Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/2hsTPoDKyAFvQ4MfFJVWgDNfb2o.roa
File: 2hsTPoDKyAFvQ4MfFJVWgDNfb2o.roa (raw, json)
Hash identifier: XAefAx6L+jIMaFUCZtY7Z/eZbGjEdbGuBKBd7YJc9Yk=
Subject key identifier: DA:1B:13:3E:80:CA:C8:01:6F:43:83:1F:14:95:56:80:33:5F:6F:6A
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1879
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/2hsTPoDKyAFvQ4MfFJVWgDNfb2o.roa
Signing time: Fri 17 Jan 2025 01:25:06 +0000
ROA not before: Fri 17 Jan 2025 01:25:06 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 17621
IP address blocks: 103.24.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6265 (0x1879)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:06 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=DA1B133E80CAC8016F43831F14955680335F6F6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:14:ff:88:b6:66:8a:d5:bb:dc:e6:e5:58:c3:
06:19:55:1e:ae:90:18:1e:0f:fc:38:0b:77:a4:a7:
a6:17:0a:c6:63:fd:87:f8:e7:b0:52:0b:37:79:46:
03:13:07:09:d1:40:5b:58:85:bf:03:4f:3a:fc:95:
73:08:49:cc:07:7f:fd:c4:a7:eb:bd:36:5a:c6:51:
0a:b8:44:d2:21:64:56:f6:1a:cc:92:f8:78:0e:de:
09:01:26:d5:bc:6d:61:05:f2:b0:8a:78:23:45:e6:
7d:a4:71:91:9e:b0:80:fb:74:08:cc:67:77:74:39:
57:95:0a:03:ad:6c:4a:be:c4:6c:87:84:92:64:7f:
a5:ad:e8:8d:f5:fa:8d:4a:c3:6c:3d:92:d8:55:68:
56:64:a1:9e:f2:af:30:3f:d2:cc:ea:fb:23:85:3a:
42:c8:60:3a:26:93:28:39:25:ce:5c:b9:a1:76:1b:
22:7e:41:3e:52:b3:58:9b:6a:84:99:1c:7c:4a:ea:
af:91:6a:af:4e:7e:b8:76:24:56:32:fe:71:0b:27:
fd:81:48:b5:0d:9d:e9:2e:4c:c7:dc:db:f3:20:85:
a0:a5:db:5e:4f:65:ec:e7:99:be:e1:7a:d9:b6:48:
7f:3d:33:b8:9d:28:ed:f1:c7:57:d0:0d:5d:84:70:
04:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1B:13:3E:80:CA:C8:01:6F:43:83:1F:14:95:56:80:33:5F:6F:6A
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/2hsTPoDKyAFvQ4MfFJVWgDNfb2o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.24.116.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:11:b6:69:9f:cf:2a:0a:64:76:73:a2:d9:a0:0c:35:8a:42:
4b:60:18:8b:fd:2d:0f:ea:55:92:a0:25:ac:03:ae:de:38:f1:
5e:5f:5d:c0:23:18:3f:8c:50:29:da:27:70:69:4a:8c:31:cc:
5a:ed:b2:1f:d5:1a:e0:f0:0b:08:13:9a:a8:1d:f3:c4:bd:7b:
0f:fc:1d:5a:2c:b8:3a:4f:22:74:5e:78:e6:2e:1f:fa:de:ed:
65:81:13:98:dc:1a:67:10:ea:cf:93:5c:f8:4a:a3:03:89:c7:
5b:16:d1:8a:4c:b8:32:bc:59:6b:0e:15:58:9d:cd:20:3b:06:
f8:45:1f:7f:a8:13:2a:f9:bc:b2:10:2c:a7:8d:e4:9a:c4:ea:
cc:a7:15:23:47:b1:93:da:8a:0e:ff:0a:8d:c5:1d:d0:00:16:
c1:ca:7d:bb:89:a3:17:0b:38:cc:31:09:4a:61:45:46:16:7c:
2c:18:83:4d:f3:6e:fb:1a:fe:40:ba:f5:bb:3c:df:d2:6e:52:
7f:bd:d3:94:86:76:43:d0:38:c9:50:85:bc:cf:95:36:41:05:
7c:70:c3:85:9c:9a:0f:6c:a4:27:1a:ee:2c:e7:99:44:b2:0d:
c9:ba:d0:4f:67:4d:4d:53:0e:92:c5:60:9e:35:cc:41:15:e8:
14:92:98:a5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGHkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERBMUIxMzNFODBDQUM4
MDE2RjQzODMxRjE0OTU1NjgwMzM1RjZGNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFFP+ItmaK1bvc5uVYwwYZVR6ukBgeD/w4C3ekp6YXCsZj/Yf4
57BSCzd5RgMTBwnRQFtYhb8DTzr8lXMIScwHf/3Ep+u9NlrGUQq4RNIhZFb2GsyS
+HgO3gkBJtW8bWEF8rCKeCNF5n2kcZGesID7dAjMZ3d0OVeVCgOtbEq+xGyHhJJk
f6Wt6I31+o1Kw2w9kthVaFZkoZ7yrzA/0szq+yOFOkLIYDomkyg5Jc5cuaF2GyJ+
QT5Ss1ibaoSZHHxK6q+Raq9Ofrh2JFYy/nELJ/2BSLUNnekuTMfc2/MghaCl215P
Zeznmb7hetm2SH89M7idKO3xx1fQDV2EcARJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU2hsTPoDKyAFvQ4MfFJVWgDNfb2owHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzJoc1RQb0RLeUFGdlE0
TWZGSlZXZ0ROZmIyby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnGHQwDQYJKoZIhvcNAQELBQADggEBAF4RtmmfzyoKZHZzotmgDDWKQktgGIv9
LQ/qVZKgJawDrt448V5fXcAjGD+MUCnaJ3BpSowxzFrtsh/VGuDwCwgTmqgd88S9
ew/8HVosuDpPInReeOYuH/re7WWBE5jcGmcQ6s+TXPhKowOJx1sW0YpMuDK8WWsO
FVidzSA7BvhFH3+oEyr5vLIQLKeN5JrE6synFSNHsZPaig7/Co3FHdAAFsHKfbuJ
oxcLOMwxCUphRUYWfCwYg03zbvsa/kC69bs839JuUn+905SGdkPQOMlQhbzPlTZB
BXxww4Wcmg9spCca7iznmUSyDcm60E9nTU1TDpLFYJ41zEEV6BSSmKU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:29 2025 by rpki-client