Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/0IcveZb1K4HisYpiaKEMt_Rlurw.roa
File: 0IcveZb1K4HisYpiaKEMt_Rlurw.roa (raw, json)
Hash identifier: GzCNliRo27KRAemVxdMqnN0kP4UOCjWxkIIRXVyBZTQ=
Subject key identifier: D0:87:2F:79:96:F5:2B:81:E2:B1:8A:62:68:A1:0C:B7:F4:65:BA:BC
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1803
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/0IcveZb1K4HisYpiaKEMt_Rlurw.roa
Signing time: Fri 17 Jan 2025 01:24:26 +0000
ROA not before: Fri 17 Jan 2025 01:24:26 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24373
IP address blocks: 103.220.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6147 (0x1803)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:26 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D0872F7996F52B81E2B18A6268A10CB7F465BABC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:75:c5:50:9e:b4:d9:84:e7:a8:ea:47:87:27:
11:2a:d6:9d:14:e2:5c:4f:b8:cb:fb:1d:d9:3b:52:
34:6d:13:10:0c:d3:11:ff:1e:24:d3:51:cc:d5:8f:
02:f9:03:64:62:12:06:05:01:4c:cb:d7:75:21:da:
37:8b:57:73:66:b8:f4:8b:24:5c:b1:1d:ef:48:a7:
c3:fe:3c:57:bd:dc:f3:89:2e:5d:08:83:a4:f3:aa:
72:f8:ef:35:5e:ec:82:0c:ea:f5:c3:fe:0b:77:29:
50:c6:6f:ed:4e:4a:8a:d8:1a:11:2c:07:fd:10:56:
1d:68:81:06:0d:76:83:6e:88:73:ee:b8:0e:c1:a2:
c8:ab:aa:1a:b9:60:8e:fa:15:e7:29:88:c5:99:9b:
cb:f2:9a:10:bb:4d:c1:3b:e8:24:72:5d:c7:39:42:
17:be:91:67:44:22:07:af:9a:4f:2d:74:b5:51:f8:
ea:8f:88:29:bd:b3:cf:0f:d4:34:39:f8:44:b9:2e:
90:d2:35:cb:d8:36:90:1b:04:3a:39:44:66:0d:38:
cb:29:63:fa:46:6d:b8:41:c9:c0:b6:c3:44:60:c4:
6d:b8:26:44:62:e3:f7:8c:69:2e:91:3a:b5:f8:5a:
17:fe:e8:21:fd:5e:63:14:0a:9c:e9:5b:8c:50:7a:
19:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:87:2F:79:96:F5:2B:81:E2:B1:8A:62:68:A1:0C:B7:F4:65:BA:BC
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/0IcveZb1K4HisYpiaKEMt_Rlurw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.220.252.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:d3:65:76:bf:e7:63:76:db:8c:86:c7:cd:9a:28:96:c8:51:
d2:cb:3a:aa:28:2c:eb:7c:eb:21:96:ab:cf:ac:30:a3:cc:df:
8d:f9:85:76:87:03:2b:36:c0:8f:dc:aa:b9:96:bb:0e:a8:94:
92:44:ba:28:d9:3a:11:d7:eb:af:41:2a:28:4e:87:a5:a7:1d:
5d:da:5f:61:60:58:f3:6a:de:a2:6c:bb:1e:af:55:18:ed:6d:
f0:7b:ba:a5:82:5e:37:ba:4a:1c:fd:36:22:61:0a:af:23:ab:
57:a2:64:f7:6c:a4:4c:d8:84:1c:69:0a:33:9d:d9:07:91:df:
09:db:ba:9f:96:58:b8:44:7c:62:a3:4e:e0:25:a0:e7:a1:41:
60:cb:8d:33:07:72:de:5c:e7:6c:56:89:5f:e1:04:73:02:62:
b3:23:a4:5c:78:ef:67:39:f9:c0:40:be:2f:49:58:cb:8a:2d:
fc:93:6b:46:70:13:86:3f:51:4e:ed:6d:a0:55:48:0b:1e:f6:
05:4a:c1:50:68:78:b2:8a:8f:62:64:35:a4:e3:23:d4:8b:dc:
0d:02:72:74:aa:0a:05:f5:ef:9b:ca:73:a2:5d:e0:dd:d1:3c:
6c:b0:31:10:c7:18:d7:6b:29:c8:d1:00:67:0f:ba:0a:2d:16:
7b:68:97:c1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGAMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0MjZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQwODcyRjc5OTZGNTJC
ODFFMkIxOEE2MjY4QTEwQ0I3RjQ2NUJBQkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDdcVQnrTZhOeo6keHJxEq1p0U4lxPuMv7Hdk7UjRtExAM0xH/
HiTTUczVjwL5A2RiEgYFAUzL13Uh2jeLV3NmuPSLJFyxHe9Ip8P+PFe93POJLl0I
g6TzqnL47zVe7IIM6vXD/gt3KVDGb+1OSorYGhEsB/0QVh1ogQYNdoNuiHPuuA7B
osirqhq5YI76FecpiMWZm8vymhC7TcE76CRyXcc5Qhe+kWdEIgevmk8tdLVR+OqP
iCm9s88P1DQ5+ES5LpDSNcvYNpAbBDo5RGYNOMspY/pGbbhBycC2w0RgxG24JkRi
4/eMaS6ROrX4Whf+6CH9XmMUCpzpW4xQehnJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU0IcveZb1K4HisYpiaKEMt/RlurwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzBJY3ZlWmIxSzRIaXNZ
cGlhS0VNdF9SbHVydy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3PwwDQYJKoZIhvcNAQELBQADggEBALvTZXa/52N224yGx82aKJbIUdLLOqoo
LOt86yGWq8+sMKPM3435hXaHAys2wI/cqrmWuw6olJJEuijZOhHX669BKihOh6Wn
HV3aX2FgWPNq3qJsux6vVRjtbfB7uqWCXje6Shz9NiJhCq8jq1eiZPdspEzYhBxp
CjOd2QeR3wnbup+WWLhEfGKjTuAloOehQWDLjTMHct5c52xWiV/hBHMCYrMjpFx4
72c5+cBAvi9JWMuKLfyTa0ZwE4Y/UU7tbaBVSAse9gVKwVBoeLKKj2JkNaTjI9SL
3A0CcnSqCgX175vKc6Jd4N3RPGywMRDHGNdrKcjRAGcPugotFntol8E=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:26 2025 by rpki-client