Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3146/0fXJo1rcoxJDjhy3_tVNe7i9Y50.roa
File: 0fXJo1rcoxJDjhy3_tVNe7i9Y50.roa (raw, json)
Hash identifier: jd4G6vfHytC8UydwqzV5b9djquOfEhtTgQQlToWZvfI=
Subject key identifier: D1:F5:C9:A3:5A:DC:A3:12:43:8E:1C:B7:FE:D5:4D:7B:B8:BD:63:9D
Certificate issuer: /CN=5F478F43F0AF8FEACCB81EDC7A9C76143180C9AB
Certificate serial: 2E93
Authority key identifier: 5F:47:8F:43:F0:AF:8F:EA:CC:B8:1E:DC:7A:9C:76:14:31:80:C9:AB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/X0ePQ_Cvj-rMuB7cepx2FDGAyas.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3146/0fXJo1rcoxJDjhy3_tVNe7i9Y50.roa
Signing time: Fri 17 Jan 2025 01:26:08 +0000
ROA not before: Fri 17 Jan 2025 01:26:08 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 151492
IP address blocks: 103.186.136.0/24 maxlen: 24
103.186.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11923 (0x2e93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5F478F43F0AF8FEACCB81EDC7A9C76143180C9AB
Validity
Not Before: Jan 17 01:26:08 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D1F5C9A35ADCA312438E1CB7FED54D7BB8BD639D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cf:80:9d:df:16:fe:e5:61:8f:d7:b4:77:f3:
f7:9c:a3:c2:3f:98:f3:fd:a4:57:2a:4d:e4:76:30:
27:2d:cf:63:12:20:d2:a1:69:f2:5e:2b:ad:3f:b1:
fe:ad:2c:bb:7b:e4:08:c7:f5:21:b6:27:6a:15:00:
69:b5:56:8a:e9:98:06:4d:76:9c:f3:0d:a5:43:3f:
82:ec:3e:8c:d0:bc:27:19:74:a6:52:21:ba:fa:2c:
a6:32:b5:65:bd:e5:76:13:77:43:b1:23:37:ab:2c:
4b:5c:ad:2d:2a:20:3c:86:74:8a:6e:48:a2:b6:12:
b4:ca:b9:20:fa:fb:b7:15:03:6c:75:2a:fd:e2:91:
17:16:b4:6c:3c:f2:54:5e:3d:f9:2f:54:93:41:2e:
87:55:a7:45:0a:ba:66:9c:be:9e:8a:e6:45:5c:c3:
04:65:29:13:0c:7b:56:d1:4c:aa:28:65:5e:11:c9:
a7:c5:ad:06:fe:8c:0a:2a:31:9e:c8:46:47:63:61:
1d:b0:b5:c2:08:7a:48:aa:65:45:74:2d:1e:82:91:
c8:42:3b:8b:5e:87:a1:1e:2a:06:e4:a0:80:42:e3:
38:02:df:b0:16:4d:87:9d:26:17:17:f5:d9:67:d7:
4d:fe:12:fd:90:b0:16:cc:82:4e:52:a7:0b:e9:a3:
e4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F5:C9:A3:5A:DC:A3:12:43:8E:1C:B7:FE:D5:4D:7B:B8:BD:63:9D
X509v3 Authority Key Identifier:
keyid:5F:47:8F:43:F0:AF:8F:EA:CC:B8:1E:DC:7A:9C:76:14:31:80:C9:AB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3146/X0ePQ_Cvj-rMuB7cepx2FDGAyas.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/X0ePQ_Cvj-rMuB7cepx2FDGAyas.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3146/0fXJo1rcoxJDjhy3_tVNe7i9Y50.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.136.0/23
