Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/OLbE9IwqWBkD2I4tahtYuRuFLfA.roa
File: OLbE9IwqWBkD2I4tahtYuRuFLfA.roa (raw, json)
Hash identifier: tGgrVgLrSAPUZIbBYE8QaTl3bgE1NAf419IKgAnrnGA=
Subject key identifier: 38:B6:C4:F4:8C:2A:58:19:03:D8:8E:2D:6A:1B:58:B9:1B:85:2D:F0
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1827
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/OLbE9IwqWBkD2I4tahtYuRuFLfA.roa
Signing time: Fri 17 Jan 2025 01:24:40 +0000
ROA not before: Fri 17 Jan 2025 01:24:40 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 138527
IP address blocks: 103.221.44.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6183 (0x1827)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:40 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=38B6C4F48C2A581903D88E2D6A1B58B91B852DF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:7b:71:73:4a:f7:b1:17:52:a0:8f:b4:ba:da:
71:86:93:f9:ae:01:db:1a:37:46:79:04:02:62:15:
a7:14:0e:a9:97:49:d2:b4:5b:38:97:44:40:dd:bc:
63:14:01:a4:73:88:75:a4:35:39:20:4f:7c:54:aa:
89:0c:7f:be:9c:89:fe:51:fd:ab:c0:3e:64:3a:44:
21:1f:ec:5e:3d:9f:b8:cf:bf:df:81:2d:2e:5e:2d:
ac:9b:ca:cd:64:fd:9a:d5:72:67:b6:91:07:d6:3c:
dd:64:e3:73:84:86:41:b1:4c:34:d2:c2:ce:ba:7d:
e8:0f:2f:45:89:2c:b0:5a:de:e9:72:41:57:83:80:
b6:92:5b:50:23:2b:01:02:30:eb:aa:b9:f5:37:a9:
91:f1:63:de:e8:4a:72:5c:ac:6d:82:aa:1b:f0:f9:
98:71:0b:ef:4f:18:30:0d:67:c6:5b:51:95:72:d0:
3e:72:d4:5b:8c:76:ce:5a:77:d4:02:31:06:1b:e2:
fe:4a:80:2e:f8:7d:1d:f1:a3:dd:13:27:26:4e:e1:
5c:bd:90:3b:d4:25:69:75:ee:14:12:47:3b:82:f9:
18:cd:df:78:87:39:60:c9:9b:41:01:80:41:8d:12:
4b:94:03:c7:ae:59:0e:ba:59:2c:1c:2c:38:e8:5a:
55:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B6:C4:F4:8C:2A:58:19:03:D8:8E:2D:6A:1B:58:B9:1B:85:2D:F0
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/OLbE9IwqWBkD2I4tahtYuRuFLfA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.44.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:59:ed:95:e5:fc:a4:34:3c:09:ec:62:6c:43:34:14:eb:87:
53:7e:84:7c:a7:ee:e0:a9:08:fc:e6:73:6e:14:07:06:2a:96:
42:d7:25:98:c2:21:d8:6c:38:d2:2e:62:e9:b0:a1:f0:3b:78:
0f:1f:45:70:24:64:14:b9:5d:c1:a1:bb:cb:2d:ff:11:6d:2b:
e1:b4:14:2d:a9:80:b2:e8:47:40:cd:2d:37:9c:e8:e0:25:1e:
90:b2:98:97:8c:63:82:5c:cf:c6:ed:c0:5d:6e:20:64:98:36:
c4:96:8e:ab:87:56:3a:40:56:43:4e:88:2d:2c:8f:e0:4a:19:
83:5c:cc:cf:0c:7b:ab:fc:aa:26:4c:0d:0a:18:81:ba:1c:29:
4d:24:a7:b8:70:c3:73:75:54:a5:1d:0a:e1:54:66:e0:2a:82:
16:bd:05:aa:85:6b:7d:c9:e6:29:af:6b:dc:4f:66:c9:9b:4f:
67:1e:16:e8:4a:81:49:47:f6:83:b4:4f:c5:62:3c:df:5e:32:
4c:01:c2:4f:47:92:2d:0e:36:4c:d9:87:ab:dd:65:b9:59:25:
a5:11:aa:9e:f7:87:6f:27:4f:5e:6e:e5:3d:dd:8b:62:3b:b8:
51:fb:d9:47:28:b9:e4:39:1c:2a:88:20:49:db:7f:cd:57:d3:
7a:ae:50:7d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGCcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0NDBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM4QjZDNEY0OEMyQTU4
MTkwM0Q4OEUyRDZBMUI1OEI5MUI4NTJERjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDle3FzSvexF1Kgj7S62nGGk/muAdsaN0Z5BAJiFacUDqmXSdK0
WziXREDdvGMUAaRziHWkNTkgT3xUqokMf76cif5R/avAPmQ6RCEf7F49n7jPv9+B
LS5eLaybys1k/ZrVcme2kQfWPN1k43OEhkGxTDTSws66fegPL0WJLLBa3ulyQVeD
gLaSW1AjKwECMOuqufU3qZHxY97oSnJcrG2Cqhvw+ZhxC+9PGDANZ8ZbUZVy0D5y
1FuMds5ad9QCMQYb4v5KgC74fR3xo90TJyZO4Vy9kDvUJWl17hQSRzuC+RjN33iH
OWDJm0EBgEGNEkuUA8euWQ66WSwcLDjoWlXdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUOLbE9IwqWBkD2I4tahtYuRuFLfAwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L09MYkU5SXdxV0JrRDJJ
NHRhaHRZdVJ1RkxmQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3SwwDQYJKoZIhvcNAQELBQADggEBAMdZ7ZXl/KQ0PAnsYmxDNBTrh1N+hHyn
7uCpCPzmc24UBwYqlkLXJZjCIdhsONIuYumwofA7eA8fRXAkZBS5XcGhu8st/xFt
K+G0FC2pgLLoR0DNLTec6OAlHpCymJeMY4Jcz8btwF1uIGSYNsSWjquHVjpAVkNO
iC0sj+BKGYNczM8Me6v8qiZMDQoYgbocKU0kp7hww3N1VKUdCuFUZuAqgha9BaqF
a33J5imva9xPZsmbT2ceFuhKgUlH9oO0T8ViPN9eMkwBwk9Hki0ONkzZh6vdZblZ
JaURqp73h28nT15u5T3di2I7uFH72UcoueQ5HCqIIEnbf81X03quUH0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:37 2025 by rpki-client