Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/GGIQpt29AMRn_HQKfoMj9OJtyQo.roa
File: GGIQpt29AMRn_HQKfoMj9OJtyQo.roa (raw, json)
Hash identifier: I0/DK601bADRrfuBXsuLYLiKDeMfTs6kiCg8iXm5eIk=
Subject key identifier: 18:62:10:A6:DD:BD:00:C4:67:FC:74:0A:7E:83:23:F4:E2:6D:C9:0A
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18FA
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GGIQpt29AMRn_HQKfoMj9OJtyQo.roa
Signing time: Fri 17 Jan 2025 01:25:53 +0000
ROA not before: Fri 17 Jan 2025 01:25:53 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 103.221.0.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6394 (0x18fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:53 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=186210A6DDBD00C467FC740A7E8323F4E26DC90A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a9:2c:db:94:6c:c2:21:3d:d3:2a:b6:f0:7e:
50:9e:14:f1:40:e0:b1:46:8d:10:a1:87:cf:7b:64:
5b:28:2d:b8:77:ba:c4:c5:07:53:ae:c5:08:3f:ad:
cf:e1:d0:70:86:49:39:d0:18:9c:93:27:09:b3:7d:
7c:44:91:0d:8e:2f:48:78:6e:90:2b:61:3f:f7:f0:
9f:c4:4b:40:08:e6:23:f7:f8:af:f2:03:06:76:e8:
45:9e:ee:d4:aa:2f:56:e1:a3:97:d5:75:f0:d4:55:
f0:d1:37:a2:0f:37:d3:9d:4a:d6:18:74:af:aa:26:
09:f1:c9:42:59:67:6b:e8:53:d5:8a:e7:0f:ef:55:
84:3f:a3:df:e9:90:c7:a2:c8:2a:f9:e7:37:32:77:
5f:6c:be:b9:0f:aa:c2:da:b2:2f:30:91:d0:3a:00:
58:e8:e6:8c:76:c1:8c:63:96:be:d9:53:4d:5a:ae:
99:a8:96:7a:91:a6:a6:48:24:5c:f3:62:b6:74:f7:
d6:1b:33:b6:ff:f7:71:23:21:05:9e:07:1b:41:17:
57:9b:5a:6c:35:4d:c5:66:50:4e:57:08:e8:0b:98:
7a:c8:f8:d8:e6:1d:a6:1e:5f:3e:cc:37:b1:73:d5:
da:f5:3e:37:91:86:dc:1a:96:24:b5:61:6a:a2:c7:
7f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:62:10:A6:DD:BD:00:C4:67:FC:74:0A:7E:83:23:F4:E2:6D:C9:0A
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GGIQpt29AMRn_HQKfoMj9OJtyQo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.0.0/22
Signature Algorithm: sha256WithRSAEncryption
14:26:e2:e4:e7:35:a5:91:cf:72:d0:e0:aa:3a:1e:fa:2e:a3:
20:46:77:cf:f7:a3:60:ee:1a:02:90:36:12:b0:2e:76:a5:ee:
b4:88:11:70:26:da:4f:5e:f2:21:d7:17:74:02:1e:9f:7e:51:
ac:34:74:d4:57:0a:e6:51:bf:66:23:ea:78:12:7b:c4:d5:79:
36:a7:47:5a:93:96:ef:57:40:d6:94:a9:ec:13:de:2c:b2:4e:
00:83:8b:61:dd:d0:9c:44:7c:6c:03:db:f1:03:37:22:d0:16:
92:2e:ed:32:ab:b8:37:63:c4:7d:d0:69:01:26:bd:86:ef:80:
8d:47:62:ba:73:28:98:77:7f:35:f9:75:e1:6d:e1:14:35:c6:
b6:e0:cb:21:b5:84:23:8e:bb:03:09:bd:c5:dd:7c:44:e5:bc:
28:ca:ed:0c:34:c6:e1:ea:b4:b4:6f:0a:1d:ea:bf:6a:22:29:
8b:c5:4a:14:e0:16:5a:a6:37:9a:79:f6:25:6b:62:85:fa:61:
4c:5f:c1:47:9a:0d:a9:4b:ac:cd:23:ac:4f:b6:80:58:2a:de:
5d:42:d5:ef:86:53:09:a0:b6:19:c9:5a:44:53:b4:c2:e8:3b:
0c:80:28:64:e6:b6:56:4c:48:8a:ad:bc:0c:d7:0b:a2:0b:d9:
6b:3e:0a:6f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGPowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDE4NjIxMEE2RERCRDAw
QzQ2N0ZDNzQwQTdFODMyM0Y0RTI2REM5MEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsqSzblGzCIT3TKrbwflCeFPFA4LFGjRChh897ZFsoLbh3usTF
B1OuxQg/rc/h0HCGSTnQGJyTJwmzfXxEkQ2OL0h4bpArYT/38J/ES0AI5iP3+K/y
AwZ26EWe7tSqL1bho5fVdfDUVfDRN6IPN9OdStYYdK+qJgnxyUJZZ2voU9WK5w/v
VYQ/o9/pkMeiyCr55zcyd19svrkPqsLasi8wkdA6AFjo5ox2wYxjlr7ZU01arpmo
lnqRpqZIJFzzYrZ099YbM7b/93EjIQWeBxtBF1ebWmw1TcVmUE5XCOgLmHrI+Njm
HaYeXz7MN7Fz1dr1PjeRhtwaliS1YWqix3+PAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUGGIQpt29AMRn/HQKfoMj9OJtyQowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0dHSVFwdDI5QU1Sbl9I
UUtmb01qOU9KdHlRby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3QAwDQYJKoZIhvcNAQELBQADggEBABQm4uTnNaWRz3LQ4Ko6HvouoyBGd8/3
o2DuGgKQNhKwLnal7rSIEXAm2k9e8iHXF3QCHp9+Uaw0dNRXCuZRv2Yj6ngSe8TV
eTanR1qTlu9XQNaUqewT3iyyTgCDi2Hd0JxEfGwD2/EDNyLQFpIu7TKruDdjxH3Q
aQEmvYbvgI1HYrpzKJh3fzX5deFt4RQ1xrbgyyG1hCOOuwMJvcXdfETlvCjK7Qw0
xuHqtLRvCh3qv2oiKYvFShTgFlqmN5p59iVrYoX6YUxfwUeaDalLrM0jrE+2gFgq
3l1C1e+GUwmgthnJWkRTtMLoOwyAKGTmtlZMSIqtvAzXC6IL2Ws+Cm8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:35:18 2025 by rpki-client