Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/5shNq2mrmfLoS2PDugrCj02t3fc.roa
File: 5shNq2mrmfLoS2PDugrCj02t3fc.roa (raw, json)
Hash identifier: kbdxuHqVFNk3wNrVwMd7ovZlylDA1VIBhMQWu8rfr04=
Subject key identifier: E6:C8:4D:AB:69:AB:99:F2:E8:4B:63:C3:BA:0A:C2:8F:4D:AD:DD:F7
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18FB
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/5shNq2mrmfLoS2PDugrCj02t3fc.roa
Signing time: Fri 17 Jan 2025 01:25:53 +0000
ROA not before: Fri 17 Jan 2025 01:25:53 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 103.221.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6395 (0x18fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:53 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=E6C84DAB69AB99F2E84B63C3BA0AC28F4DADDDF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:46:d1:d6:c3:2b:26:15:21:ee:76:20:21:6b:
d3:04:72:79:38:b3:6f:41:97:b0:07:77:d4:37:6f:
de:bd:39:99:71:85:74:80:3a:e2:05:bc:f3:66:f1:
f1:fd:4e:2f:b7:1e:ec:55:54:d4:10:2c:18:f5:8c:
b6:6c:f9:86:09:6a:b3:d7:4a:01:26:31:54:8f:b6:
24:a1:0d:82:b4:3e:c2:57:c1:62:17:73:28:00:70:
4f:a0:4b:79:1d:92:15:0a:ed:30:6e:56:ff:11:a1:
84:40:0e:d8:b9:65:a6:ca:aa:e7:54:6e:68:f8:60:
ad:bf:c1:54:23:d3:c8:3f:ab:99:e6:da:1c:a2:b9:
f9:5e:a7:72:28:36:01:60:0f:4d:18:54:16:44:db:
d5:a6:66:8a:54:a6:e2:be:e9:97:91:8b:5e:4f:8f:
3d:5a:67:43:b2:81:22:b3:22:c8:bc:6d:8f:13:16:
5e:fd:aa:78:14:6d:a0:30:66:07:4c:f3:ce:d3:6a:
59:eb:f2:d1:59:00:ed:1c:35:6a:82:b0:9b:84:88:
ab:95:02:68:cb:df:a4:46:cb:35:76:f6:65:49:f7:
68:db:47:0b:66:35:72:4c:bd:cd:d5:ad:dc:84:a7:
41:59:b0:1d:d3:31:84:73:20:6f:b6:38:aa:eb:49:
fa:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C8:4D:AB:69:AB:99:F2:E8:4B:63:C3:BA:0A:C2:8F:4D:AD:DD:F7
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/5shNq2mrmfLoS2PDugrCj02t3fc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.43.0/24
Signature Algorithm: sha256WithRSAEncryption
90:0d:02:b0:9f:5c:c5:d8:b6:55:82:37:7d:63:86:9b:d8:db:
90:54:76:b8:ed:c0:ed:5b:6d:fe:3a:9d:0e:07:05:69:ae:49:
4c:8b:81:7e:51:f4:fb:15:ed:6e:39:f0:74:8b:ae:a5:ac:97:
ab:a5:bd:3a:99:a7:0e:df:5d:af:df:d7:30:41:93:33:9a:6c:
2f:8f:3c:5d:c5:f8:c0:b6:f0:6f:f1:28:ee:c0:d7:b5:6c:b9:
14:09:e9:fd:4f:07:a8:4b:e9:71:d7:d1:51:e2:d1:87:f6:2f:
5e:d7:cd:ee:e0:19:fd:e2:cc:c5:08:62:aa:1e:af:cd:e3:0f:
9c:a1:9a:81:0d:3e:46:e3:50:ca:cb:09:c1:ae:e2:35:e2:74:
27:dd:60:f1:86:da:ce:42:1f:dc:db:ec:f0:8d:67:a0:51:ba:
0d:f7:60:54:fb:f5:3c:0d:8a:30:f2:bf:25:e1:a3:ca:45:ce:
8f:66:97:8b:28:c4:58:cf:ab:07:6e:12:6a:2b:f4:1c:a4:d9:
31:d7:1d:c8:4e:14:eb:c2:a8:a2:ef:bb:18:08:55:66:1f:39:
44:47:d8:89:a5:03:ec:6b:51:fb:7a:cf:0e:ff:f1:2b:be:37:
48:71:99:e1:ee:90:40:f9:10:e0:53:80:e7:56:98:d2:37:68:
94:64:71:00
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGPswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEU2Qzg0REFCNjlBQjk5
RjJFODRCNjNDM0JBMEFDMjhGNERBRERERjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfRtHWwysmFSHudiAha9MEcnk4s29Bl7AHd9Q3b969OZlxhXSA
OuIFvPNm8fH9Ti+3HuxVVNQQLBj1jLZs+YYJarPXSgEmMVSPtiShDYK0PsJXwWIX
cygAcE+gS3kdkhUK7TBuVv8RoYRADti5ZabKqudUbmj4YK2/wVQj08g/q5nm2hyi
uflep3IoNgFgD00YVBZE29WmZopUpuK+6ZeRi15Pjz1aZ0OygSKzIsi8bY8TFl79
qngUbaAwZgdM887Talnr8tFZAO0cNWqCsJuEiKuVAmjL36RGyzV29mVJ92jbRwtm
NXJMvc3VrdyEp0FZsB3TMYRzIG+2OKrrSfo7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU5shNq2mrmfLoS2PDugrCj02t3fcwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzVzaE5xMm1ybWZMb1My
UER1Z3JDajAydDNmYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3SswDQYJKoZIhvcNAQELBQADggEBAJANArCfXMXYtlWCN31jhpvY25BUdrjt
wO1bbf46nQ4HBWmuSUyLgX5R9PsV7W458HSLrqWsl6ulvTqZpw7fXa/f1zBBkzOa
bC+PPF3F+MC28G/xKO7A17VsuRQJ6f1PB6hL6XHX0VHi0Yf2L17Xze7gGf3izMUI
Yqoer83jD5yhmoENPkbjUMrLCcGu4jXidCfdYPGG2s5CH9zb7PCNZ6BRug33YFT7
9TwNijDyvyXho8pFzo9ml4soxFjPqwduEmor9Byk2THXHchOFOvCqKLvuxgIVWYf
OURH2ImlA+xrUft6zw7/8Su+N0hxmeHukED5EOBTgOdWmNI3aJRkcQA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:21 2025 by rpki-client