Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/9G1hCxwQiH1JEmKMEWtSfcnqG5A.roa
File: 9G1hCxwQiH1JEmKMEWtSfcnqG5A.roa (raw, json)
Hash identifier: FqCXlqfMpKaBB5Io1kuiRUYaWZOOzgNSEgcr4+R6vi4=
Subject key identifier: F4:6D:61:0B:1C:10:88:7D:49:12:62:8C:11:6B:52:7D:C9:EA:1B:90
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1801
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/9G1hCxwQiH1JEmKMEWtSfcnqG5A.roa
Signing time: Fri 17 Jan 2025 01:24:25 +0000
ROA not before: Fri 17 Jan 2025 01:24:25 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 103.221.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6145 (0x1801)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:25 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=F46D610B1C10887D4912628C116B527DC9EA1B90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a4:34:69:af:29:07:e2:54:31:44:f6:b6:e1:
ec:4d:c9:44:90:82:4c:9a:21:79:65:63:81:0a:91:
7c:d5:5c:bc:12:71:5c:80:7f:e9:16:33:f0:92:7b:
89:ee:df:09:c2:05:68:ee:5c:49:5c:69:54:f1:59:
51:10:9b:75:5e:10:cd:61:e5:97:ad:50:2e:fb:21:
b7:e7:69:65:21:7e:44:7a:0f:97:a7:92:32:93:aa:
4b:0d:ed:95:84:79:de:e3:eb:98:64:f4:43:00:44:
39:da:76:98:e1:d2:c3:f6:fd:7d:f9:61:d4:b6:22:
2e:6c:85:4a:46:2c:d5:b4:e9:ae:59:c6:99:a8:13:
73:a9:c1:d8:aa:72:d7:3b:83:af:c8:f2:9a:02:fa:
ae:e0:40:e4:2d:17:b3:09:f6:60:06:0a:bf:06:d9:
cc:7d:de:c0:a7:63:4f:a8:d5:6e:2d:a1:fd:d1:6e:
17:29:94:41:c0:75:46:b5:09:ba:57:92:aa:44:ea:
04:e2:9f:4f:21:10:59:69:ad:00:cc:09:97:29:03:
a6:1a:8b:e2:02:9f:77:15:8c:64:bb:f9:d1:13:77:
96:b0:0f:84:98:3d:01:3d:80:8e:da:f2:d8:a0:24:
57:88:3c:f8:cd:72:83:0d:e5:ed:25:b3:ac:15:c8:
00:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6D:61:0B:1C:10:88:7D:49:12:62:8C:11:6B:52:7D:C9:EA:1B:90
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/9G1hCxwQiH1JEmKMEWtSfcnqG5A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.18.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:11:38:5d:91:e3:ba:c8:e3:59:43:99:28:f2:69:28:27:97:
a8:98:ca:9b:2f:34:ed:9f:17:de:40:e3:50:70:08:9a:7b:0f:
d4:07:63:e8:78:f7:6a:4e:48:f4:24:5b:cf:58:2f:7b:82:ed:
1e:1a:19:4a:2d:40:41:21:ef:73:aa:93:71:11:51:23:3e:04:
21:00:26:80:a9:81:49:12:e9:22:fe:d6:69:ad:d5:65:20:a2:
d7:55:4d:5d:45:60:14:d5:71:45:e7:f0:3a:67:1a:07:a3:74:
3c:a8:1c:63:bf:c1:70:92:62:39:e0:86:46:f7:77:42:8d:c5:
1b:64:67:e5:ad:0f:1a:9c:41:82:ad:a3:32:7c:25:a2:cb:67:
2b:29:99:b6:66:22:c6:f4:e0:39:32:84:00:b8:01:5e:4d:4e:
0e:14:2d:3a:a9:9f:fa:9e:7f:d1:25:64:ac:0f:8b:8f:76:ad:
fd:90:19:d6:11:84:68:fb:df:dd:c1:69:00:fa:54:4a:48:16:
cd:e3:9d:74:f7:9a:9d:e8:81:1f:9c:81:0f:d0:07:49:eb:c5:
dd:db:9d:de:55:80:0b:46:16:ce:84:18:28:09:97:62:11:c1:
a1:73:6c:de:08:2f:9b:5a:71:cc:33:39:2e:13:a7:61:f4:3a:
5c:bd:e7:54
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGAEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0MjVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEY0NkQ2MTBCMUMxMDg4
N0Q0OTEyNjI4QzExNkI1MjdEQzlFQTFCOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSpDRprykH4lQxRPa24exNyUSQgkyaIXllY4EKkXzVXLwScVyA
f+kWM/CSe4nu3wnCBWjuXElcaVTxWVEQm3VeEM1h5ZetUC77IbfnaWUhfkR6D5en
kjKTqksN7ZWEed7j65hk9EMARDnadpjh0sP2/X35YdS2Ii5shUpGLNW06a5Zxpmo
E3Opwdiqctc7g6/I8poC+q7gQOQtF7MJ9mAGCr8G2cx93sCnY0+o1W4tof3Rbhcp
lEHAdUa1CbpXkqpE6gTin08hEFlprQDMCZcpA6Yai+ICn3cVjGS7+dETd5awD4SY
PQE9gI7a8tigJFeIPPjNcoMN5e0ls6wVyACLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU9G1hCxwQiH1JEmKMEWtSfcnqG5AwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzlHMWhDeHdRaUgxSkVt
S01FV3RTZmNucUc1QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RIwDQYJKoZIhvcNAQELBQADggEBAB8ROF2R47rI41lDmSjyaSgnl6iYypsv
NO2fF95A41BwCJp7D9QHY+h492pOSPQkW89YL3uC7R4aGUotQEEh73Oqk3ERUSM+
BCEAJoCpgUkS6SL+1mmt1WUgotdVTV1FYBTVcUXn8DpnGgejdDyoHGO/wXCSYjng
hkb3d0KNxRtkZ+WtDxqcQYKtozJ8JaLLZyspmbZmIsb04DkyhAC4AV5NTg4ULTqp
n/qef9ElZKwPi492rf2QGdYRhGj7393BaQD6VEpIFs3jnXT3mp3ogR+cgQ/QB0nr
xd3bnd5VgAtGFs6EGCgJl2IRwaFzbN4IL5taccwzOS4Tp2H0Oly951Q=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:27 2025 by rpki-client