Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/IDR-G_z25UGnUqu7WOSypS29Utk.roa
File: IDR-G_z25UGnUqu7WOSypS29Utk.roa (raw, json)
Hash identifier: /+uHZLFOZPbokZdEb+71PmazzqGljCXPmhoBAH+LK4c=
Subject key identifier: 20:34:7E:1B:FC:F6:E5:41:A7:52:AB:BB:58:E4:B2:A5:2D:BD:52:D9
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 0CDA
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/IDR-G_z25UGnUqu7WOSypS29Utk.roa
Signing time: Wed 13 Mar 2024 01:21:56 +0000
ROA not before: Wed 13 Mar 2024 01:21:56 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 136897
IP address blocks: 103.198.240.0/22 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3290 (0xcda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Mar 13 01:21:56 2024 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=20347E1BFCF6E541A752ABBB58E4B2A52DBD52D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:42:38:00:81:72:00:c4:f6:88:e0:5e:28:90:
57:35:cc:aa:98:bd:32:a9:02:04:89:26:fd:03:76:
70:e4:42:35:dd:41:7e:65:a9:66:cb:97:11:24:6c:
67:9b:fc:e6:95:14:c7:05:53:82:c1:33:2d:4e:bd:
3a:f1:f9:f8:dd:9b:2f:60:86:fc:ca:12:85:a3:35:
b7:5c:39:34:b1:8f:45:a0:c5:56:11:fa:2d:e7:14:
56:0e:85:eb:07:a7:44:ff:11:1d:8b:2f:3c:d4:f7:
1b:56:0d:22:bb:ec:d8:dd:ed:3e:07:3c:02:3a:d5:
8f:26:a4:c8:50:9d:7f:96:47:83:d0:82:16:4f:f6:
df:5e:44:ba:f7:9c:c6:aa:59:13:04:2c:ee:8c:74:
a9:52:e4:36:53:b3:f6:df:24:38:fb:d3:45:49:56:
12:07:d0:fd:63:63:99:c3:d0:68:3a:9b:ca:15:45:
78:e0:89:1d:47:8e:17:f8:1b:3c:82:48:76:77:9d:
35:a8:03:99:2d:57:3a:4c:c8:30:49:ae:18:5b:0c:
1c:d9:9d:38:de:57:1a:eb:77:88:f4:b7:c5:0c:6a:
95:46:e4:6b:99:c2:54:93:07:7d:5c:80:a7:da:76:
90:21:6b:e3:de:77:77:98:4b:c0:ae:af:da:98:35:
09:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:34:7E:1B:FC:F6:E5:41:A7:52:AB:BB:58:E4:B2:A5:2D:BD:52:D9
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/IDR-G_z25UGnUqu7WOSypS29Utk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.198.240.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:5a:39:07:57:c0:00:0b:79:74:20:22:37:a7:17:c9:d1:b1:
f7:c3:87:c5:43:e1:34:f5:e8:53:95:9f:3a:d5:46:85:e8:45:
c2:84:65:70:91:94:0b:be:bd:a5:4a:b0:c5:34:a0:df:6c:26:
db:ea:ed:e6:05:34:cb:76:4c:b0:47:bd:02:be:57:6f:83:f9:
d5:42:16:fb:cd:53:41:40:15:d3:a8:bf:4c:61:0c:8d:5e:4c:
c7:9a:f1:43:09:41:42:62:67:0e:89:63:6d:de:a9:3e:0d:a4:
0b:ca:ef:f4:37:e0:2a:4f:0c:c2:4a:bf:09:6d:da:d8:86:4b:
73:6b:bb:ed:8f:42:b2:0e:4d:c7:83:35:3b:fd:9c:ca:51:d0:
24:a3:55:bd:ef:ba:ec:d3:01:42:72:fb:ab:4e:d6:bf:ac:bb:
16:b1:da:be:f3:c5:56:3d:cd:e6:40:f1:59:b1:25:2b:a5:5b:
4f:66:99:d6:87:d0:3a:c9:4f:f0:35:75:23:77:5d:76:49:c7:
cd:9f:4f:18:c2:a6:97:3c:bb:71:38:d1:47:54:b9:b9:44:73:
54:d5:a3:92:32:8c:25:d3:c5:4d:a9:1f:92:08:cf:fb:0c:70:
64:2c:4b:04:35:be:4c:2c:70:f8:03:37:ee:35:b8:1d:ca:4a:
4f:03:0d:84
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDNowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDAzMTMw
MTIxNTZaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDIwMzQ3RTFCRkNGNkU1
NDFBNzUyQUJCQjU4RTRCMkE1MkRCRDUyRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMQjgAgXIAxPaI4F4okFc1zKqYvTKpAgSJJv0DdnDkQjXdQX5l
qWbLlxEkbGeb/OaVFMcFU4LBMy1OvTrx+fjdmy9ghvzKEoWjNbdcOTSxj0WgxVYR
+i3nFFYOhesHp0T/ER2LLzzU9xtWDSK77Njd7T4HPAI61Y8mpMhQnX+WR4PQghZP
9t9eRLr3nMaqWRMELO6MdKlS5DZTs/bfJDj700VJVhIH0P1jY5nD0Gg6m8oVRXjg
iR1Hjhf4GzyCSHZ3nTWoA5ktVzpMyDBJrhhbDBzZnTjeVxrrd4j0t8UMapVG5GuZ
wlSTB31cgKfadpAha+Ped3eYS8Cur9qYNQlXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUIDR+G/z25UGnUqu7WOSypS29UtkwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0lEUi1HX3oyNVVHblVx
dTdXT1N5cFMyOVV0ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJnxvAwDQYJKoZIhvcNAQELBQADggEBAJ9aOQdXwAALeXQgIjenF8nRsffDh8VD
4TT16FOVnzrVRoXoRcKEZXCRlAu+vaVKsMU0oN9sJtvq7eYFNMt2TLBHvQK+V2+D
+dVCFvvNU0FAFdOov0xhDI1eTMea8UMJQUJiZw6JY23eqT4NpAvK7/Q34CpPDMJK
vwlt2tiGS3Nru+2PQrIOTceDNTv9nMpR0CSjVb3vuuzTAUJy+6tO1r+suxax2r7z
xVY9zeZA8VmxJSulW09mmdaH0DrJT/A1dSN3XXZJx82fTxjCppc8u3E40UdUublE
c1TVo5IyjCXTxU2pH5IIz/sMcGQsSwQ1vkwscPgDN+41uB3KSk8DDYQ=
-----END CERTIFICATE-----
Generated at Fri Jun 7 04:05:12 2024 by rpki-client on console-ams.rpki-client.org