Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/NAlm-r5iwk4_BRM-d3QcSGSZA4Q.roa
File: NAlm-r5iwk4_BRM-d3QcSGSZA4Q.roa (raw, json)
Hash identifier: DLUsKqpa8Cprv4FvKb3PxQfyBZtYMV0AWDJlnOtA4gE=
Subject key identifier: 34:09:66:FA:BE:62:C2:4E:3F:05:13:3E:77:74:1C:48:64:99:03:84
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1880
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/NAlm-r5iwk4_BRM-d3QcSGSZA4Q.roa
Signing time: Fri 17 Jan 2025 01:25:09 +0000
ROA not before: Fri 17 Jan 2025 01:25:09 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 138527
IP address blocks: 103.221.48.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6272 (0x1880)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:09 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=340966FABE62C24E3F05133E77741C4864990384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1f:a6:ac:37:88:4b:0c:3c:36:90:a0:2d:5c:
73:20:9f:c3:fc:6b:6e:b9:5c:58:22:2b:df:96:73:
c3:bd:e6:e7:e3:c4:df:15:2e:eb:0f:b1:46:98:75:
6c:e4:ae:27:29:4d:3f:ff:1f:82:dc:da:f1:71:88:
58:47:07:69:6f:81:7d:de:e7:62:84:0b:c6:4b:3b:
8a:80:1c:34:de:c9:c4:7f:66:54:53:0e:63:f6:ef:
8f:dc:38:a5:39:57:35:e6:cd:e4:ff:73:17:94:da:
01:b5:77:d4:39:4e:bb:f5:0f:d7:94:c4:52:27:0f:
4a:6e:96:b8:6f:43:ea:ca:7b:1e:b8:89:0a:b8:5e:
46:d6:86:59:f2:93:5f:56:91:2a:70:29:e5:0b:2c:
96:87:aa:64:c1:2f:04:b2:50:57:f5:af:de:b7:22:
68:fd:41:67:fe:e1:15:81:71:24:0c:05:f6:0f:5c:
63:94:1e:4f:85:77:ae:ce:e9:ad:84:1c:df:a5:2b:
14:76:da:f4:6f:ed:eb:ba:dc:ca:74:1b:7f:fc:40:
3d:b9:f5:19:dc:67:77:94:27:9d:6e:f7:3b:68:93:
d2:e1:5c:c3:a4:68:03:02:db:6f:3f:09:5a:ce:4f:
98:dc:18:28:27:79:66:aa:63:d8:bb:47:d0:0c:47:
17:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:09:66:FA:BE:62:C2:4E:3F:05:13:3E:77:74:1C:48:64:99:03:84
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/NAlm-r5iwk4_BRM-d3QcSGSZA4Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.48.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:d7:f6:4d:f4:e7:40:2e:9a:18:6b:18:9b:45:5e:2e:76:83:
0a:0d:c7:57:bf:fc:db:cd:5b:50:8b:31:db:ca:dd:16:56:17:
c8:f6:b4:4a:3a:fc:f1:50:b5:64:c4:cc:ae:e8:7b:81:6e:ec:
a8:c7:7c:6b:08:3e:31:6d:2d:30:32:77:67:91:5b:4e:b5:96:
bb:ab:8f:b0:3c:57:39:bd:d1:57:7b:ba:5b:53:b4:ca:00:f4:
f1:12:d6:62:cd:9c:25:e8:a2:9b:82:1e:92:ae:b4:45:28:67:
40:74:55:52:75:1b:c9:32:84:22:e9:88:88:d9:f5:3d:90:1c:
c8:00:4f:99:cd:01:e4:2d:1e:42:2f:ac:f0:ba:26:ff:e3:db:
95:88:c1:b2:f3:96:b1:b7:36:fd:38:d5:91:d0:14:a3:ac:4f:
2a:ed:2b:76:d2:f1:c7:5c:9e:b1:e6:68:85:36:ce:8d:80:d1:
69:9c:2e:9a:8b:c4:32:36:81:4e:82:1c:ba:5d:62:4f:4a:0a:
3e:2a:0e:65:47:c3:0b:b3:60:05:60:c4:52:bd:56:ec:af:28:
e3:24:e5:18:d0:ad:d9:86:a8:5f:9b:94:f5:ac:60:aa:e5:20:
95:44:75:1f:7c:f3:d3:67:c0:25:df:5e:38:43:eb:c3:52:2d:
b7:54:20:0c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGIAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM0MDk2NkZBQkU2MkMy
NEUzRjA1MTMzRTc3NzQxQzQ4NjQ5OTAzODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjH6asN4hLDDw2kKAtXHMgn8P8a265XFgiK9+Wc8O95ufjxN8V
LusPsUaYdWzkricpTT//H4Lc2vFxiFhHB2lvgX3e52KEC8ZLO4qAHDTeycR/ZlRT
DmP274/cOKU5VzXmzeT/cxeU2gG1d9Q5Trv1D9eUxFInD0pulrhvQ+rKex64iQq4
XkbWhlnyk19WkSpwKeULLJaHqmTBLwSyUFf1r963Imj9QWf+4RWBcSQMBfYPXGOU
Hk+Fd67O6a2EHN+lKxR22vRv7eu63Mp0G3/8QD259RncZ3eUJ51u9ztok9LhXMOk
aAMC228/CVrOT5jcGCgneWaqY9i7R9AMRxe1AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUNAlm+r5iwk4/BRM+d3QcSGSZA4QwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L05BbG0tcjVpd2s0X0JS
TS1kM1FjU0dTWkE0US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3TAwDQYJKoZIhvcNAQELBQADggEBAB/X9k3050AumhhrGJtFXi52gwoNx1e/
/NvNW1CLMdvK3RZWF8j2tEo6/PFQtWTEzK7oe4Fu7KjHfGsIPjFtLTAyd2eRW061
lrurj7A8Vzm90Vd7ultTtMoA9PES1mLNnCXoopuCHpKutEUoZ0B0VVJ1G8kyhCLp
iIjZ9T2QHMgAT5nNAeQtHkIvrPC6Jv/j25WIwbLzlrG3Nv041ZHQFKOsTyrtK3bS
8cdcnrHmaIU2zo2A0WmcLpqLxDI2gU6CHLpdYk9KCj4qDmVHwwuzYAVgxFK9Vuyv
KOMk5RjQrdmGqF+blPWsYKrlIJVEdR9889NnwCXfXjhD68NSLbdUIAw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:36 2025 by rpki-client