Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/HovIe6H6Lprc2JInFopBvN9ihQE.roa
File: HovIe6H6Lprc2JInFopBvN9ihQE.roa (raw, json)
Hash identifier: E+8UZB8ZJpD//RzaxceKTVXk8gNXYJ2+Xqh3IEWShdo=
Subject key identifier: 1E:8B:C8:7B:A1:FA:2E:9A:DC:D8:92:27:16:8A:41:BC:DF:62:85:01
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1868
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/HovIe6H6Lprc2JInFopBvN9ihQE.roa
Signing time: Fri 17 Jan 2025 01:25:02 +0000
ROA not before: Fri 17 Jan 2025 01:25:02 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 103.220.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6248 (0x1868)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:02 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=1E8BC87BA1FA2E9ADCD89227168A41BCDF628501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5a:73:ba:3f:07:fe:f7:a1:e4:6e:cb:e7:09:
d9:a7:22:cb:f5:a8:a7:c8:0f:17:88:13:87:8d:3e:
c8:ad:14:d6:00:fc:d1:c7:9d:9a:b0:9b:b0:d6:6b:
b1:dc:f2:1c:33:eb:d8:0d:d8:1b:c3:03:55:83:c0:
79:ae:3e:ee:46:84:48:85:4c:30:a8:af:d8:95:fb:
84:d5:22:c3:ad:7d:7e:46:18:3a:f8:b1:15:9d:82:
32:43:d1:60:9d:16:97:73:58:89:20:cf:54:1b:e5:
90:d2:4c:49:75:fa:34:ce:43:f4:45:c4:a8:8d:ca:
2f:d0:52:9e:34:1b:d3:e8:73:d3:91:1e:6b:e4:7b:
1c:0d:8f:7e:c8:4a:30:97:3e:92:37:0d:e8:15:7f:
03:b1:3f:e3:f3:ba:c7:36:97:84:62:c7:bd:32:a2:
2b:29:34:f5:8e:65:92:c3:0e:51:08:cb:90:ed:9a:
dd:30:2e:27:de:48:9b:48:32:33:02:4c:08:b7:4d:
0e:0d:b5:70:c3:57:74:fb:25:07:16:16:81:3d:30:
12:9c:b1:92:39:59:07:1e:17:83:ab:1e:96:e1:f6:
13:0a:a7:11:a0:ca:4b:2b:be:52:f5:0e:a5:a0:7e:
3c:bb:91:dc:f1:69:82:e3:aa:7d:6b:2d:51:cf:a8:
b1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:8B:C8:7B:A1:FA:2E:9A:DC:D8:92:27:16:8A:41:BC:DF:62:85:01
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/HovIe6H6Lprc2JInFopBvN9ihQE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.220.254.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:21:37:4e:84:9a:1d:28:17:f7:9b:8a:5d:df:90:65:68:27:
df:07:e4:b3:86:3d:08:5a:13:a2:6d:ba:ef:3d:4a:19:dc:cc:
6d:3a:32:94:4e:81:1f:f9:a6:4b:46:a1:84:df:ac:cc:4a:90:
4f:24:b0:45:cb:a2:67:24:42:07:3c:57:55:84:98:a9:55:86:
4f:12:00:23:d5:0f:eb:e1:b3:5d:d3:4c:a2:fd:64:91:85:bd:
96:84:34:ca:2c:05:6d:cf:cd:af:0f:3c:df:5f:72:51:1d:44:
76:73:ce:7a:8a:aa:34:8f:d0:58:69:60:37:e5:15:dc:89:2d:
f0:ca:bd:b1:86:e9:1b:94:d7:e4:0e:ae:31:f9:4d:1a:13:34:
5d:da:f6:5e:a1:e5:60:6b:56:92:9a:e7:78:c3:93:98:33:11:
3a:b9:92:50:fd:54:f8:7d:26:cd:f2:69:93:44:8e:b0:bc:00:
a5:f4:c6:e7:3b:a0:f3:ed:2e:ce:bf:09:41:93:22:75:61:2e:
69:ac:33:c7:4f:ef:08:8b:c5:c1:b1:5a:be:84:8b:7b:a8:ee:
9d:4c:4c:f1:64:e2:09:b3:e6:3d:48:3c:cc:7c:d6:b2:30:d3:
af:33:ba:53:c2:1a:94:71:74:9c:38:65:6f:fc:04:6e:65:bc:
b2:6d:a7:09
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGGgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFFOEJDODdCQTFGQTJF
OUFEQ0Q4OTIyNzE2OEE0MUJDREY2Mjg1MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNWnO6Pwf+96HkbsvnCdmnIsv1qKfIDxeIE4eNPsitFNYA/NHH
nZqwm7DWa7Hc8hwz69gN2BvDA1WDwHmuPu5GhEiFTDCor9iV+4TVIsOtfX5GGDr4
sRWdgjJD0WCdFpdzWIkgz1Qb5ZDSTEl1+jTOQ/RFxKiNyi/QUp40G9Poc9ORHmvk
exwNj37ISjCXPpI3DegVfwOxP+Pzusc2l4Rix70yoispNPWOZZLDDlEIy5Dtmt0w
LifeSJtIMjMCTAi3TQ4NtXDDV3T7JQcWFoE9MBKcsZI5WQceF4OrHpbh9hMKpxGg
yksrvlL1DqWgfjy7kdzxaYLjqn1rLVHPqLFLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUHovIe6H6Lprc2JInFopBvN9ihQEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0hvdkllNkg2THByYzJK
SW5Gb3BCdk45aWhRRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3P4wDQYJKoZIhvcNAQELBQADggEBAMwhN06Emh0oF/ebil3fkGVoJ98H5LOG
PQhaE6Jtuu89ShnczG06MpROgR/5pktGoYTfrMxKkE8ksEXLomckQgc8V1WEmKlV
hk8SACPVD+vhs13TTKL9ZJGFvZaENMosBW3Pza8PPN9fclEdRHZzznqKqjSP0Fhp
YDflFdyJLfDKvbGG6RuU1+QOrjH5TRoTNF3a9l6h5WBrVpKa53jDk5gzETq5klD9
VPh9Js3yaZNEjrC8AKX0xuc7oPPtLs6/CUGTInVhLmmsM8dP7wiLxcGxWr6Ei3uo
7p1MTPFk4gmz5j1IPMx81rIw068zulPCGpRxdJw4ZW/8BG5lvLJtpwk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:38 2025 by rpki-client