Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/NkKi1oWhLebeThhq5oBI2Vh4N58.roa
File: NkKi1oWhLebeThhq5oBI2Vh4N58.roa (raw, json)
Hash identifier: bMXgDeVuzgtY3dfRq5kyqXY3rOCggkNdOwkfEnakuZA=
Subject key identifier: 36:42:A2:D6:85:A1:2D:E6:DE:4E:18:6A:E6:80:48:D9:58:78:37:9F
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1882
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/NkKi1oWhLebeThhq5oBI2Vh4N58.roa
Signing time: Fri 17 Jan 2025 01:25:10 +0000
ROA not before: Fri 17 Jan 2025 01:25:10 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 103.221.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6274 (0x1882)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:10 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=3642A2D685A12DE6DE4E186AE68048D95878379F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c7:db:bd:11:7c:2e:e4:c0:50:40:01:fd:41:
58:a7:c4:80:57:10:25:b2:8b:6e:42:28:a4:b8:e0:
ab:67:49:10:a4:75:97:6f:25:93:74:72:c4:49:76:
94:70:a9:7d:93:57:34:a7:8f:52:a2:51:a2:91:8c:
b3:cb:2f:33:38:f6:3c:5a:40:16:fa:1c:95:57:c4:
50:c8:c0:56:e0:5b:71:fe:04:26:85:1c:f7:34:ef:
7f:60:98:d0:3b:8d:cf:4c:98:56:88:6c:fd:6b:92:
b2:95:e5:c9:5e:f9:93:2c:e1:70:c6:ec:61:e5:73:
d0:07:05:86:de:fe:f2:a3:b3:2b:e6:cb:05:3c:e3:
d8:31:be:4f:44:33:b5:bd:67:2c:4e:46:90:4b:68:
29:d7:46:a6:42:1e:f1:6e:7b:31:65:f5:df:33:55:
c1:c8:88:f7:40:16:6a:0b:a4:06:d6:b5:7a:f2:10:
81:a6:f5:62:38:c5:6a:84:16:ae:3f:4e:d2:8f:3e:
b2:b2:83:86:a5:a2:22:49:70:cf:d1:ce:07:84:e4:
64:92:70:48:0c:fd:e6:cc:e1:b7:64:d2:fb:ec:7c:
67:07:bd:13:25:38:27:10:15:05:4b:e1:58:5e:13:
64:11:0d:bc:9c:bd:f5:23:38:8e:5e:ce:76:f9:94:
f0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:42:A2:D6:85:A1:2D:E6:DE:4E:18:6A:E6:80:48:D9:58:78:37:9F
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/NkKi1oWhLebeThhq5oBI2Vh4N58.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.50.0/24
Signature Algorithm: sha256WithRSAEncryption
41:f8:c7:a5:f5:f1:23:81:74:b5:62:b6:6b:3e:d4:d4:36:82:
78:c5:a6:f5:b6:8e:94:d8:c3:33:d4:c6:61:85:af:5f:ef:fa:
03:1a:bb:6f:af:72:ea:bb:26:04:1e:67:54:09:51:2c:4b:83:
98:51:91:ee:3d:e0:ed:e3:4f:32:05:d6:5d:82:3d:d3:8d:a2:
4e:7b:58:03:2a:d4:d1:47:a5:64:28:3b:14:c0:2c:e7:1e:d3:
d3:0e:d8:43:74:01:43:bb:7b:55:95:d7:d1:05:9a:1b:a9:d9:
b9:d3:12:e6:fe:c9:cb:c7:1f:e0:28:6e:e3:55:75:50:4e:47:
a6:cd:06:94:5b:de:50:88:90:6b:52:37:51:88:34:eb:19:a8:
36:cc:f4:38:c2:82:77:13:4e:67:82:4d:ab:f4:65:36:44:07:
08:8c:22:88:31:f5:47:d5:c5:c6:65:e1:da:56:84:29:d4:f6:
df:73:45:04:08:2f:43:1a:85:a9:29:c2:a7:57:a7:96:11:d4:
df:b7:67:9b:ef:ed:67:51:41:fb:a4:ed:82:0e:c6:0c:00:0e:
3c:d2:c9:e5:90:b6:6a:a9:f9:6d:c2:e6:7c:57:df:04:fa:cd:
e9:89:86:5b:ae:28:e6:d9:a7:08:b3:49:a9:7d:0f:57:c7:f5:
18:b0:7b:2f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGIIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM2NDJBMkQ2ODVBMTJE
RTZERTRFMTg2QUU2ODA0OEQ5NTg3ODM3OUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCux9u9EXwu5MBQQAH9QVinxIBXECWyi25CKKS44KtnSRCkdZdv
JZN0csRJdpRwqX2TVzSnj1KiUaKRjLPLLzM49jxaQBb6HJVXxFDIwFbgW3H+BCaF
HPc0739gmNA7jc9MmFaIbP1rkrKV5cle+ZMs4XDG7GHlc9AHBYbe/vKjsyvmywU8
49gxvk9EM7W9ZyxORpBLaCnXRqZCHvFuezFl9d8zVcHIiPdAFmoLpAbWtXryEIGm
9WI4xWqEFq4/TtKPPrKyg4aloiJJcM/RzgeE5GSScEgM/ebM4bdk0vvsfGcHvRMl
OCcQFQVL4VheE2QRDbycvfUjOI5eznb5lPCvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUNkKi1oWhLebeThhq5oBI2Vh4N58wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L05rS2kxb1doTGViZVRo
aHE1b0JJMlZoNE41OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3TIwDQYJKoZIhvcNAQELBQADggEBAEH4x6X18SOBdLVitms+1NQ2gnjFpvW2
jpTYwzPUxmGFr1/v+gMau2+vcuq7JgQeZ1QJUSxLg5hRke494O3jTzIF1l2CPdON
ok57WAMq1NFHpWQoOxTALOce09MO2EN0AUO7e1WV19EFmhup2bnTEub+ycvHH+Ao
buNVdVBOR6bNBpRb3lCIkGtSN1GINOsZqDbM9DjCgncTTmeCTav0ZTZEBwiMIogx
9UfVxcZl4dpWhCnU9t9zRQQIL0MahakpwqdXp5YR1N+3Z5vv7WdRQfuk7YIOxgwA
DjzSyeWQtmqp+W3C5nxX3wT6zemJhluuKObZpwizSal9D1fH9Riwey8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:26 2025 by rpki-client