Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/2lfVE9JHZbgefJvgXtFZQ14n0TY.roa
File: 2lfVE9JHZbgefJvgXtFZQ14n0TY.roa (raw, json)
Hash identifier: lbiyZzE9igKQSzRD9IJeXgcDjtT3SkPQKGKAE2l7WJk=
Subject key identifier: DA:57:D5:13:D2:47:65:B8:1E:7C:9B:E0:5E:D1:59:43:5E:27:D1:36
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1836
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/2lfVE9JHZbgefJvgXtFZQ14n0TY.roa
Signing time: Fri 17 Jan 2025 01:24:45 +0000
ROA not before: Fri 17 Jan 2025 01:24:45 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 103.221.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6198 (0x1836)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:45 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=DA57D513D24765B81E7C9BE05ED159435E27D136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ec:d6:53:81:ab:42:31:e5:ee:0e:83:bd:3a:
71:d9:4c:a4:25:9f:93:9b:56:f7:d4:be:68:82:de:
1d:4c:d6:d4:c5:69:fd:6b:58:e2:96:23:08:1b:fd:
61:91:e0:1e:6e:74:ca:3a:6e:e7:ae:e0:d1:03:d3:
8f:0e:fa:3f:85:9e:df:cc:9f:8e:2c:9c:d0:1a:ee:
fa:d2:76:11:b7:29:37:f2:67:f7:ca:c0:1b:d7:53:
59:06:5c:28:68:2e:50:b3:03:37:75:fd:7b:49:4a:
53:13:60:b7:ab:6b:dc:6a:99:49:ca:15:f8:11:c6:
d3:18:d3:ae:32:74:7e:f3:f7:bf:8b:98:93:04:5c:
60:09:e5:d2:fe:3e:a3:b3:3e:a2:1b:1d:d6:3c:a1:
40:54:37:4d:0f:dd:79:63:6b:84:de:c8:a6:82:52:
e3:28:08:29:63:bd:18:1c:51:f4:85:66:f2:f0:33:
9e:3a:12:9e:a9:08:97:34:cd:c3:a7:f9:59:a9:e5:
88:7f:22:f3:97:eb:8c:6b:d1:88:b1:71:81:bf:40:
b2:ea:20:06:b1:7a:18:1b:8e:e5:a5:44:09:33:2e:
02:81:7e:34:18:96:81:08:59:50:22:67:63:66:aa:
46:2a:e0:2a:0a:c0:e4:9b:6f:c7:65:38:25:7c:c3:
b0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:57:D5:13:D2:47:65:B8:1E:7C:9B:E0:5E:D1:59:43:5E:27:D1:36
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/2lfVE9JHZbgefJvgXtFZQ14n0TY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.19.0/24
Signature Algorithm: sha256WithRSAEncryption
28:b9:72:32:88:91:2d:50:5b:c5:e9:1e:6f:1b:99:bc:8a:8c:
54:83:c5:f3:a8:8c:a0:71:57:dc:d3:a9:07:29:a3:df:a5:e7:
ba:e4:b5:16:da:22:42:66:99:39:f4:3c:86:de:16:e1:9b:f3:
c8:22:40:e5:cc:f9:81:30:e4:56:63:18:0c:b2:8e:96:05:88:
f8:c5:d4:b7:e8:f1:c6:cf:62:f7:6d:12:93:6d:b9:34:57:ab:
67:07:8f:01:6b:3f:83:97:79:b4:d7:16:f1:07:17:d0:61:19:
43:79:4a:55:89:1a:6a:ca:a1:4c:fa:29:fd:dc:29:4f:da:0a:
0d:ea:e1:50:ea:64:82:0b:59:76:2d:60:fe:7d:c2:df:0e:7d:
18:14:ae:14:86:8f:03:07:b0:c9:68:83:46:40:69:42:d9:41:
7b:ec:7f:3e:f7:0c:d6:ca:13:29:03:71:75:83:83:14:d4:d9:
b9:4e:28:44:d1:fe:fb:17:ba:dc:24:d6:bd:ed:8b:fe:10:c6:
61:6c:1f:8e:4a:6b:d6:3e:71:a6:22:3b:2c:ad:7a:0c:e5:61:
53:f4:3f:8a:ba:14:83:44:34:eb:5d:64:62:f9:1b:40:69:34:
14:aa:bd:11:57:22:53:f4:dc:de:88:5c:e4:93:38:44:06:ff:
ea:2b:de:7a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGDYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0NDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERBNTdENTEzRDI0NzY1
QjgxRTdDOUJFMDVFRDE1OTQzNUUyN0QxMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/7NZTgatCMeXuDoO9OnHZTKQln5ObVvfUvmiC3h1M1tTFaf1r
WOKWIwgb/WGR4B5udMo6bueu4NED048O+j+Fnt/Mn44snNAa7vrSdhG3KTfyZ/fK
wBvXU1kGXChoLlCzAzd1/XtJSlMTYLera9xqmUnKFfgRxtMY064ydH7z97+LmJME
XGAJ5dL+PqOzPqIbHdY8oUBUN00P3Xlja4TeyKaCUuMoCCljvRgcUfSFZvLwM546
Ep6pCJc0zcOn+Vmp5Yh/IvOX64xr0YixcYG/QLLqIAaxehgbjuWlRAkzLgKBfjQY
loEIWVAiZ2NmqkYq4CoKwOSbb8dlOCV8w7BVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU2lfVE9JHZbgefJvgXtFZQ14n0TYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzJsZlZFOUpIWmJnZWZK
dmdYdEZaUTE0bjBUWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RMwDQYJKoZIhvcNAQELBQADggEBACi5cjKIkS1QW8XpHm8bmbyKjFSDxfOo
jKBxV9zTqQcpo9+l57rktRbaIkJmmTn0PIbeFuGb88giQOXM+YEw5FZjGAyyjpYF
iPjF1Lfo8cbPYvdtEpNtuTRXq2cHjwFrP4OXebTXFvEHF9BhGUN5SlWJGmrKoUz6
Kf3cKU/aCg3q4VDqZIILWXYtYP59wt8OfRgUrhSGjwMHsMlog0ZAaULZQXvsfz73
DNbKEykDcXWDgxTU2blOKETR/vsXutwk1r3ti/4QxmFsH45Ka9Y+caYiOyytegzl
YVP0P4q6FINENOtdZGL5G0BpNBSqvRFXIlP03N6IXOSTOEQG/+or3no=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:00 2025 by rpki-client