Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/MGhfdRJCB8AR_9otlI8aXp1jaMk.roa
File: MGhfdRJCB8AR_9otlI8aXp1jaMk.roa (raw, json)
Hash identifier: YiZUUkQKa2q6oH7JAq9KUT8fRenFFv3IYw4k9Z4XmsA=
Subject key identifier: 30:68:5F:75:12:42:07:C0:11:FF:DA:2D:94:8F:1A:5E:9D:63:68:C9
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1821
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/MGhfdRJCB8AR_9otlI8aXp1jaMk.roa
Signing time: Fri 17 Jan 2025 01:24:38 +0000
ROA not before: Fri 17 Jan 2025 01:24:38 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 103.221.28.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6177 (0x1821)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:38 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=30685F75124207C011FFDA2D948F1A5E9D6368C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:44:01:f1:0d:03:06:fc:a1:6a:1b:51:e8:89:
ad:65:b7:48:da:d3:cc:ea:4e:57:b6:a8:25:3c:54:
82:ee:71:f3:1c:bc:e3:93:16:5d:5e:ef:f1:c1:d8:
4b:4a:f5:01:e8:15:57:a3:33:e8:bc:58:ee:43:cc:
54:f9:88:e2:0e:f2:04:1d:bd:3d:52:23:87:d2:d7:
d4:68:0f:90:98:5f:8d:27:ae:9f:9a:38:9c:ba:e4:
88:9d:7d:af:4c:35:27:80:b2:93:11:bf:c9:4f:da:
91:56:58:85:db:0c:7b:5e:c5:af:be:4b:6c:72:80:
48:80:bd:b4:48:85:4a:35:bc:62:c0:e0:bb:4c:38:
b4:c9:16:11:fc:9a:06:e5:53:db:a2:90:64:08:13:
e0:ef:0f:51:15:d7:2c:ca:7e:78:e2:b7:f5:23:c9:
89:a0:47:a4:65:f8:6c:b4:e0:ae:1d:e3:fd:a8:d5:
a0:70:7b:a0:53:55:b8:30:47:23:21:bc:3a:54:1f:
9b:4e:e9:e6:04:34:be:6a:40:36:ec:a2:51:88:06:
58:81:45:13:08:af:e8:4e:2a:2e:08:88:53:86:c7:
50:6a:78:de:44:46:5a:fa:3d:bf:fb:15:aa:29:b7:
fd:48:30:dc:4c:e7:2f:51:81:d4:f3:54:a2:81:fc:
10:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:68:5F:75:12:42:07:C0:11:FF:DA:2D:94:8F:1A:5E:9D:63:68:C9
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/MGhfdRJCB8AR_9otlI8aXp1jaMk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.28.0/24
Signature Algorithm: sha256WithRSAEncryption
12:4b:3f:46:18:51:0f:6c:bf:59:79:d2:5a:98:ce:1f:1c:d8:
71:b4:78:88:25:36:93:f1:d6:60:9f:98:1b:97:98:b0:98:f9:
03:ca:17:22:71:82:91:16:fe:85:4c:34:ce:4f:5e:2e:2d:30:
09:a2:7c:3f:a6:85:53:59:f4:fc:91:4d:5c:d5:c1:81:2f:8b:
d3:0d:32:85:ef:54:9c:5c:25:d8:b5:4d:c2:8d:6a:cf:c8:eb:
1f:6e:6d:17:25:d8:08:a8:03:b0:cf:6e:e0:74:43:ef:16:10:
0b:78:d8:2b:f6:29:6c:7a:77:4f:83:85:d5:b5:ab:e1:5c:45:
c7:9d:a5:2f:89:59:8a:8e:e7:de:f0:17:a5:31:4c:23:ec:f5:
55:23:2f:0c:7d:d4:e0:cd:19:ba:24:bb:e7:86:a3:83:b8:54:
f5:40:c3:a1:c6:eb:48:9c:a5:0d:26:92:68:ba:5d:5f:26:7d:
6a:30:5c:4b:7a:33:4f:99:33:4d:6b:87:82:af:73:5b:a1:ac:
01:ac:98:6f:9a:3f:59:6b:b0:73:e2:2c:7c:5c:ad:e8:29:2d:
64:cf:a6:d7:27:a7:5b:62:6b:28:fd:83:a0:46:10:38:d0:ec:
e3:a1:f6:e6:f4:d3:49:cf:a4:96:b0:e3:8a:f3:86:0d:cc:31:
ca:97:29:ce
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGCEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0MzhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDMwNjg1Rjc1MTI0MjA3
QzAxMUZGREEyRDk0OEYxQTVFOUQ2MzY4QzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGRAHxDQMG/KFqG1Hoia1lt0ja08zqTle2qCU8VILucfMcvOOT
Fl1e7/HB2EtK9QHoFVejM+i8WO5DzFT5iOIO8gQdvT1SI4fS19RoD5CYX40nrp+a
OJy65Iidfa9MNSeAspMRv8lP2pFWWIXbDHtexa++S2xygEiAvbRIhUo1vGLA4LtM
OLTJFhH8mgblU9uikGQIE+DvD1EV1yzKfnjit/UjyYmgR6Rl+Gy04K4d4/2o1aBw
e6BTVbgwRyMhvDpUH5tO6eYENL5qQDbsolGIBliBRRMIr+hOKi4IiFOGx1BqeN5E
Rlr6Pb/7Faopt/1IMNxM5y9RgdTzVKKB/BCVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUMGhfdRJCB8AR/9otlI8aXp1jaMkwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L01HaGZkUkpDQjhBUl85
b3RsSThhWHAxamFNay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RwwDQYJKoZIhvcNAQELBQADggEBABJLP0YYUQ9sv1l50lqYzh8c2HG0eIgl
NpPx1mCfmBuXmLCY+QPKFyJxgpEW/oVMNM5PXi4tMAmifD+mhVNZ9PyRTVzVwYEv
i9MNMoXvVJxcJdi1TcKNas/I6x9ubRcl2AioA7DPbuB0Q+8WEAt42Cv2KWx6d0+D
hdW1q+FcRcedpS+JWYqO597wF6UxTCPs9VUjLwx91ODNGboku+eGo4O4VPVAw6HG
60icpQ0mkmi6XV8mfWowXEt6M0+ZM01rh4Kvc1uhrAGsmG+aP1lrsHPiLHxcregp
LWTPptcnp1tiayj9g6BGEDjQ7OOh9ub000nPpJaw44rzhg3MMcqXKc4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:21 2025 by rpki-client