Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/LI52H8jSGCB_rXF_IPTQda86qSs.roa
File: LI52H8jSGCB_rXF_IPTQda86qSs.roa (raw, json)
Hash identifier: p+ynetlpaK7DO40LdSCptklt1jiy0v2/HiX9nHmxcXE=
Subject key identifier: 2C:8E:76:1F:C8:D2:18:20:7F:AD:71:7F:20:F4:D0:75:AF:3A:A9:2B
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 19E1
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/LI52H8jSGCB_rXF_IPTQda86qSs.roa
Signing time: Fri 28 Feb 2025 17:00:50 +0000
ROA not before: Fri 28 Feb 2025 17:00:50 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4812
IP address blocks: 103.5.192.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6625 (0x19e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Feb 28 17:00:50 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=2C8E761FC8D218207FAD717F20F4D075AF3AA92B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:91:bb:0e:5b:ba:c8:8c:d8:2b:e3:94:d4:a5:
48:24:73:2e:6d:4e:e0:1c:60:7a:e5:72:3f:3c:1c:
38:cc:81:72:de:c3:eb:a2:23:b1:82:3f:a3:84:a4:
e1:b1:48:7d:41:f8:a4:7e:96:44:da:e5:4e:27:13:
01:d3:82:ca:8e:49:46:86:2b:4a:4b:32:c0:b8:a4:
80:31:04:ca:bd:08:4d:5c:0b:04:2e:9b:97:d0:50:
0a:48:65:01:50:41:cc:19:34:9e:33:99:3a:6c:bd:
e1:4d:f6:b6:49:21:a7:5b:2d:65:47:9c:12:4f:70:
62:bc:fc:ce:21:37:84:1b:3a:e2:18:4e:42:86:ef:
41:ac:1e:ed:f4:34:80:c7:b4:bd:e8:9d:26:27:f7:
12:c3:48:4f:79:05:11:a1:22:a1:f0:6f:c9:e7:33:
61:df:0f:9d:bb:8f:2e:b6:c5:ab:06:56:7a:6c:bf:
08:ec:03:22:fd:90:9a:66:28:73:e3:71:50:0b:f8:
ac:45:6f:87:ef:86:18:c5:61:af:dd:20:b2:ff:b6:
e9:61:d7:09:1f:f3:6f:ba:c1:52:7f:d7:20:c6:f7:
19:58:d4:64:91:c1:69:1b:2e:34:f3:a9:4c:fe:d2:
75:b7:d3:36:92:2e:d0:bb:bb:eb:32:cb:d1:62:50:
eb:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:8E:76:1F:C8:D2:18:20:7F:AD:71:7F:20:F4:D0:75:AF:3A:A9:2B
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/LI52H8jSGCB_rXF_IPTQda86qSs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.5.192.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:84:0a:16:e4:30:51:98:54:e5:7a:6a:61:4e:4c:6a:34:eb:
32:5b:84:44:e2:2b:96:26:32:37:14:80:e7:bf:d0:2d:bd:93:
92:a4:05:47:16:a8:b2:9e:d5:80:5a:a3:a9:58:90:31:c0:8f:
a5:da:b1:00:af:d8:b7:c8:9a:b1:41:1c:14:89:0f:41:19:3c:
c5:a1:b5:2d:8a:bf:62:88:e2:8c:fa:b0:27:72:13:a9:46:8a:
69:ce:e9:2d:2d:80:bd:93:5b:ec:7e:33:28:0e:3d:9a:fb:41:
61:16:ff:c3:26:f6:5f:23:25:da:3b:c7:1d:a3:5c:93:ca:d1:
c3:f3:d2:c7:b0:3a:98:96:be:b8:c2:b5:76:31:9b:c6:5c:c5:
ec:c5:b4:4f:71:16:0a:1b:97:5b:71:35:15:67:c4:3d:bb:00:
54:1f:e2:82:1d:18:f3:de:32:77:2a:2b:a0:ab:a8:46:26:26:
4c:c2:14:d0:85:76:93:e5:3b:28:b2:00:75:9e:46:f5:2d:19:
80:61:d5:3d:83:71:d9:49:cc:93:16:be:f8:d2:c9:9f:7c:ac:
92:a5:4e:f8:de:ad:0d:4f:dd:9f:9f:67:ce:7f:b6:b7:61:ea:
c2:98:c4:a6:d1:26:41:c6:1b:8b:c6:08:9e:de:1b:20:48:bc:
f4:8e:00:05
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGeEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAyMjgx
NzAwNTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDJDOEU3NjFGQzhEMjE4
MjA3RkFENzE3RjIwRjREMDc1QUYzQUE5MkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbkbsOW7rIjNgr45TUpUgkcy5tTuAcYHrlcj88HDjMgXLew+ui
I7GCP6OEpOGxSH1B+KR+lkTa5U4nEwHTgsqOSUaGK0pLMsC4pIAxBMq9CE1cCwQu
m5fQUApIZQFQQcwZNJ4zmTpsveFN9rZJIadbLWVHnBJPcGK8/M4hN4QbOuIYTkKG
70GsHu30NIDHtL3onSYn9xLDSE95BRGhIqHwb8nnM2HfD527jy62xasGVnpsvwjs
AyL9kJpmKHPjcVAL+KxFb4fvhhjFYa/dILL/tulh1wkf82+6wVJ/1yDG9xlY1GSR
wWkbLjTzqUz+0nW30zaSLtC7u+syy9FiUOsDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQULI52H8jSGCB/rXF/IPTQda86qSswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0xJNTJIOGpTR0NCX3JY
Rl9JUFRRZGE4NnFTcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFnBcAwDQYJKoZIhvcNAQELBQADggEBAByEChbkMFGYVOV6amFOTGo06zJbhETi
K5YmMjcUgOe/0C29k5KkBUcWqLKe1YBao6lYkDHAj6XasQCv2LfImrFBHBSJD0EZ
PMWhtS2Kv2KI4oz6sCdyE6lGimnO6S0tgL2TW+x+MygOPZr7QWEW/8Mm9l8jJdo7
xx2jXJPK0cPz0sewOpiWvrjCtXYxm8ZcxezFtE9xFgobl1txNRVnxD27AFQf4oId
GPPeMncqK6CrqEYmJkzCFNCFdpPlOyiyAHWeRvUtGYBh1T2DcdlJzJMWvvjSyZ98
rJKlTvjerQ1P3Z+fZ85/trdh6sKYxKbRJkHGG4vGCJ7eGyBIvPSOAAU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:13:05 2025 by rpki-client