Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/GzajHcU10PaSKKinfQ7JKTXYksw.roa
File: GzajHcU10PaSKKinfQ7JKTXYksw.roa (raw, json)
Hash identifier: jveUaf4+Fk9CPIXkBwPu/eGQfURjxREVYqxGdo6uwpI=
Subject key identifier: 1B:36:A3:1D:C5:35:D0:F6:92:28:A8:A7:7D:0E:C9:29:35:D8:92:CC
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1467
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GzajHcU10PaSKKinfQ7JKTXYksw.roa
Signing time: Wed 11 Sep 2024 02:23:15 +0000
ROA not before: Wed 11 Sep 2024 02:23:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 13444
IP address blocks: 103.220.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5223 (0x1467)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1B36A31DC535D0F69228A8A77D0EC92935D892CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:df:7e:03:b7:7b:94:0a:bc:9a:24:1f:5c:d8:
60:12:bd:67:4e:c8:1b:27:3f:75:aa:d2:04:3c:37:
1d:43:d0:0c:1f:1d:07:67:06:d3:bb:59:db:a0:88:
ac:42:24:85:29:cf:e1:41:03:3e:a5:ab:82:a7:e7:
49:1f:45:43:58:c8:9a:6a:43:6a:d5:2d:39:5e:fb:
b5:a5:b5:03:91:5e:f9:8b:b8:69:fc:76:97:86:a4:
f4:91:5c:af:a1:aa:a2:b8:8e:c9:9c:44:ce:3e:bb:
b0:39:c7:95:9f:78:f6:e4:35:05:df:21:d5:5f:9b:
6d:43:37:cd:0f:4d:7d:10:46:e2:5a:93:71:e4:5f:
a1:e0:5e:d2:bc:c2:59:26:ba:9b:29:6c:b6:5f:02:
74:50:ea:4a:aa:26:14:40:78:cd:42:50:6f:c1:7e:
eb:43:d9:3c:43:6d:8e:c5:a4:c8:ed:c4:77:1a:9b:
02:47:b0:1a:47:60:4d:0e:49:3c:ec:8e:16:64:d6:
a9:08:72:af:2b:cc:0f:6a:9a:62:06:ed:af:9c:b8:
ca:ee:d3:e6:40:35:2a:3a:36:c2:a4:5d:86:2a:4d:
ba:aa:5c:ea:59:98:83:aa:b2:de:1d:a0:00:37:d0:
18:2c:19:fc:c7:7c:dd:89:b0:d5:18:b5:eb:d5:b0:
e2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:36:A3:1D:C5:35:D0:F6:92:28:A8:A7:7D:0E:C9:29:35:D8:92:CC
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GzajHcU10PaSKKinfQ7JKTXYksw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.220.255.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:00:11:91:18:a3:f2:2c:13:98:99:80:c8:5b:00:3c:c2:6b:
48:c8:06:f5:04:52:75:7c:c4:9e:45:32:db:21:25:62:19:ed:
fc:ad:da:b5:07:ac:8d:2b:fe:55:5a:4d:fb:d8:73:4b:a8:3e:
a1:07:0d:dd:53:ea:1d:20:5e:f3:98:27:92:b6:05:87:d2:f9:
db:be:67:b9:e0:57:ab:80:52:cc:2b:35:04:b5:24:8d:45:87:
52:b0:18:7b:41:f9:db:a2:e8:eb:e4:2b:b1:36:ff:ed:20:eb:
46:51:55:8b:d7:f3:c5:49:0a:64:cc:f0:8d:20:3d:64:a4:6d:
b3:d9:ed:d6:07:7e:3f:92:c7:39:be:d1:73:35:12:7d:13:14:
ce:7b:d3:76:77:cd:d5:41:64:7d:08:5a:26:7d:d5:a8:0a:49:
13:7a:4e:50:37:ab:de:66:eb:89:4b:3f:80:8d:e0:da:b9:d9:
55:0f:9d:85:c4:93:05:ca:26:6b:18:0e:6f:07:19:77:be:e0:
7e:66:3a:0f:f8:30:b7:d7:33:d9:94:d0:bf:e3:97:64:f0:50:
6e:ab:79:1c:20:3f:6e:25:38:65:9e:84:ae:94:73:5a:25:a9:
4a:dc:7a:36:96:3a:7f:ad:a5:18:de:1f:b7:bf:66:f6:8f:47:
2f:9e:66:57
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFGcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFCMzZBMzFEQzUzNUQw
RjY5MjI4QThBNzdEMEVDOTI5MzVEODkyQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL334Dt3uUCryaJB9c2GASvWdOyBsnP3Wq0gQ8Nx1D0AwfHQdn
BtO7WdugiKxCJIUpz+FBAz6lq4Kn50kfRUNYyJpqQ2rVLTle+7WltQORXvmLuGn8
dpeGpPSRXK+hqqK4jsmcRM4+u7A5x5WfePbkNQXfIdVfm21DN80PTX0QRuJak3Hk
X6HgXtK8wlkmupspbLZfAnRQ6kqqJhRAeM1CUG/BfutD2TxDbY7FpMjtxHcamwJH
sBpHYE0OSTzsjhZk1qkIcq8rzA9qmmIG7a+cuMru0+ZANSo6NsKkXYYqTbqqXOpZ
mIOqst4doAA30BgsGfzHfN2JsNUYtevVsOKpAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUGzajHcU10PaSKKinfQ7JKTXYkswwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0d6YWpIY1UxMFBhU0tL
aW5mUTdKS1RYWWtzdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3P8wDQYJKoZIhvcNAQELBQADggEBAMsAEZEYo/IsE5iZgMhbADzCa0jIBvUE
UnV8xJ5FMtshJWIZ7fyt2rUHrI0r/lVaTfvYc0uoPqEHDd1T6h0gXvOYJ5K2BYfS
+du+Z7ngV6uAUswrNQS1JI1Fh1KwGHtB+dui6OvkK7E2/+0g60ZRVYvX88VJCmTM
8I0gPWSkbbPZ7dYHfj+Sxzm+0XM1En0TFM5703Z3zdVBZH0IWiZ91agKSRN6TlA3
q95m64lLP4CN4Nq52VUPnYXEkwXKJmsYDm8HGXe+4H5mOg/4MLfXM9mU0L/jl2Tw
UG6reRwgP24lOGWehK6Uc1olqUrcejaWOn+tpRjeH7e/ZvaPRy+eZlc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:15 2025 by rpki-client