Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/O2I3K-daiuqfPLnWs6JUwW8_Sg0.roa
File: O2I3K-daiuqfPLnWs6JUwW8_Sg0.roa (raw, json)
Hash identifier: t3IwOYunMh431dQZ3ZbmcMREDmnvZ6ciqiL/z5npwgM=
Subject key identifier: 3B:62:37:2B:E7:5A:8A:EA:9F:3C:B9:D6:B3:A2:54:C1:6F:3F:4A:0D
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 156D
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/O2I3K-daiuqfPLnWs6JUwW8_Sg0.roa
Signing time: Wed 11 Sep 2024 04:04:12 +0000
ROA not before: Wed 11 Sep 2024 04:04:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 103.221.92.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5485 (0x156d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 04:04:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3B62372BE75A8AEA9F3CB9D6B3A254C16F3F4A0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fa:4b:67:0c:28:a5:94:60:64:89:a7:73:c4:
98:f4:57:d3:b7:55:90:19:47:31:1a:3f:79:15:7d:
f1:d3:86:07:da:a2:bd:ef:14:4b:c4:f2:a9:6a:2b:
48:a6:df:d8:a5:17:f5:12:50:f9:ce:59:d1:b3:52:
d5:80:34:03:32:8f:07:af:df:c1:43:d3:46:34:c1:
d2:2e:3a:9f:6e:23:d6:0b:b6:7b:49:95:8a:b0:2e:
a6:b6:9d:4f:b3:95:7a:c3:60:88:9a:ce:58:e7:9b:
d4:13:00:40:6c:13:ba:ee:68:3a:f8:3b:d8:de:da:
55:8b:ce:9d:10:58:a2:fc:75:83:67:2c:4c:d4:b1:
59:97:cc:af:71:b1:2d:e9:23:ad:45:88:36:f4:77:
17:13:4d:00:f7:49:ab:5a:9e:ca:de:2c:14:15:e2:
97:c8:3c:2c:ce:27:6d:47:3d:bc:54:75:a2:99:c3:
ea:d7:38:fd:1e:3e:3b:4c:90:03:45:10:fa:92:18:
86:03:1d:e0:fa:bd:c2:85:7c:91:56:e1:34:30:9d:
5f:65:01:01:b1:1b:10:5f:82:4f:1c:46:7a:50:87:
60:e5:17:2a:56:c0:5e:3b:f3:41:bf:9e:5d:fb:f5:
88:5c:01:3a:d4:3f:48:8b:44:22:c3:85:b5:57:2c:
e1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:62:37:2B:E7:5A:8A:EA:9F:3C:B9:D6:B3:A2:54:C1:6F:3F:4A:0D
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/O2I3K-daiuqfPLnWs6JUwW8_Sg0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.92.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:e9:5c:c0:e9:78:cf:56:1c:1b:bf:c5:67:c4:ad:5a:2a:ea:
4a:a2:d3:2f:a2:93:9a:7d:ca:cd:64:03:c5:52:80:07:19:05:
db:e2:57:05:a7:6f:4a:f9:db:b9:24:0e:8a:63:1d:e9:9d:1b:
71:a2:8e:39:93:59:d9:bc:e8:c1:43:7a:e8:3d:ef:38:16:04:
36:d3:f0:8a:6e:16:e7:39:d8:1a:8b:38:f7:77:93:31:3f:e7:
b1:09:96:df:75:81:6a:dd:cf:d6:88:a0:6e:26:ef:1c:54:12:
51:16:69:9b:f6:ad:e9:cc:f6:34:2e:7f:22:05:22:8f:7e:4e:
e9:58:b7:dc:86:c3:ae:dc:ca:9f:bf:48:92:29:f6:05:0f:32:
2a:bb:c4:bd:36:07:f4:c6:64:78:fd:08:d0:54:05:37:6b:f0:
4a:3e:7b:de:23:6b:54:71:f5:f8:d1:bc:48:4c:dc:9c:a7:5b:
67:f7:0e:cc:76:45:5d:ae:d1:80:9b:0c:7b:53:0c:9c:01:42:
c0:5e:d0:11:82:dc:34:29:ed:bb:36:bc:85:1e:f6:cf:73:2d:
d0:40:c8:04:ff:ab:28:5f:8f:85:01:98:ee:07:5f:93:ee:79:
39:c6:9b:58:20:54:71:3d:28:d5:d0:01:56:80:da:07:53:f8:
1f:14:48:26
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFW0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
NDA0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNCNjIzNzJCRTc1QThB
RUE5RjNDQjlENkIzQTI1NEMxNkYzRjRBMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP+ktnDCillGBkiadzxJj0V9O3VZAZRzEaP3kVffHThgfaor3v
FEvE8qlqK0im39ilF/USUPnOWdGzUtWANAMyjwev38FD00Y0wdIuOp9uI9YLtntJ
lYqwLqa2nU+zlXrDYIiazljnm9QTAEBsE7ruaDr4O9je2lWLzp0QWKL8dYNnLEzU
sVmXzK9xsS3pI61FiDb0dxcTTQD3SatansreLBQV4pfIPCzOJ21HPbxUdaKZw+rX
OP0ePjtMkANFEPqSGIYDHeD6vcKFfJFW4TQwnV9lAQGxGxBfgk8cRnpQh2DlFypW
wF4780G/nl379YhcATrUP0iLRCLDhbVXLOEZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUO2I3K+daiuqfPLnWs6JUwW8/Sg0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L08ySTNLLWRhaXVxZlBM
bldzNkpVd1c4X1NnMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3VwwDQYJKoZIhvcNAQELBQADggEBAHzpXMDpeM9WHBu/xWfErVoq6kqi0y+i
k5p9ys1kA8VSgAcZBdviVwWnb0r527kkDopjHemdG3GijjmTWdm86MFDeug97zgW
BDbT8IpuFuc52BqLOPd3kzE/57EJlt91gWrdz9aIoG4m7xxUElEWaZv2renM9jQu
fyIFIo9+TulYt9yGw67cyp+/SJIp9gUPMiq7xL02B/TGZHj9CNBUBTdr8Eo+e94j
a1Rx9fjRvEhM3JynW2f3Dsx2RV2u0YCbDHtTDJwBQsBe0BGC3DQp7bs2vIUe9s9z
LdBAyAT/qyhfj4UBmO4HX5PueTnGm1ggVHE9KNXQAVaA2gdT+B8USCY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:14:42 2025 by rpki-client