQ0hNYnFBLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE0Mi9Nbk5jYmU5TzE0c1Jr
X0ZXZUpCQVF0dWZrSEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZ7oEMA0GCSqGSIb3DQEBCwUAA4IBAQAb3O9LDBQ4opwAQ8SxvCxErVtglBm+
d4b96o1FYTFASJKUbPd9NGH2bZSFAvrYyFo7MTYKir2CiQH8ErLw1HBq0YxZomXU
l6guNc/ShAStXLKTt/zkN3bIzpYiPP+8ctUDYgSFhM+UwwOrF8cCPw2bJnJb52Y9
pBA8/jh74eCP1J7+yccYsj4c4fThiDgAy06S3EN9YswDWxnFgDYQRpatBn7qYR/C
qVjeIMxsI/6wJoWYEBt0Mg6pVxBY5wFGrSXAK65PD/CqqwdfbJQztMTur9wdC+c8
4EBO7N2L4YFQMUaEl/G7mBt88oDunJpLEaiouN8u4sJkgHBqQOA8EjuA
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:19:34 2025 by rpki-client