Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/BIcIB_fIW0F93gDb4KIf_DijvMM.roa
File: BIcIB_fIW0F93gDb4KIf_DijvMM.roa (raw, json)
Hash identifier: QAQjjz6+NEgDkTvbXtHeaoB3IY11jwTIBjXwcVMdcNU=
Subject key identifier: 04:87:08:07:F7:C8:5B:41:7D:DE:00:DB:E0:A2:1F:FC:38:A3:BC:C3
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1815
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/BIcIB_fIW0F93gDb4KIf_DijvMM.roa
Signing time: Fri 17 Jan 2025 01:24:33 +0000
ROA not before: Fri 17 Jan 2025 01:24:33 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 103.221.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6165 (0x1815)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:33 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=04870807F7C85B417DDE00DBE0A21FFC38A3BCC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7c:d7:f5:ef:48:cd:e5:62:fe:9b:ef:1e:5f:
1b:0e:81:d4:9e:d4:ae:d5:f0:22:a2:84:31:e3:c7:
90:d7:94:cb:6f:f9:20:4d:33:8d:dc:f8:e1:c0:14:
fb:be:51:e6:47:e0:41:b9:cb:bd:b5:cf:1a:1b:c6:
0b:e4:3a:f0:e1:05:50:fb:3a:0a:9b:02:56:ab:79:
42:3e:65:53:f2:dc:b1:10:89:8a:b9:a9:ff:f4:c9:
e4:24:ee:2d:3a:36:a7:45:6d:77:e2:58:e6:b1:6a:
fd:4e:6d:2d:95:c3:d1:3e:75:26:ea:5d:f8:d0:a7:
b1:a6:2e:e9:b6:ab:89:58:9c:1e:77:3b:6f:42:e9:
e6:23:62:46:a1:02:b8:1d:82:a2:55:08:aa:01:2a:
2f:a1:cd:3b:c1:be:c6:ed:1e:b4:99:75:ab:19:29:
bf:4e:78:87:8f:33:f0:ce:3c:db:e6:fa:47:2f:c9:
fa:f1:9e:8f:14:a6:cd:13:f0:69:13:8d:63:fb:b7:
94:68:36:d1:80:aa:d7:09:47:d6:c2:b3:5d:18:0e:
4c:12:be:64:c5:71:64:2b:d2:25:ef:db:24:81:e5:
52:1d:f0:d7:10:b7:f2:2c:43:c4:7f:2a:3f:dc:61:
72:80:c3:9e:07:c0:21:86:84:e2:60:f7:b0:b4:03:
66:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:87:08:07:F7:C8:5B:41:7D:DE:00:DB:E0:A2:1F:FC:38:A3:BC:C3
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/BIcIB_fIW0F93gDb4KIf_DijvMM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.45.0/24
Signature Algorithm: sha256WithRSAEncryption
74:f7:4d:96:2f:ec:e0:b2:38:9a:1a:a0:6f:26:7a:b7:9e:88:
d0:b3:c5:78:bf:37:a2:9f:23:ff:da:d2:18:ce:64:d3:8b:d7:
4e:f7:12:ac:5b:7f:b0:21:e6:4c:43:5b:20:36:5c:8f:57:d1:
df:e1:fd:1c:78:13:7d:a7:e2:75:25:ce:36:d6:08:f4:dc:eb:
fd:8e:96:9a:a1:e2:e2:02:96:ef:f3:83:25:1d:25:f0:59:f5:
18:30:5c:f2:e0:38:8f:8a:78:0a:d8:37:a0:34:4c:10:43:cd:
d2:f2:9a:25:e6:20:16:80:d9:25:df:c1:56:79:3f:d5:39:f7:
89:fc:0b:c1:7d:0e:67:ef:9e:8d:9a:9e:ee:70:ce:be:3b:68:
4c:d2:f7:b4:60:b9:18:57:ae:02:35:9f:82:2d:03:b9:6b:34:
88:d6:d1:22:f1:49:43:b4:5f:59:f8:ba:71:4d:e1:e9:8b:6a:
81:8f:f8:a6:33:db:05:fe:1a:88:ac:fb:40:46:f9:f0:2a:44:
42:b9:29:e3:ef:3c:53:b2:49:72:7f:f5:a6:6f:67:fc:1e:ae:
35:eb:54:66:05:ef:7b:10:84:49:78:7a:2c:08:a3:1c:50:af:
05:b7:4c:61:6b:5a:6a:32:49:14:6f:8a:df:f5:1d:e8:01:34:
3f:14:f6:71
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGBUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0MzNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDA0ODcwODA3RjdDODVC
NDE3RERFMDBEQkUwQTIxRkZDMzhBM0JDQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGfNf170jN5WL+m+8eXxsOgdSe1K7V8CKihDHjx5DXlMtv+SBN
M43c+OHAFPu+UeZH4EG5y721zxobxgvkOvDhBVD7OgqbAlareUI+ZVPy3LEQiYq5
qf/0yeQk7i06NqdFbXfiWOaxav1ObS2Vw9E+dSbqXfjQp7GmLum2q4lYnB53O29C
6eYjYkahArgdgqJVCKoBKi+hzTvBvsbtHrSZdasZKb9OeIePM/DOPNvm+kcvyfrx
no8Ups0T8GkTjWP7t5RoNtGAqtcJR9bCs10YDkwSvmTFcWQr0iXv2ySB5VId8NcQ
t/IsQ8R/Kj/cYXKAw54HwCGGhOJg97C0A2ZpAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBIcIB/fIW0F93gDb4KIf/DijvMMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0JJY0lCX2ZJVzBGOTNn
RGI0S0lmX0RpanZNTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3S0wDQYJKoZIhvcNAQELBQADggEBAHT3TZYv7OCyOJoaoG8mereeiNCzxXi/
N6KfI//a0hjOZNOL1073Eqxbf7Ah5kxDWyA2XI9X0d/h/Rx4E32n4nUlzjbWCPTc
6/2Olpqh4uIClu/zgyUdJfBZ9RgwXPLgOI+KeArYN6A0TBBDzdLymiXmIBaA2SXf
wVZ5P9U594n8C8F9Dmfvno2anu5wzr47aEzS97RguRhXrgI1n4ItA7lrNIjW0SLx
SUO0X1n4unFN4emLaoGP+KYz2wX+Gois+0BG+fAqREK5KePvPFOySXJ/9aZvZ/we
rjXrVGYF73sQhEl4eiwIoxxQrwW3TGFrWmoySRRvit/1HegBND8U9nE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:35:04 2025 by rpki-client