Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/4m-HE3Bg0yXB99TibuKK9t_UzOM.roa
File: 4m-HE3Bg0yXB99TibuKK9t_UzOM.roa (raw, json)
Hash identifier: AH01AV7JA6SUvwI/VYNNbmbsl5IqITAVNEHdAdVmkG4=
Subject key identifier: E2:6F:87:13:70:60:D3:25:C1:F7:D4:E2:6E:E2:8A:F6:DF:D4:CC:E3
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18BF
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/4m-HE3Bg0yXB99TibuKK9t_UzOM.roa
Signing time: Fri 17 Jan 2025 01:25:31 +0000
ROA not before: Fri 17 Jan 2025 01:25:31 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 138527
IP address blocks: 103.221.40.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6335 (0x18bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:31 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=E26F87137060D325C1F7D4E26EE28AF6DFD4CCE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ac:72:10:b0:70:14:98:09:8f:95:65:3e:b4:
58:b8:c4:73:bd:b1:63:5c:56:26:f2:d6:ab:f9:06:
1b:49:4f:72:89:59:07:ad:d0:2e:15:fa:15:0e:0c:
9f:05:ef:8e:f4:35:c7:16:3c:e1:7f:b3:49:bf:0a:
b9:af:c9:9f:5f:2e:d8:88:7b:2f:37:4d:85:93:52:
01:49:de:26:61:cd:df:b6:02:5b:bb:c9:4a:12:f1:
10:f8:2f:60:67:73:2c:da:ab:15:36:67:78:66:c7:
1d:f1:85:e2:98:ad:70:c2:d1:42:24:c2:c0:e9:9d:
8a:8d:29:65:dd:06:7a:7c:69:4a:fb:bd:b2:0a:a2:
80:4a:f2:8c:82:05:ac:26:7d:46:ad:e1:8a:35:15:
15:a6:ef:72:67:d5:29:58:1d:33:3f:bd:52:49:a0:
fc:c4:60:f6:79:4f:6e:17:88:1b:d6:0a:99:73:35:
25:33:3c:e7:b1:92:7c:97:80:eb:37:50:1d:a7:ba:
ac:f7:c9:97:8b:02:79:fa:59:79:ab:7a:55:21:8a:
e7:c9:a0:5c:7a:46:37:59:89:d9:af:c1:9e:a4:c6:
19:2d:da:cd:be:ed:7d:16:5e:7d:b2:5a:2a:c9:79:
15:35:4b:b8:8f:66:a7:77:d6:28:ae:bc:9d:de:d4:
27:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:6F:87:13:70:60:D3:25:C1:F7:D4:E2:6E:E2:8A:F6:DF:D4:CC:E3
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/4m-HE3Bg0yXB99TibuKK9t_UzOM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.40.0/22
Signature Algorithm: sha256WithRSAEncryption
89:b5:70:64:7d:52:69:86:59:bd:6f:5c:2b:78:6c:7a:63:16:
aa:31:24:03:cc:b7:1c:cd:f3:65:61:e0:1e:c9:d3:a5:38:99:
e4:36:70:b5:8f:f1:fc:a2:3c:6e:e1:b0:01:53:7a:40:be:23:
df:cc:85:74:72:81:d2:57:c7:e2:ac:c9:3a:7c:d8:df:13:79:
7b:09:3a:e9:0e:b9:08:30:b1:80:ef:f1:8b:d8:09:25:20:3e:
31:77:7a:ef:cf:bd:68:13:3f:0c:39:4e:e6:6f:9b:e1:62:6d:
03:59:03:2d:00:e7:2b:ee:7f:a8:1d:2d:dd:d4:67:69:91:56:
6b:ba:0b:be:37:66:36:54:0b:78:9e:14:04:f3:0b:1d:07:e0:
e4:92:e1:a6:12:93:ef:24:f9:79:8c:03:c5:47:99:bd:1a:28:
b1:31:64:12:be:35:58:ab:ae:d3:13:c2:8c:89:0c:ae:a0:98:
74:dd:26:e9:fd:d9:b5:3e:dc:7b:8b:66:76:9f:4a:e1:63:32:
c8:04:32:db:cc:2c:07:2c:a4:cd:eb:17:62:dc:15:d4:35:f8:
05:fe:92:08:11:4b:92:01:96:03:68:67:1e:c8:43:d2:ff:32:
51:6e:16:d2:2c:22:b6:5f:25:81:47:ef:9a:d9:3a:2f:0d:8b:
f3:c3:c7:71
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGL8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MzFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEUyNkY4NzEzNzA2MEQz
MjVDMUY3RDRFMjZFRTI4QUY2REZENENDRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCrHIQsHAUmAmPlWU+tFi4xHO9sWNcViby1qv5BhtJT3KJWQet
0C4V+hUODJ8F7470NccWPOF/s0m/CrmvyZ9fLtiIey83TYWTUgFJ3iZhzd+2Alu7
yUoS8RD4L2BncyzaqxU2Z3hmxx3xheKYrXDC0UIkwsDpnYqNKWXdBnp8aUr7vbIK
ooBK8oyCBawmfUat4Yo1FRWm73Jn1SlYHTM/vVJJoPzEYPZ5T24XiBvWCplzNSUz
POexknyXgOs3UB2nuqz3yZeLAnn6WXmrelUhiufJoFx6RjdZidmvwZ6kxhkt2s2+
7X0WXn2yWirJeRU1S7iPZqd31iiuvJ3e1CeBAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU4m+HE3Bg0yXB99TibuKK9t/UzOMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzRtLUhFM0JnMHlYQjk5
VGlidUtLOXRfVXpPTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3SgwDQYJKoZIhvcNAQELBQADggEBAIm1cGR9UmmGWb1vXCt4bHpjFqoxJAPM
txzN82Vh4B7J06U4meQ2cLWP8fyiPG7hsAFTekC+I9/MhXRygdJXx+KsyTp82N8T
eXsJOukOuQgwsYDv8YvYCSUgPjF3eu/PvWgTPww5TuZvm+FibQNZAy0A5yvuf6gd
Ld3UZ2mRVmu6C743ZjZUC3ieFATzCx0H4OSS4aYSk+8k+XmMA8VHmb0aKLExZBK+
NVirrtMTwoyJDK6gmHTdJun92bU+3HuLZnafSuFjMsgEMtvMLAcspM3rF2LcFdQ1
+AX+kggRS5IBlgNoZx7IQ9L/MlFuFtIsIrZfJYFH75rZOi8Ni/PDx3E=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:24:34 2025 by rpki-client