Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/EZg4VGPnkorCxrjEekYD34rmzps.roa
File: EZg4VGPnkorCxrjEekYD34rmzps.roa (raw, json)
Hash identifier: +bIrZbpm3uRSwNR1+JFLdRXYaFpiy4eeYn8wOYi+FVE=
Subject key identifier: 11:98:38:54:63:E7:92:8A:C2:C6:B8:C4:7A:46:03:DF:8A:E6:CE:9B
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18F8
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EZg4VGPnkorCxrjEekYD34rmzps.roa
Signing time: Fri 17 Jan 2025 01:25:53 +0000
ROA not before: Fri 17 Jan 2025 01:25:53 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 103.221.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6392 (0x18f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:53 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=1198385463E7928AC2C6B8C47A4603DF8AE6CE9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:42:86:c3:04:2c:57:b4:ce:10:bb:6b:28:0b:
14:e5:9e:07:4a:d4:10:d3:e1:2d:74:4c:a0:97:61:
04:01:26:60:d8:d5:fe:d1:5d:ac:d3:b9:83:1c:f2:
36:f1:fd:af:3f:67:c7:f0:57:9d:6a:cf:f9:ed:96:
af:f9:6b:26:96:28:a0:29:7a:7d:16:d7:c9:0a:93:
17:c8:ac:a0:e9:88:50:a3:b9:7b:bf:b0:18:6d:5d:
2a:14:c5:22:99:53:9c:4d:4d:e6:0b:d6:c0:70:1a:
2e:d6:ac:de:c4:67:e9:05:9e:95:8b:d0:09:8f:e5:
2e:7e:80:3c:eb:26:42:cb:7c:90:33:17:df:e2:a8:
8c:e0:0b:e5:fc:1e:e5:1c:39:20:b3:2d:60:ab:47:
27:41:7b:28:30:b7:56:af:ff:38:2d:8a:d6:ff:8a:
b2:f2:19:a9:fe:33:47:1d:43:f2:aa:0a:28:71:30:
c3:33:04:c0:55:2d:da:8d:29:54:d2:1e:cf:e4:87:
20:ba:98:d2:da:e1:7f:ee:c8:15:0e:28:f5:db:31:
3e:40:4f:af:71:43:4a:f3:6f:96:d3:55:4e:f3:3f:
b0:47:e6:68:18:59:12:a4:4c:2d:43:a0:c8:e3:1b:
f2:1e:91:4c:ee:a5:bb:9c:5c:1c:41:bc:1f:08:9b:
80:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:98:38:54:63:E7:92:8A:C2:C6:B8:C4:7A:46:03:DF:8A:E6:CE:9B
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EZg4VGPnkorCxrjEekYD34rmzps.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.38.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:60:26:72:b5:08:3c:c2:89:3a:35:13:61:12:49:75:bb:97:
e7:5e:f9:4b:8b:da:84:7a:cc:68:14:23:7f:af:8d:b2:20:9e:
23:b4:11:cf:6a:ad:0a:d6:27:c2:15:69:31:08:ae:70:76:54:
53:08:55:cd:32:d0:81:14:9a:1b:e9:34:6e:5e:3c:5f:e5:68:
b4:64:57:97:94:b1:60:10:fc:5a:13:44:a6:c6:9e:58:40:21:
8c:b7:63:04:cb:c2:52:9e:fc:44:df:a4:7a:ed:06:13:3f:11:
be:17:04:fb:3c:4b:0b:59:ef:ff:01:d5:e5:40:ae:52:90:0b:
51:dd:7d:15:6b:74:5e:cb:fb:64:9c:04:64:8b:44:ac:7d:1e:
65:b2:7b:82:89:6f:f8:f4:7e:4e:24:b9:76:a6:62:47:c6:8e:
a1:f4:6a:4d:b3:95:2d:74:01:5c:14:7d:71:b3:89:86:43:5e:
e9:4c:38:f1:0a:3d:53:4d:e2:ad:08:6c:93:57:4e:e6:43:77:
67:23:23:3d:e0:f2:d7:7e:fe:90:da:c3:e4:30:f0:85:67:36:
80:ae:da:ee:bf:cd:b7:d3:1e:c4:e4:03:2a:10:22:f7:af:9a:
eb:81:32:a6:fd:1a:d2:36:fa:3c:d2:90:27:f8:a0:32:fd:aa:
d0:6a:6c:de
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGPgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDExOTgzODU0NjNFNzky
OEFDMkM2QjhDNDdBNDYwM0RGOEFFNkNFOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJQobDBCxXtM4Qu2soCxTlngdK1BDT4S10TKCXYQQBJmDY1f7R
XazTuYMc8jbx/a8/Z8fwV51qz/ntlq/5ayaWKKApen0W18kKkxfIrKDpiFCjuXu/
sBhtXSoUxSKZU5xNTeYL1sBwGi7WrN7EZ+kFnpWL0AmP5S5+gDzrJkLLfJAzF9/i
qIzgC+X8HuUcOSCzLWCrRydBeygwt1av/zgtitb/irLyGan+M0cdQ/KqCihxMMMz
BMBVLdqNKVTSHs/khyC6mNLa4X/uyBUOKPXbMT5AT69xQ0rzb5bTVU7zP7BH5mgY
WRKkTC1DoMjjG/IekUzupbucXBxBvB8Im4DJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUEZg4VGPnkorCxrjEekYD34rmzpswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0VaZzRWR1Bua29yQ3hy
akVla1lEMzRybXpwcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3SYwDQYJKoZIhvcNAQELBQADggEBAApgJnK1CDzCiTo1E2ESSXW7l+de+UuL
2oR6zGgUI3+vjbIgniO0Ec9qrQrWJ8IVaTEIrnB2VFMIVc0y0IEUmhvpNG5ePF/l
aLRkV5eUsWAQ/FoTRKbGnlhAIYy3YwTLwlKe/ETfpHrtBhM/Eb4XBPs8SwtZ7/8B
1eVArlKQC1HdfRVrdF7L+2ScBGSLRKx9HmWye4KJb/j0fk4kuXamYkfGjqH0ak2z
lS10AVwUfXGziYZDXulMOPEKPVNN4q0IbJNXTuZDd2cjIz3g8td+/pDaw+Qw8IVn
NoCu2u6/zbfTHsTkAyoQIvevmuuBMqb9GtI2+jzSkCf4oDL9qtBqbN4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:21 2025 by rpki-client