Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/ASkEmwMMIyj6efVr1EZ0LkdnEcM.roa
File: ASkEmwMMIyj6efVr1EZ0LkdnEcM.roa (raw, json)
Hash identifier: bFZ3kUrVFFyfAOABIS5s8tl8C0tuUIiiM/vvs0i2Rbw=
Subject key identifier: 01:29:04:9B:03:0C:23:28:FA:79:F5:6B:D4:46:74:2E:47:67:11:C3
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1502
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ASkEmwMMIyj6efVr1EZ0LkdnEcM.roa
Signing time: Wed 11 Sep 2024 02:27:31 +0000
ROA not before: Wed 11 Sep 2024 02:27:31 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 13444
IP address blocks: 103.221.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5378 (0x1502)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:27:31 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0129049B030C2328FA79F56BD446742E476711C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8d:22:fc:38:63:c8:ae:8d:49:af:e8:6c:0a:
98:a5:ea:f3:f3:be:b5:72:71:0e:22:1e:ee:81:79:
9b:b6:aa:77:14:24:a5:63:79:7e:65:dc:3e:4d:1e:
6b:32:96:31:f4:cd:3b:b0:ef:11:9a:b7:45:22:d8:
03:8a:7c:ea:36:ec:45:8e:02:a5:3c:71:e2:ea:66:
f0:45:73:a9:66:d8:bf:25:80:38:db:5c:b2:a2:46:
29:fd:3d:61:55:5b:f5:f7:7c:cd:45:39:45:79:41:
25:19:20:27:e6:38:21:05:af:0c:6a:4f:98:f7:09:
36:ea:8b:92:5c:cb:39:b8:b6:4d:8e:70:fc:e0:b9:
40:76:69:a8:10:1c:09:d8:2b:5a:34:b5:b4:76:f0:
23:18:3b:d9:d3:15:91:84:49:7d:ad:59:52:86:2b:
70:d2:a5:be:78:91:81:f7:0a:27:68:e3:cd:b5:e9:
cb:91:5f:7f:3f:13:8e:8e:45:d0:8d:ad:ee:c0:4d:
b1:98:cf:9a:e1:10:dc:f0:ac:5b:48:7b:cd:ba:72:
b5:c4:6d:e1:be:71:1b:7d:73:8f:31:a7:87:d3:a8:
93:58:51:3d:ac:eb:fd:0a:4d:f8:48:93:60:17:4c:
18:f4:ea:4c:eb:6e:de:50:3a:9f:93:fb:d6:f0:de:
6d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:29:04:9B:03:0C:23:28:FA:79:F5:6B:D4:46:74:2E:47:67:11:C3
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ASkEmwMMIyj6efVr1EZ0LkdnEcM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.34.0/24
Signature Algorithm: sha256WithRSAEncryption
87:0f:0b:81:8f:85:94:49:c6:1c:a2:b9:19:a4:67:f0:66:1c:
a0:0f:81:ca:62:cd:13:57:91:05:9a:4d:4a:f6:65:90:51:77:
2a:78:73:90:59:af:8f:f5:61:61:4b:32:8d:ee:01:38:2c:a6:
0b:df:3d:8f:07:c0:b3:e7:df:c9:7c:07:58:eb:a2:e7:83:06:
a0:f0:6f:87:29:30:98:8e:51:24:e0:7d:06:55:88:7a:ba:bc:
3c:d5:a4:07:15:57:13:fc:9e:a7:0f:6b:3b:68:a1:38:59:82:
2c:95:ef:3d:30:f9:20:1c:76:f8:33:30:8b:9d:6e:71:ac:d8:
e2:84:f4:db:80:d3:a2:ec:ce:cf:0b:c3:13:b4:d7:9a:32:2b:
c8:0e:8d:4c:4d:db:46:84:f2:1d:ef:c7:18:d7:06:98:5c:38:
61:98:03:ee:44:bb:52:ed:ed:2c:83:79:e5:38:40:e6:27:30:
ea:79:a7:c4:59:4c:f5:3a:3a:b1:eb:86:47:82:99:bc:84:50:
f2:6f:d2:e1:f5:ea:5c:03:fa:12:09:77:22:7f:17:ce:49:82:
2c:61:37:68:f6:47:b0:3c:a9:26:84:6a:6b:2a:6d:a3:05:1c:
d8:43:da:15:bd:68:78:e9:4f:29:cb:30:e8:65:ad:04:16:67:
be:7e:3e:0e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFQIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjI3MzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAxMjkwNDlCMDMwQzIz
MjhGQTc5RjU2QkQ0NDY3NDJFNDc2NzExQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqjSL8OGPIro1Jr+hsCpil6vPzvrVycQ4iHu6BeZu2qncUJKVj
eX5l3D5NHmsyljH0zTuw7xGat0Ui2AOKfOo27EWOAqU8ceLqZvBFc6lm2L8lgDjb
XLKiRin9PWFVW/X3fM1FOUV5QSUZICfmOCEFrwxqT5j3CTbqi5Jcyzm4tk2OcPzg
uUB2aagQHAnYK1o0tbR28CMYO9nTFZGESX2tWVKGK3DSpb54kYH3Cido48216cuR
X38/E46ORdCNre7ATbGYz5rhENzwrFtIe826crXEbeG+cRt9c48xp4fTqJNYUT2s
6/0KTfhIk2AXTBj06kzrbt5QOp+T+9bw3m1BAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUASkEmwMMIyj6efVr1EZ0LkdnEcMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0FTa0Vtd01NSXlqNmVm
VnIxRVowTGtkbkVjTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3SIwDQYJKoZIhvcNAQELBQADggEBAIcPC4GPhZRJxhyiuRmkZ/BmHKAPgcpi
zRNXkQWaTUr2ZZBRdyp4c5BZr4/1YWFLMo3uATgspgvfPY8HwLPn38l8B1jroueD
BqDwb4cpMJiOUSTgfQZViHq6vDzVpAcVVxP8nqcPaztooThZgiyV7z0w+SAcdvgz
MIudbnGs2OKE9NuA06Lszs8LwxO015oyK8gOjUxN20aE8h3vxxjXBphcOGGYA+5E
u1Lt7SyDeeU4QOYnMOp5p8RZTPU6OrHrhkeCmbyEUPJv0uH16lwD+hIJdyJ/F85J
gixhN2j2R7A8qSaEamsqbaMFHNhD2hW9aHjpTynLMOhlrQQWZ75+Pg4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:17:29 2025 by rpki-client