Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/9Lv3NNRFpRDshZFpYj_LOkeZdRM.roa
File: 9Lv3NNRFpRDshZFpYj_LOkeZdRM.roa (raw, json)
Hash identifier: e5avBYhsTJm4ex/e64omChFf1zRrVcow0wQk6i2Ugsg=
Subject key identifier: F4:BB:F7:34:D4:45:A5:10:EC:85:91:69:62:3F:CB:3A:47:99:75:13
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1480
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/9Lv3NNRFpRDshZFpYj_LOkeZdRM.roa
Signing time: Wed 11 Sep 2024 02:23:24 +0000
ROA not before: Wed 11 Sep 2024 02:23:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 103.221.36.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5248 (0x1480)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F4BBF734D445A510EC859169623FCB3A47997513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:77:42:62:f3:3b:3b:af:22:03:c7:ed:91:97:
e3:ed:5a:42:a5:cd:49:c8:63:56:59:d0:d1:ea:f7:
14:72:0c:56:8c:80:79:8a:02:23:3e:7e:57:7e:a6:
54:7c:b1:77:fe:33:af:23:6d:18:86:bc:ab:ee:85:
55:91:58:79:17:62:e7:42:a8:a5:15:cb:9c:ef:69:
f9:d5:1b:f3:5a:85:7b:63:d2:64:13:d7:a3:8d:7a:
5d:1f:10:71:0e:a4:1a:98:71:77:68:bf:bb:54:59:
4e:ba:70:c4:09:ad:bc:25:36:8c:65:5a:a9:62:98:
a2:06:23:95:e6:77:dd:ec:b0:d5:05:e1:4d:8d:3f:
6b:9c:49:3d:67:a3:00:2f:b8:7d:4e:c4:56:20:bb:
c5:35:da:b3:dc:45:41:af:7a:24:33:5f:9d:7c:53:
79:6d:87:52:95:eb:d9:f7:55:ce:f0:cc:e4:e4:ea:
ec:a9:35:d3:45:59:26:b6:00:6e:d8:9c:1c:7b:96:
9a:c5:61:77:ca:44:d3:fa:95:22:1b:55:09:3b:8b:
fd:5f:fb:34:09:26:0a:40:7f:90:61:54:d7:df:e9:
06:2d:b0:cf:b2:3e:76:9c:32:0b:c3:66:d6:f0:86:
4d:f4:4d:8e:7f:ce:a8:5d:fb:9a:fe:56:cb:f0:f4:
f3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:BB:F7:34:D4:45:A5:10:EC:85:91:69:62:3F:CB:3A:47:99:75:13
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/9Lv3NNRFpRDshZFpYj_LOkeZdRM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.36.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:ae:ec:60:d7:f7:54:0c:fa:d9:6a:a4:83:58:6c:b1:e0:fd:
f8:17:d1:9f:49:9e:75:c8:46:2b:a1:79:3c:30:8c:54:3f:e5:
e0:eb:70:a6:99:b6:99:ef:75:a2:c0:b4:67:f3:a8:1b:7c:8b:
5e:9d:5d:88:03:14:b6:82:66:31:04:24:ba:a3:6e:98:5b:ee:
a3:8c:ab:3c:63:f8:5e:a4:7f:71:98:d2:3a:a7:d7:4b:e0:0c:
96:77:27:46:72:fc:58:61:a1:fc:44:d6:1a:94:26:fb:24:8d:
e0:32:8b:d6:94:7e:ed:15:28:f3:56:aa:42:72:15:25:95:35:
2a:97:81:97:4c:1a:01:ef:74:00:17:e9:f5:9f:9c:25:36:76:
62:41:e8:5e:47:88:1a:ca:2c:93:dd:26:a1:fb:55:a1:b1:4e:
c8:39:40:35:c6:a4:9a:c2:1b:85:f6:c4:9b:ae:8f:05:12:63:
98:82:52:04:2e:6c:02:ea:36:cf:13:2c:20:a9:04:ff:f7:25:
9c:00:6e:03:aa:d2:bd:1c:73:12:f2:50:07:f4:60:b6:26:7b:
16:07:15:6b:ce:eb:8b:c0:17:97:4b:8b:55:ce:80:07:6c:2e:
d9:4a:1a:2c:1c:e8:ee:ed:a3:78:48:17:4a:09:86:2f:ec:ba:
e5:16:fe:8b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFIAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY0QkJGNzM0RDQ0NUE1
MTBFQzg1OTE2OTYyM0ZDQjNBNDc5OTc1MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1d0Ji8zs7ryIDx+2Rl+PtWkKlzUnIY1ZZ0NHq9xRyDFaMgHmK
AiM+fld+plR8sXf+M68jbRiGvKvuhVWRWHkXYudCqKUVy5zvafnVG/NahXtj0mQT
16ONel0fEHEOpBqYcXdov7tUWU66cMQJrbwlNoxlWqlimKIGI5Xmd93ssNUF4U2N
P2ucST1nowAvuH1OxFYgu8U12rPcRUGveiQzX518U3lth1KV69n3Vc7wzOTk6uyp
NdNFWSa2AG7YnBx7lprFYXfKRNP6lSIbVQk7i/1f+zQJJgpAf5BhVNff6QYtsM+y
PnacMgvDZtbwhk30TY5/zqhd+5r+Vsvw9PNlAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU9Lv3NNRFpRDshZFpYj/LOkeZdRMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzlMdjNOTlJGcFJEc2ha
RnBZal9MT2tlWmRSTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3SQwDQYJKoZIhvcNAQELBQADggEBAMCu7GDX91QM+tlqpINYbLHg/fgX0Z9J
nnXIRiuheTwwjFQ/5eDrcKaZtpnvdaLAtGfzqBt8i16dXYgDFLaCZjEEJLqjbphb
7qOMqzxj+F6kf3GY0jqn10vgDJZ3J0Zy/FhhofxE1hqUJvskjeAyi9aUfu0VKPNW
qkJyFSWVNSqXgZdMGgHvdAAX6fWfnCU2dmJB6F5HiBrKLJPdJqH7VaGxTsg5QDXG
pJrCG4X2xJuujwUSY5iCUgQubALqNs8TLCCpBP/3JZwAbgOq0r0ccxLyUAf0YLYm
exYHFWvO64vAF5dLi1XOgAdsLtlKGiwc6O7to3hIF0oJhi/suuUW/os=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:39:38 2025 by rpki-client