Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/E-hsU1H3eD2QFoK9AI4JOMJo8a8.roa
File: E-hsU1H3eD2QFoK9AI4JOMJo8a8.roa (raw, json)
Hash identifier: mbcQ9Ss3TFCbaKKna+lAWAx6MaxBgYJ4GooINekkyss=
Subject key identifier: 13:E8:6C:53:51:F7:78:3D:90:16:82:BD:00:8E:09:38:C2:68:F1:AF
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18AF
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/E-hsU1H3eD2QFoK9AI4JOMJo8a8.roa
Signing time: Fri 17 Jan 2025 01:25:24 +0000
ROA not before: Fri 17 Jan 2025 01:25:24 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 103.221.44.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6319 (0x18af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:24 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=13E86C5351F7783D901682BD008E0938C268F1AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7e:20:a0:94:37:ff:6e:51:15:14:57:e6:fa:
ea:2c:2e:16:2d:61:a9:2b:32:5a:79:0b:08:10:9c:
1e:6c:cd:03:66:77:3a:14:d0:ce:e3:93:84:ac:de:
1e:4c:04:29:4f:4c:b4:23:0a:7c:a7:03:a4:78:d5:
2c:4f:07:f3:cd:9b:96:1c:32:e5:59:92:f5:35:e9:
68:19:39:f5:00:c2:17:c5:83:0c:6d:a2:58:9a:48:
d3:91:9c:87:a6:48:86:62:f6:71:e3:54:ed:59:26:
b1:d8:c7:21:9b:30:fe:d3:28:e4:a8:77:1b:3f:c1:
fe:64:24:5b:44:51:43:92:1b:ff:1f:51:d1:7f:eb:
61:01:5d:b1:3f:bf:6a:b0:97:79:94:3f:62:50:08:
e7:1c:84:7a:7a:8a:b4:03:d5:fa:59:a9:42:ab:76:
04:b9:fb:e9:fa:fc:0c:e6:56:b0:a3:fb:03:f3:10:
ae:df:cd:fb:f7:0d:27:e6:0e:61:5f:69:36:5b:48:
a6:0a:ce:db:f6:5d:15:11:0f:3d:2f:ab:1b:6b:4f:
73:07:b7:25:4c:7e:d5:b9:fb:e6:44:86:49:25:ea:
ba:04:f8:ae:40:d1:0a:3a:de:bd:58:89:70:84:81:
d9:7c:6c:f9:be:22:ff:3b:f0:0b:2a:ca:6c:e6:06:
90:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:E8:6C:53:51:F7:78:3D:90:16:82:BD:00:8E:09:38:C2:68:F1:AF
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/E-hsU1H3eD2QFoK9AI4JOMJo8a8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.44.0/24
Signature Algorithm: sha256WithRSAEncryption
60:f7:2f:43:9c:37:cf:f8:d4:b2:4d:c8:48:d8:49:09:1f:8b:
96:d4:65:db:69:34:fa:c8:4d:0e:6b:e6:3a:37:c3:6d:59:79:
29:e6:ed:2c:4b:d8:1f:29:b5:80:01:78:d9:13:69:58:0f:e7:
68:30:93:54:97:f4:a9:e6:ef:4b:76:4a:ec:54:5a:42:49:d5:
35:be:0e:dd:c9:cc:a5:d3:8b:86:2e:24:b3:eb:61:63:ec:5a:
05:1e:f4:06:f5:d2:d7:2b:c8:35:2e:76:37:e4:7d:16:39:56:
5e:b0:5b:a2:ba:a6:4f:8b:48:18:58:77:c6:11:aa:91:67:2b:
f9:3d:c8:b4:b3:52:07:4d:31:80:32:df:c9:a8:58:74:66:8f:
8c:3a:26:27:ce:dd:fa:c8:44:e8:68:ca:24:6d:01:a0:ad:e5:
7e:16:ac:0c:d4:80:ce:32:96:1b:13:9c:c5:bf:90:67:69:19:
2a:41:59:5e:c6:c5:e8:a6:40:57:89:fa:04:bc:c8:e5:24:ee:
6a:58:4f:81:d1:6d:9b:16:2b:ac:fd:34:24:28:49:fb:c9:21:
11:51:53:83:dc:1a:e7:00:00:fe:e3:19:bd:0b:27:d5:d8:06:
65:aa:14:c8:91:0a:a6:87:f6:73:6a:04:a1:7d:5d:19:5f:53:
cf:a5:2b:1a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGK8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MjRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDEzRTg2QzUzNTFGNzc4
M0Q5MDE2ODJCRDAwOEUwOTM4QzI2OEYxQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDfiCglDf/blEVFFfm+uosLhYtYakrMlp5CwgQnB5szQNmdzoU
0M7jk4Ss3h5MBClPTLQjCnynA6R41SxPB/PNm5YcMuVZkvU16WgZOfUAwhfFgwxt
oliaSNORnIemSIZi9nHjVO1ZJrHYxyGbMP7TKOSodxs/wf5kJFtEUUOSG/8fUdF/
62EBXbE/v2qwl3mUP2JQCOcchHp6irQD1fpZqUKrdgS5++n6/AzmVrCj+wPzEK7f
zfv3DSfmDmFfaTZbSKYKztv2XRURDz0vqxtrT3MHtyVMftW5++ZEhkkl6roE+K5A
0Qo63r1YiXCEgdl8bPm+Iv878AsqymzmBpClAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUE+hsU1H3eD2QFoK9AI4JOMJo8a8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0UtaHNVMUgzZUQyUUZv
SzlBSTRKT01KbzhhOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3SwwDQYJKoZIhvcNAQELBQADggEBAGD3L0OcN8/41LJNyEjYSQkfi5bUZdtp
NPrITQ5r5jo3w21ZeSnm7SxL2B8ptYABeNkTaVgP52gwk1SX9Knm70t2SuxUWkJJ
1TW+Dt3JzKXTi4YuJLPrYWPsWgUe9Ab10tcryDUudjfkfRY5Vl6wW6K6pk+LSBhY
d8YRqpFnK/k9yLSzUgdNMYAy38moWHRmj4w6JifO3frIROhoyiRtAaCt5X4WrAzU
gM4ylhsTnMW/kGdpGSpBWV7GxeimQFeJ+gS8yOUk7mpYT4HRbZsWK6z9NCQoSfvJ
IRFRU4PcGucAAP7jGb0LJ9XYBmWqFMiRCqaH9nNqBKF9XRlfU8+lKxo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:05 2025 by rpki-client