Signature Algorithm: sha256WithRSAEncryption
81:50:23:0e:88:37:d0:37:03:a4:e2:96:94:2a:a1:ab:5a:b5:
27:b2:be:4f:83:89:2e:a7:32:15:8e:df:49:7e:9b:57:c4:3d:
db:cd:e8:11:0f:50:84:d6:81:e4:2c:37:07:93:5f:ec:f4:4d:
34:bb:02:91:f0:1e:bc:84:62:56:a5:ef:a9:07:e8:b6:c1:64:
65:e8:51:e2:cf:91:cf:7d:c4:6b:5e:30:2b:09:c2:49:b8:68:
f2:72:4a:43:72:92:22:8a:5c:b5:bd:e8:c7:ca:2f:2a:84:26:
37:59:63:21:f3:07:1e:54:6d:55:0d:8c:c7:a2:3f:d7:1e:51:
d2:fc:a6:6c:cb:8c:4a:83:e6:09:d2:04:6f:e5:89:25:65:12:
f0:6f:1e:fe:35:00:f1:ef:9f:04:a8:41:bc:4d:92:25:cf:e8:
f2:ef:ad:6c:ed:31:58:ca:59:fb:7f:a8:89:d3:32:4c:62:55:
69:97:db:5d:f6:ed:a0:20:66:bb:f7:12:ac:96:b5:93:e2:c9:
35:b0:e0:cb:c3:a9:a9:ed:81:68:cd:ad:38:48:d7:0d:74:57:
63:04:db:a0:09:11:2f:51:43:12:ef:d4:b1:03:08:76:c6:5c:
8d:b4:22:59:9b:3c:98:f8:0a:a5:e7:b6:7e:9a:bc:85:81:b6:
f3:37:fe:9d
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICLpMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUY0
NzhGNDNGMEFGOEZFQUNDQjgxRURDN0E5Qzc2MTQzMTgwQzlBQjAeFw0yNTAxMTcw
MTI2MDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQxRjVDOUEzNUFEQ0Ez
MTI0MzhFMUNCN0ZFRDU0RDdCQjhCRDYzOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+z4Cd3xb+5WGP17R38/eco8I/mPP9pFcqTeR2MCctz2MSINKh
afJeK60/sf6tLLt75AjH9SG2J2oVAGm1VorpmAZNdpzzDaVDP4LsPozQvCcZdKZS
Ibr6LKYytWW95XYTd0OxIzerLEtcrS0qIDyGdIpuSKK2ErTKuSD6+7cVA2x1Kv3i
kRcWtGw88lRePfkvVJNBLodVp0UKumacvp6K5kVcwwRlKRMMe1bRTKooZV4RyafF
rQb+jAoqMZ7IRkdjYR2wtcIIekiqZUV0LR6CkchCO4teh6EeKgbkoIBC4zgC37AW
TYedJhcX9dln103+Ev2QsBbMgk5Spwvpo+T5AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU0fXJo1rcoxJDjhy3/tVNe7i9Y50wHwYDVR0jBBgwFoAUX0ePQ/Cvj+rMuB7c
epx2FDGAyaswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE0
Ni9YMGVQUV9Ddmotck11QjdjZXB4MkZER0F5YXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1gwZVBRX0N2ai1yTXVCN2NlcHgyRkRHQXlhcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNDYvMGZYSm8xcmNveEpE
amh5M190Vk5lN2k5WTUwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWe6iDANBgkqhkiG9w0BAQsFAAOCAQEAgVAjDog30DcDpOKWlCqhq1q1J7K+
T4OJLqcyFY7fSX6bV8Q9283oEQ9QhNaB5Cw3B5Nf7PRNNLsCkfAevIRiVqXvqQfo
tsFkZehR4s+Rz33Ea14wKwnCSbho8nJKQ3KSIopctb3ox8ovKoQmN1ljIfMHHlRt
VQ2Mx6I/1x5R0vymbMuMSoPmCdIEb+WJJWUS8G8e/jUA8e+fBKhBvE2SJc/o8u+t
bO0xWMpZ+3+oidMyTGJVaZfbXfbtoCBmu/cSrJa1k+LJNbDgy8Opqe2BaM2tOEjX
DXRXYwTboAkRL1FDEu/UsQMIdsZcjbQiWZs8mPgKpee2fpq8hYG28zf+nQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:24 2025 by rpki-client