Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/-4qmH61j6Zju3phhid_i9jyapKI.roa
File: -4qmH61j6Zju3phhid_i9jyapKI.roa (raw, json)
Hash identifier: xDkQq6dFOqwZVFPKt1UlfZ6F+84XEWmSDyAzlkiymlc=
Subject key identifier: FB:8A:A6:1F:AD:63:E9:98:EE:DE:98:61:89:DF:E2:F6:3C:9A:A4:A2
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 14FB
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/-4qmH61j6Zju3phhid_i9jyapKI.roa
Signing time: Wed 11 Sep 2024 02:26:14 +0000
ROA not before: Wed 11 Sep 2024 02:26:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 13444
IP address blocks: 103.221.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5371 (0x14fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:26:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FB8AA61FAD63E998EEDE986189DFE2F63C9AA4A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:33:14:35:ef:c4:05:37:e5:41:cb:d4:1c:90:
31:a5:98:0d:3a:d8:8f:14:a4:b6:9a:c4:75:5a:c7:
0d:83:8a:3e:7b:0e:63:ad:02:03:12:58:b0:6c:3b:
25:12:a5:5a:df:d2:6a:b4:a5:44:6e:8e:70:68:bf:
97:79:98:02:51:ec:d0:fe:a4:b8:6c:cc:6b:93:5c:
3c:e4:32:98:91:1c:02:46:95:d5:07:cb:d9:73:b4:
78:6a:da:06:31:fe:07:18:73:27:10:02:85:c8:2f:
59:ef:cc:2b:5a:dd:0c:fd:98:59:17:c3:b2:57:a4:
26:49:15:be:f8:1a:6a:9d:e7:b5:dc:f8:7c:2a:ee:
ca:84:2e:b7:b5:80:06:5d:4d:8c:28:b0:97:5b:18:
1f:51:ac:d7:0c:91:9a:7d:10:0b:46:91:cf:0e:b6:
94:c1:15:06:da:f0:b6:25:19:49:7e:6f:6e:fe:b7:
75:b2:0c:7c:11:47:e6:d8:78:af:fd:24:7f:b2:0d:
5f:2a:d2:35:6e:16:b6:84:93:b8:60:78:85:c2:37:
b9:2a:50:0c:3a:82:53:d5:8e:a1:c0:b7:ac:0f:08:
82:9b:a1:1c:90:18:6a:9b:2c:b3:a9:80:12:37:ca:
83:d0:e8:85:30:d1:95:4d:ec:5a:21:0f:6c:28:a7:
c1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:8A:A6:1F:AD:63:E9:98:EE:DE:98:61:89:DF:E2:F6:3C:9A:A4:A2
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/-4qmH61j6Zju3phhid_i9jyapKI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.19.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:c0:1f:0b:1e:ab:ba:e7:8d:f6:1b:ff:bd:53:e6:2b:65:1f:
14:52:7c:e4:b1:b6:62:54:1c:1c:13:7b:ce:6f:4e:49:95:1f:
1b:ac:aa:53:e5:6e:83:e8:6d:4c:04:35:c2:29:a1:4d:a7:32:
49:c3:cb:be:8a:7d:d3:7d:db:c3:4a:aa:d6:b1:14:8a:fb:90:
9e:26:76:b6:ba:03:9c:c7:06:4c:2b:42:2d:dc:08:17:a3:f0:
f7:b8:6c:e8:6d:87:5a:e3:6c:bb:28:b6:b3:ec:94:c5:34:f5:
a9:1e:0f:3d:06:b5:62:67:a2:7e:c8:6e:d4:ae:e1:28:59:de:
3e:8f:82:e1:34:c7:de:b2:a0:b2:f5:f4:78:40:24:d8:a3:23:
45:fc:5e:85:6c:61:08:44:7a:8c:52:c1:f4:29:6d:d5:57:1f:
a9:29:fe:bb:bf:a5:d4:18:51:a3:75:29:6d:7c:74:d7:81:bd:
74:b7:6d:d3:a9:02:c0:3f:33:ef:2b:09:c6:83:f2:66:c9:59:
1f:e3:df:c5:ce:b2:70:57:b1:88:9b:bd:6c:a1:e7:f6:2e:4c:
27:b9:90:b6:b8:3e:ba:6b:36:f3:bd:78:87:1d:67:7e:30:be:
11:68:55:70:2f:dc:67:fb:53:96:bb:3a:2d:2e:13:51:44:c9:
c9:d9:d2:6c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFPswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjI2MTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZCOEFBNjFGQUQ2M0U5
OThFRURFOTg2MTg5REZFMkY2M0M5QUE0QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCMxQ178QFN+VBy9QckDGlmA062I8UpLaaxHVaxw2Dij57DmOt
AgMSWLBsOyUSpVrf0mq0pURujnBov5d5mAJR7ND+pLhszGuTXDzkMpiRHAJGldUH
y9lztHhq2gYx/gcYcycQAoXIL1nvzCta3Qz9mFkXw7JXpCZJFb74Gmqd57Xc+Hwq
7sqELre1gAZdTYwosJdbGB9RrNcMkZp9EAtGkc8OtpTBFQba8LYlGUl+b27+t3Wy
DHwRR+bYeK/9JH+yDV8q0jVuFraEk7hgeIXCN7kqUAw6glPVjqHAt6wPCIKboRyQ
GGqbLLOpgBI3yoPQ6IUw0ZVN7FohD2wop8EnAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU+4qmH61j6Zju3phhid/i9jyapKIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3Ly00cW1INjFqNlpqdTNw
aGhpZF9pOWp5YXBLSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RMwDQYJKoZIhvcNAQELBQADggEBAJvAHwseq7rnjfYb/71T5itlHxRSfOSx
tmJUHBwTe85vTkmVHxusqlPlboPobUwENcIpoU2nMknDy76KfdN928NKqtaxFIr7
kJ4mdra6A5zHBkwrQi3cCBej8Pe4bOhth1rjbLsotrPslMU09akeDz0GtWJnon7I
btSu4ShZ3j6PguE0x96yoLL19HhAJNijI0X8XoVsYQhEeoxSwfQpbdVXH6kp/ru/
pdQYUaN1KW18dNeBvXS3bdOpAsA/M+8rCcaD8mbJWR/j38XOsnBXsYibvWyh5/Yu
TCe5kLa4PrprNvO9eIcdZ34wvhFoVXAv3Gf7U5a7Oi0uE1FEycnZ0mw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:25 2025 by rpki-client