Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/EpsU2lfUAoiyyQGi2-nOm_WJiYM.roa
File: EpsU2lfUAoiyyQGi2-nOm_WJiYM.roa (raw, json)
Hash identifier: LurhgpMopM9Ru8/MDNTnj0DXVpWdDraMJdjRtVrNOLo=
Subject key identifier: 12:9B:14:DA:57:D4:02:88:B2:C9:01:A2:DB:E9:CE:9B:F5:89:89:83
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1492
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EpsU2lfUAoiyyQGi2-nOm_WJiYM.roa
Signing time: Wed 11 Sep 2024 02:23:30 +0000
ROA not before: Wed 11 Sep 2024 02:23:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 138527
IP address blocks: 103.221.28.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5266 (0x1492)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=129B14DA57D40288B2C901A2DBE9CE9BF5898983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a8:6e:dc:02:97:02:e8:8a:f6:05:fc:42:97:
95:ce:75:5d:f5:de:96:62:56:46:d4:8f:1d:2d:f7:
ab:a4:08:89:47:08:da:6c:08:1f:a0:21:ac:6c:30:
e4:2c:6f:9a:3f:e7:90:c4:12:0d:37:9d:d8:14:98:
27:59:7d:d2:8e:c9:09:40:d4:c2:89:14:2e:82:83:
37:29:a7:02:29:63:68:8d:de:83:99:74:11:04:74:
a4:61:48:c0:58:69:33:47:71:30:3c:ee:af:e1:88:
fa:96:02:d7:8b:48:2d:97:8a:98:9a:56:22:19:80:
01:4f:68:31:34:a8:e1:7a:50:96:f1:2d:69:91:a3:
85:cb:b7:3e:4a:56:6b:a3:b5:6e:2a:e7:db:b5:3d:
27:da:b4:6f:fb:7d:2f:bd:84:02:45:4a:d4:be:30:
94:f2:32:7e:36:b2:ca:89:94:fb:6e:c3:fb:fd:13:
67:3f:a3:eb:24:77:9f:f1:71:27:8b:b5:16:52:f5:
96:e5:d9:5a:2c:55:81:f1:a0:5a:e0:df:20:b6:7b:
ef:52:1b:e7:e4:8c:2a:e8:11:10:2c:44:c8:b1:20:
83:bf:88:cf:d3:9c:48:02:67:ff:5c:7c:cf:e3:eb:
9a:5e:c7:0c:b7:39:45:32:bd:79:1f:ff:e7:3f:2a:
18:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:9B:14:DA:57:D4:02:88:B2:C9:01:A2:DB:E9:CE:9B:F5:89:89:83
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EpsU2lfUAoiyyQGi2-nOm_WJiYM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.28.0/22
Signature Algorithm: sha256WithRSAEncryption
56:ae:69:e5:7f:66:9c:56:3c:9f:0d:3a:6b:29:0d:1f:ad:3d:
41:a1:79:b8:47:84:b7:7f:9a:15:11:2a:a2:0c:dc:ff:38:ec:
8c:75:72:02:e5:b1:d2:b8:59:27:ab:1d:05:ac:35:1c:30:ca:
36:da:71:a8:47:83:83:da:fd:03:bb:76:8b:d2:f9:7f:67:d6:
39:2b:ce:4e:ba:e7:9f:50:ea:0a:40:d3:08:02:9c:67:23:8e:
30:58:d8:92:47:0c:a8:07:d6:f3:68:49:da:df:8d:5d:5e:52:
cd:f9:27:29:92:6b:26:65:0a:76:2a:dd:65:4e:e0:4b:61:d3:
27:a9:51:87:34:6a:cf:f8:cc:22:15:72:89:dc:28:c2:f4:9c:
ae:58:70:5f:ae:96:74:b7:6b:2f:63:90:70:13:a6:24:c3:38:
22:71:ed:49:a9:2c:f8:98:a8:32:f8:d6:14:22:0c:f8:35:49:
79:85:bc:28:6b:5e:97:28:c7:86:f8:fa:87:fc:09:14:17:de:
c3:b0:61:7c:d9:41:ce:b6:c4:76:c9:39:de:7e:f3:e5:9c:ee:
fb:94:02:b5:e1:50:dc:91:05:3a:e1:ee:09:91:3a:0f:33:c4:
40:ba:50:58:05:b4:be:7b:3f:5c:54:05:25:53:c9:45:94:94:
1c:e8:f6:4c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFJIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEyOUIxNERBNTdENDAy
ODhCMkM5MDFBMkRCRTlDRTlCRjU4OTg5ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuqG7cApcC6Ir2BfxCl5XOdV313pZiVkbUjx0t96ukCIlHCNps
CB+gIaxsMOQsb5o/55DEEg03ndgUmCdZfdKOyQlA1MKJFC6CgzcppwIpY2iN3oOZ
dBEEdKRhSMBYaTNHcTA87q/hiPqWAteLSC2XipiaViIZgAFPaDE0qOF6UJbxLWmR
o4XLtz5KVmujtW4q59u1PSfatG/7fS+9hAJFStS+MJTyMn42ssqJlPtuw/v9E2c/
o+skd5/xcSeLtRZS9Zbl2VosVYHxoFrg3yC2e+9SG+fkjCroERAsRMixIIO/iM/T
nEgCZ/9cfM/j65pexwy3OUUyvXkf/+c/KhgDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUEpsU2lfUAoiyyQGi2+nOm/WJiYMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0Vwc1UybGZVQW9peXlR
R2kyLW5PbV9XSmlZTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3RwwDQYJKoZIhvcNAQELBQADggEBAFauaeV/ZpxWPJ8NOmspDR+tPUGhebhH
hLd/mhURKqIM3P847Ix1cgLlsdK4WSerHQWsNRwwyjbacahHg4Pa/QO7dovS+X9n
1jkrzk66559Q6gpA0wgCnGcjjjBY2JJHDKgH1vNoSdrfjV1eUs35JymSayZlCnYq
3WVO4Eth0yepUYc0as/4zCIVconcKML0nK5YcF+ulnS3ay9jkHATpiTDOCJx7Ump
LPiYqDL41hQiDPg1SXmFvChrXpcox4b4+of8CRQX3sOwYXzZQc62xHbJOd5+8+Wc
7vuUArXhUNyRBTrh7gmROg8zxEC6UFgFtL57P1xUBSVTyUWUlBzo9kw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:37:48 2025 by rpki-client