Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/FY-FwSX42CA9z2VTCMnACafB5Jg.roa
File: FY-FwSX42CA9z2VTCMnACafB5Jg.roa (raw, json)
Hash identifier: FGkokAeJSZFsCr5EfFvF3XFASzgyu5Y6xL2lMfvE1Ek=
Subject key identifier: 15:8F:85:C1:25:F8:D8:20:3D:CF:65:53:08:C9:C0:09:A7:C1:E4:98
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 189F
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/FY-FwSX42CA9z2VTCMnACafB5Jg.roa
Signing time: Fri 17 Jan 2025 01:25:19 +0000
ROA not before: Fri 17 Jan 2025 01:25:19 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 103.221.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6303 (0x189f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:19 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=158F85C125F8D8203DCF655308C9C009A7C1E498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4e:36:9b:50:d0:c7:b0:21:d7:33:0c:01:b6:
d5:54:e0:93:f3:d0:28:26:42:ca:1e:6a:18:02:91:
0b:ce:19:92:78:22:df:c3:8a:eb:a3:09:c0:12:2a:
96:a8:04:90:c8:db:d4:e6:18:32:9b:c3:f8:30:3a:
63:25:14:42:f0:a7:4a:b9:50:f1:54:96:60:cb:cc:
a2:b5:66:b2:6b:a7:ff:61:0e:0b:7d:2c:68:cf:4a:
85:ba:21:e0:90:c9:aa:28:47:35:36:c1:82:b4:f7:
b6:91:ca:31:6a:38:d1:01:9f:93:45:fc:c6:75:7b:
84:36:6b:79:1c:8f:a7:67:50:f3:92:e3:f2:4a:19:
25:fe:68:26:55:db:d8:4f:a5:d5:f7:d9:72:d0:4b:
78:ea:d1:47:ac:1e:f3:fc:2f:f2:94:f0:e6:c4:28:
2d:39:51:61:e7:e6:a1:92:7d:1f:f7:32:ef:ee:9a:
75:05:06:d6:e0:2b:b3:a4:d1:cc:19:b4:a8:07:4a:
9d:b9:51:d5:9f:4b:59:37:53:2c:cf:14:0d:14:4e:
65:b7:c6:d5:9b:aa:38:50:74:42:43:c6:eb:32:64:
19:96:da:0b:45:16:ea:cc:41:72:00:ca:7c:85:26:
d6:a3:38:c3:ff:23:7c:0c:b9:25:be:e2:57:2a:2b:
9c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:8F:85:C1:25:F8:D8:20:3D:CF:65:53:08:C9:C0:09:A7:C1:E4:98
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/FY-FwSX42CA9z2VTCMnACafB5Jg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.33.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:b4:9f:e8:1b:c6:50:75:91:23:3e:19:ba:a9:29:a7:ba:67:
32:d4:25:33:00:cd:95:fb:fa:cd:dd:dc:36:b4:2e:b2:74:ce:
25:31:b4:64:82:d6:95:63:1f:6f:a6:47:ca:41:07:92:ad:39:
63:e7:ca:87:43:76:93:76:0f:9a:17:b9:d8:a2:d8:60:4a:05:
8d:49:9d:aa:71:94:e3:7a:32:c1:f9:b4:20:3f:d3:1d:2e:10:
dd:a6:bf:28:3e:e1:db:3d:b5:59:b4:c7:1e:17:d8:e4:e8:32:
54:24:21:d2:60:bc:2e:9d:9e:ec:19:31:9e:20:82:ee:27:c7:
01:06:e6:89:74:41:c0:65:a7:18:4c:91:70:87:f3:4f:fa:c1:
5b:b7:db:df:06:78:14:98:00:2d:ab:09:34:73:21:39:5b:f7:
d0:c6:df:62:3c:af:b9:96:bd:3f:01:08:0e:3c:10:3b:b9:7a:
ba:12:59:27:bd:d8:d3:3b:29:6a:4a:0a:f8:1b:16:28:d2:24:
1d:10:fa:35:5d:73:51:33:b5:27:9c:c5:98:ac:e2:f4:35:b7:
18:ef:a2:b3:fb:38:b0:d0:1e:7c:88:e0:a4:9c:8d:d4:5c:58:
7e:aa:37:7c:e9:46:27:6a:2e:ad:13:5a:1b:64:20:be:a4:b4:
41:f7:4a:58
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGJ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDE1OEY4NUMxMjVGOEQ4
MjAzRENGNjU1MzA4QzlDMDA5QTdDMUU0OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCTjabUNDHsCHXMwwBttVU4JPz0CgmQsoeahgCkQvOGZJ4It/D
iuujCcASKpaoBJDI29TmGDKbw/gwOmMlFELwp0q5UPFUlmDLzKK1ZrJrp/9hDgt9
LGjPSoW6IeCQyaooRzU2wYK097aRyjFqONEBn5NF/MZ1e4Q2a3kcj6dnUPOS4/JK
GSX+aCZV29hPpdX32XLQS3jq0UesHvP8L/KU8ObEKC05UWHn5qGSfR/3Mu/umnUF
BtbgK7Ok0cwZtKgHSp25UdWfS1k3UyzPFA0UTmW3xtWbqjhQdEJDxusyZBmW2gtF
FurMQXIAynyFJtajOMP/I3wMuSW+4lcqK5wvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUFY+FwSX42CA9z2VTCMnACafB5JgwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0ZZLUZ3U1g0MkNBOXoy
VlRDTW5BQ2FmQjVKZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3SEwDQYJKoZIhvcNAQELBQADggEBALq0n+gbxlB1kSM+GbqpKae6ZzLUJTMA
zZX7+s3d3Da0LrJ0ziUxtGSC1pVjH2+mR8pBB5KtOWPnyodDdpN2D5oXudii2GBK
BY1JnapxlON6MsH5tCA/0x0uEN2mvyg+4ds9tVm0xx4X2OToMlQkIdJgvC6dnuwZ
MZ4ggu4nxwEG5ol0QcBlpxhMkXCH80/6wVu3298GeBSYAC2rCTRzITlb99DG32I8
r7mWvT8BCA48EDu5eroSWSe92NM7KWpKCvgbFijSJB0Q+jVdc1EztSecxZis4vQ1
txjvorP7OLDQHnyI4KScjdRcWH6qN3zpRidqLq0TWhtkIL6ktEH3Slg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:35:01 2025 by rpki-client