Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/AO_TcB4OjRv181uTBfegZQCRQJo.roa
File: AO_TcB4OjRv181uTBfegZQCRQJo.roa (raw, json)
Hash identifier: suYEKQ8gRbca3TdM8O4NArvzAehiIuc1tezEkthmfv4=
Subject key identifier: 00:EF:D3:70:1E:0E:8D:1B:F5:F3:5B:93:05:F7:A0:65:00:91:40:9A
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18EB
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/AO_TcB4OjRv181uTBfegZQCRQJo.roa
Signing time: Fri 17 Jan 2025 01:25:47 +0000
ROA not before: Fri 17 Jan 2025 01:25:47 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 103.220.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6379 (0x18eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:47 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=00EFD3701E0E8D1BF5F35B9305F7A0650091409A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:21:17:cd:34:89:2c:2b:f0:27:d1:8c:6f:db:
14:23:af:39:c2:b3:6c:67:d3:a1:f8:9c:7f:c9:69:
41:c7:37:6a:4e:37:09:f2:35:bb:10:f4:52:9d:f4:
b5:8f:3b:c6:0e:49:e2:48:6e:a3:43:8e:30:f2:28:
5c:44:d8:de:dc:c4:5e:3c:4b:7c:40:2e:c6:f3:3f:
b0:52:60:39:d8:c4:c1:9a:b5:8b:19:58:1c:14:98:
17:cb:b5:5e:fc:96:7d:72:d2:b3:74:82:a2:cc:d6:
be:60:68:8d:34:98:86:62:f7:cf:2c:28:51:68:5e:
ff:56:dd:54:0d:bb:b2:e0:7f:fa:b0:c9:f1:d1:c2:
21:28:1f:cb:f3:db:28:3d:e6:35:89:47:37:28:6f:
2a:6c:4e:6b:8f:64:fb:8b:a6:b3:40:fe:04:0a:65:
80:44:52:88:d6:66:93:c3:44:1e:2d:da:d6:c8:6a:
2e:d0:e0:d3:c1:8f:91:23:c3:11:8d:27:70:37:a0:
40:50:b7:1d:37:64:dd:eb:2d:2c:5f:c4:cb:f5:42:
3b:e6:31:95:66:53:c8:82:42:97:78:12:1e:6d:83:
7d:85:8f:64:1c:de:65:ce:e6:c2:f6:c7:ee:c3:15:
6f:89:29:94:7f:99:46:80:24:91:13:27:ce:93:c6:
37:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:EF:D3:70:1E:0E:8D:1B:F5:F3:5B:93:05:F7:A0:65:00:91:40:9A
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/AO_TcB4OjRv181uTBfegZQCRQJo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.220.249.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:b6:de:e5:d4:92:8c:e3:dd:3a:e3:bf:90:41:53:1f:6c:80:
e3:a5:bb:ea:6a:b5:ca:43:26:af:23:93:12:e3:a7:70:8e:a1:
a0:9f:0b:5e:0d:19:70:64:f3:01:84:1a:3c:c5:55:27:0b:d5:
af:e8:f9:8d:e7:b9:f7:6d:09:dc:21:be:50:50:ca:02:92:5d:
54:31:95:84:50:2b:10:f0:78:8e:34:66:87:d3:db:99:46:78:
8b:a2:2e:b9:41:42:55:d0:45:9d:a8:26:5c:f0:57:b2:41:74:
7e:f3:08:81:c4:3a:4c:82:ff:d6:e6:bd:b9:ee:19:b6:6e:38:
b9:86:67:68:cb:09:fa:5e:5d:c3:af:cb:e7:1e:2b:c7:96:6a:
01:45:6c:a0:97:90:43:91:92:34:ad:df:c9:b3:36:b6:cc:19:
14:f7:46:55:aa:64:d8:ce:c5:b8:d0:55:01:80:84:ff:75:23:
11:4d:8c:0d:a1:22:cc:85:1e:16:01:54:7c:74:48:18:ac:06:
18:2f:20:d2:97:f0:a5:10:c6:5a:27:75:a7:35:70:21:ec:b8:
a8:07:20:a4:02:26:2d:27:18:e0:4f:c9:3f:7b:47:51:9d:80:
42:07:95:e2:3f:db:e6:e8:f9:d2:32:38:b1:a4:dc:0f:43:56:
68:a1:c4:66
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGOswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDAwRUZEMzcwMUUwRThE
MUJGNUYzNUI5MzA1RjdBMDY1MDA5MTQwOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKIRfNNIksK/An0Yxv2xQjrznCs2xn06H4nH/JaUHHN2pONwny
NbsQ9FKd9LWPO8YOSeJIbqNDjjDyKFxE2N7cxF48S3xALsbzP7BSYDnYxMGatYsZ
WBwUmBfLtV78ln1y0rN0gqLM1r5gaI00mIZi988sKFFoXv9W3VQNu7Lgf/qwyfHR
wiEoH8vz2yg95jWJRzcobypsTmuPZPuLprNA/gQKZYBEUojWZpPDRB4t2tbIai7Q
4NPBj5EjwxGNJ3A3oEBQtx03ZN3rLSxfxMv1QjvmMZVmU8iCQpd4Eh5tg32Fj2Qc
3mXO5sL2x+7DFW+JKZR/mUaAJJETJ86TxjdLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUAO/TcB4OjRv181uTBfegZQCRQJowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0FPX1RjQjRPalJ2MTgx
dVRCZmVnWlFDUlFKby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3PkwDQYJKoZIhvcNAQELBQADggEBADy23uXUkozj3Trjv5BBUx9sgOOlu+pq
tcpDJq8jkxLjp3COoaCfC14NGXBk8wGEGjzFVScL1a/o+Y3nufdtCdwhvlBQygKS
XVQxlYRQKxDweI40ZofT25lGeIuiLrlBQlXQRZ2oJlzwV7JBdH7zCIHEOkyC/9bm
vbnuGbZuOLmGZ2jLCfpeXcOvy+ceK8eWagFFbKCXkEORkjSt38mzNrbMGRT3RlWq
ZNjOxbjQVQGAhP91IxFNjA2hIsyFHhYBVHx0SBisBhgvINKX8KUQxlondac1cCHs
uKgHIKQCJi0nGOBPyT97R1GdgEIHleI/2+bo+dIyOLGk3A9DVmihxGY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:11 2025 by rpki-client