Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/KVBlUGCgyiqvZYfUscq3fp9sDj8.roa
File: KVBlUGCgyiqvZYfUscq3fp9sDj8.roa (raw, json)
Hash identifier: SEzRymSxHrwSGfaUy8RXqArU1qCQV6uly4btkFX3WTQ=
Subject key identifier: 29:50:65:50:60:A0:CA:2A:AF:65:87:D4:B1:CA:B7:7E:9F:6C:0E:3F
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1810
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/KVBlUGCgyiqvZYfUscq3fp9sDj8.roa
Signing time: Fri 17 Jan 2025 01:24:31 +0000
ROA not before: Fri 17 Jan 2025 01:24:31 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 103.221.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6160 (0x1810)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:31 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=2950655060A0CA2AAF6587D4B1CAB77E9F6C0E3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:51:7f:59:d6:c3:92:d9:a3:b6:fe:5d:b8:80:
e6:1e:0d:ec:94:ff:0c:2c:cd:2a:c0:de:d4:35:dc:
92:50:db:38:f1:93:d5:a5:11:55:7d:87:26:f0:f8:
1c:2a:a3:d8:a0:33:f6:f3:15:c9:9b:b5:e1:9f:1f:
6b:34:84:f4:6d:5f:5c:24:c2:d4:9a:cd:92:ad:bb:
64:13:9d:b6:7e:56:4b:de:ef:2a:12:94:91:1e:4b:
33:2b:f0:78:d6:6a:15:eb:b6:3a:a8:8f:fd:b5:69:
60:e1:3b:4c:a4:88:22:78:12:dc:25:8f:78:79:72:
24:1d:24:16:56:85:58:cb:35:bf:a9:b7:49:c9:43:
21:8c:53:d2:74:9c:28:6f:62:97:1f:f2:03:1f:4b:
64:fa:d1:7f:00:71:70:d8:50:7b:f0:11:2a:9d:8a:
9e:ba:59:4f:88:df:c8:8d:f0:c5:69:0c:eb:f7:bb:
e5:ae:d1:63:0e:fd:01:1c:85:33:34:9b:8a:2e:be:
d4:70:4d:a6:ac:0a:4e:7d:f7:88:33:72:52:6d:81:
b5:c4:cb:61:c3:18:af:62:8c:0c:c2:2a:2f:5f:b1:
50:5e:91:f6:97:9f:2c:36:63:b3:a9:a3:a0:38:57:
c9:36:a1:c3:19:88:55:49:e5:74:8e:b5:e7:a2:96:
d3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:50:65:50:60:A0:CA:2A:AF:65:87:D4:B1:CA:B7:7E:9F:6C:0E:3F
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/KVBlUGCgyiqvZYfUscq3fp9sDj8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.3.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:8a:56:c2:3a:ef:f2:75:8b:a2:cd:7e:1c:cd:ee:f8:7d:61:
4f:99:3f:ed:7f:d0:fd:d5:8d:e5:fd:5f:d6:08:de:ba:d5:cf:
23:e5:27:08:34:0e:8e:ec:04:ac:9f:2e:1c:a9:d8:d3:44:85:
e0:ed:61:ee:40:4c:90:4c:2f:fd:4b:66:b0:ba:c6:65:25:c4:
71:21:1e:d0:b6:27:a4:f2:4c:9c:5e:93:54:21:42:e3:b6:b8:
b0:b3:f0:41:6f:6a:26:69:5d:32:8f:85:15:5d:82:e0:cb:59:
42:cf:5f:f7:71:58:4d:26:80:7f:8f:48:51:60:fb:a8:25:bd:
77:6f:3c:5a:09:b9:0b:2f:ec:95:8b:17:49:da:e8:7e:7e:0d:
b5:11:b8:3a:d1:8e:c0:cc:e5:d6:39:b7:85:f1:28:c0:f6:53:
b8:24:3a:87:3d:26:cf:c0:c3:c7:89:de:e8:fa:6d:3f:af:1d:
fc:36:ee:5f:5e:41:24:8f:06:ca:8e:4a:ac:f4:ca:9d:82:c3:
c3:f6:b8:fa:a1:44:ad:a1:2d:29:df:88:fc:64:ce:5c:d6:4a:
d1:a3:d5:5f:76:1c:17:81:33:8c:e8:03:07:77:a7:93:3a:58:
ef:3f:98:fa:bd:d3:f2:eb:ad:49:de:22:60:6e:17:b8:06:42:
4d:a1:21:1b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGBAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0MzFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI5NTA2NTUwNjBBMENB
MkFBRjY1ODdENEIxQ0FCNzdFOUY2QzBFM0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsUX9Z1sOS2aO2/l24gOYeDeyU/wwszSrA3tQ13JJQ2zjxk9Wl
EVV9hybw+Bwqo9igM/bzFcmbteGfH2s0hPRtX1wkwtSazZKtu2QTnbZ+Vkve7yoS
lJEeSzMr8HjWahXrtjqoj/21aWDhO0ykiCJ4Etwlj3h5ciQdJBZWhVjLNb+pt0nJ
QyGMU9J0nChvYpcf8gMfS2T60X8AcXDYUHvwESqdip66WU+I38iN8MVpDOv3u+Wu
0WMO/QEchTM0m4ouvtRwTaasCk5994gzclJtgbXEy2HDGK9ijAzCKi9fsVBekfaX
nyw2Y7Opo6A4V8k2ocMZiFVJ5XSOteeiltOFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUKVBlUGCgyiqvZYfUscq3fp9sDj8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0tWQmxVR0NneWlxdlpZ
ZlVzY3EzZnA5c0RqOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3QMwDQYJKoZIhvcNAQELBQADggEBAMCKVsI67/J1i6LNfhzN7vh9YU+ZP+1/
0P3VjeX9X9YI3rrVzyPlJwg0Do7sBKyfLhyp2NNEheDtYe5ATJBML/1LZrC6xmUl
xHEhHtC2J6TyTJxek1QhQuO2uLCz8EFvaiZpXTKPhRVdguDLWULPX/dxWE0mgH+P
SFFg+6glvXdvPFoJuQsv7JWLF0na6H5+DbURuDrRjsDM5dY5t4XxKMD2U7gkOoc9
Js/Aw8eJ3uj6bT+vHfw27l9eQSSPBsqOSqz0yp2Cw8P2uPqhRK2hLSnfiPxkzlzW
StGj1V92HBeBM4zoAwd3p5M6WO8/mPq90/LrrUneImBuF7gGQk2hIRs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:35 2025 by rpki-client