Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/HxtVepLjKiLyW2rnCGITSI7OvzA.roa
File: HxtVepLjKiLyW2rnCGITSI7OvzA.roa (raw, json)
Hash identifier: Zx3W+dBSyy2VgSaBJy2nfAS045LJw21ImWDmAz/knpo=
Subject key identifier: 1F:1B:55:7A:92:E3:2A:22:F2:5B:6A:E7:08:62:13:48:8E:CE:BF:30
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 180E
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/HxtVepLjKiLyW2rnCGITSI7OvzA.roa
Signing time: Fri 17 Jan 2025 01:24:30 +0000
ROA not before: Fri 17 Jan 2025 01:24:30 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 103.221.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6158 (0x180e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:30 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=1F1B557A92E32A22F25B6AE7086213488ECEBF30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:70:d5:20:24:98:aa:d7:2f:ef:09:72:56:72:
2b:5f:59:f9:b4:07:91:2a:44:2f:64:00:ce:df:87:
0a:f0:fd:99:1b:e6:93:3b:b7:f8:8a:e0:14:85:37:
11:f3:32:46:8f:61:85:89:d2:e0:fb:15:82:51:5e:
92:4c:d5:50:14:92:08:cb:01:3f:55:d7:05:f2:8f:
dc:06:39:f1:90:2d:67:80:5e:51:f2:1b:28:20:b4:
ce:03:12:92:9f:53:57:62:2d:49:c8:18:a9:d2:ce:
38:9e:32:4c:85:70:28:34:eb:87:57:64:e7:25:b7:
4b:ce:b6:77:e5:94:bf:f9:3c:19:ee:52:aa:b4:d9:
9f:d6:97:a4:10:dd:82:ea:be:45:0b:f1:1e:66:06:
4f:95:c2:e1:f9:92:d3:36:9a:6e:4d:ed:2f:14:86:
5e:3c:80:48:64:68:5e:08:a1:91:f9:64:b1:88:78:
50:02:cb:2c:8e:45:f9:0a:b0:d2:ba:b6:c1:3f:2d:
b8:32:b3:72:f0:06:93:50:27:03:a4:c7:eb:ac:a8:
54:f2:ee:25:4f:4d:15:8e:b5:24:66:44:46:19:4c:
b2:e4:95:13:ce:13:0a:dc:64:a9:09:4d:ea:44:51:
0f:ee:78:35:dd:c6:0b:48:6d:1a:41:d2:e3:92:9b:
f5:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:1B:55:7A:92:E3:2A:22:F2:5B:6A:E7:08:62:13:48:8E:CE:BF:30
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/HxtVepLjKiLyW2rnCGITSI7OvzA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.27.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:7f:55:ce:66:e7:cd:e8:75:22:0c:cb:12:f8:57:23:65:12:
c3:91:df:8b:66:da:ec:1c:ea:5d:da:81:9d:9b:82:6b:c5:7c:
d3:44:cc:bf:7e:46:99:65:6f:3e:3f:97:3d:b0:cf:85:a4:c7:
2a:e0:aa:ab:94:ca:d6:94:0e:9f:c0:71:b2:d1:8d:df:88:c1:
a3:05:9e:6a:94:92:1e:47:48:de:fd:f8:1f:96:1d:57:46:e1:
09:25:c4:17:cf:20:67:70:56:e8:96:02:ef:0a:d7:f3:79:b5:
23:15:58:62:88:dc:97:51:79:78:c3:ca:28:46:1d:3f:2f:b8:
66:03:0d:f6:54:0b:dc:49:16:17:10:4b:dd:d1:80:4a:ae:53:
01:3a:31:c5:49:6d:fc:83:78:44:5c:7e:ff:ee:6c:5f:25:56:
97:d4:ce:b5:e0:28:2e:1e:de:bb:85:41:f5:c1:f8:40:e4:e0:
e1:8b:c2:35:a0:4e:73:2a:54:0a:df:33:ad:38:81:9f:42:59:
d7:bb:7e:82:05:ec:9d:e1:c7:a8:fb:fc:20:a8:43:17:00:4e:
92:5d:50:20:36:7e:2a:71:2a:53:11:c2:d0:22:97:b5:aa:ce:
4e:c0:0e:3f:08:af:31:89:0d:26:05:52:9e:f5:df:ee:8b:76:
6f:36:b5:71
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGA4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0MzBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFGMUI1NTdBOTJFMzJB
MjJGMjVCNkFFNzA4NjIxMzQ4OEVDRUJGMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCXcNUgJJiq1y/vCXJWcitfWfm0B5EqRC9kAM7fhwrw/Zkb5pM7
t/iK4BSFNxHzMkaPYYWJ0uD7FYJRXpJM1VAUkgjLAT9V1wXyj9wGOfGQLWeAXlHy
GyggtM4DEpKfU1diLUnIGKnSzjieMkyFcCg064dXZOclt0vOtnfllL/5PBnuUqq0
2Z/Wl6QQ3YLqvkUL8R5mBk+VwuH5ktM2mm5N7S8Uhl48gEhkaF4IoZH5ZLGIeFAC
yyyORfkKsNK6tsE/Lbgys3LwBpNQJwOkx+usqFTy7iVPTRWOtSRmREYZTLLklRPO
EwrcZKkJTepEUQ/ueDXdxgtIbRpB0uOSm/VhAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUHxtVepLjKiLyW2rnCGITSI7OvzAwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0h4dFZlcExqS2lMeVcy
cm5DR0lUU0k3T3Z6QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RswDQYJKoZIhvcNAQELBQADggEBAM1/Vc5m583odSIMyxL4VyNlEsOR34tm
2uwc6l3agZ2bgmvFfNNEzL9+Rpllbz4/lz2wz4WkxyrgqquUytaUDp/AcbLRjd+I
waMFnmqUkh5HSN79+B+WHVdG4QklxBfPIGdwVuiWAu8K1/N5tSMVWGKI3JdReXjD
yihGHT8vuGYDDfZUC9xJFhcQS93RgEquUwE6McVJbfyDeERcfv/ubF8lVpfUzrXg
KC4e3ruFQfXB+EDk4OGLwjWgTnMqVArfM604gZ9CWde7foIF7J3hx6j7/CCoQxcA
TpJdUCA2fipxKlMRwtAil7Wqzk7ADj8IrzGJDSYFUp713+6Ldm82tXE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:25 2025 by rpki-client