Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/QSSZxDcKW006a4mVB2oDwERJrcs.roa
File: QSSZxDcKW006a4mVB2oDwERJrcs.roa (raw, json)
Hash identifier: yH5tpCLe8UDMm7y8rbCy8gnetlasyude6aHD/AQB8eU=
Subject key identifier: 41:24:99:C4:37:0A:5B:4D:3A:6B:89:95:07:6A:03:C0:44:49:AD:CB
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 14F9
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/QSSZxDcKW006a4mVB2oDwERJrcs.roa
Signing time: Wed 11 Sep 2024 02:26:13 +0000
ROA not before: Wed 11 Sep 2024 02:26:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 13444
IP address blocks: 103.221.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5369 (0x14f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:26:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=412499C4370A5B4D3A6B8995076A03C04449ADCB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:92:a1:06:33:dd:88:ba:69:76:fd:e3:1e:92:
65:54:ee:b4:42:3b:d2:72:9c:b9:d7:4b:55:61:c6:
c2:33:ff:78:1d:01:b3:8b:4f:43:5a:be:1a:5b:8c:
c4:bd:98:c1:90:b4:ef:7f:31:88:87:2d:32:72:d2:
dd:73:45:7c:b2:e1:44:be:9b:92:53:5d:9e:8d:d7:
1a:92:46:a2:48:a3:a5:85:05:da:2e:7d:ea:ee:1c:
5d:01:df:b6:6a:42:fb:c6:a0:07:34:3c:5c:a0:d3:
95:28:c8:14:27:42:f5:cc:98:13:52:49:88:1a:e1:
73:f9:7a:3c:91:69:f4:38:10:90:6e:07:91:20:1f:
86:fe:f9:66:32:cd:aa:41:57:5d:74:f3:2e:9b:f9:
41:41:11:0a:d2:37:2f:b8:c8:45:3f:37:fc:73:46:
d7:4b:f2:0f:7f:17:b5:cc:6d:4d:78:2e:e1:3a:0a:
3a:16:8e:d8:93:39:a2:88:4d:18:5a:af:94:e0:a6:
38:f5:6e:63:98:f2:6f:a2:70:44:7c:28:44:8e:f0:
61:b0:d5:29:0d:63:06:31:73:23:5d:2f:af:7e:d7:
46:09:f5:40:8d:df:bc:69:fb:1d:c3:02:d0:96:59:
3a:6f:10:99:d7:f4:a7:4d:a7:52:4d:ff:75:e2:0f:
07:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:24:99:C4:37:0A:5B:4D:3A:6B:89:95:07:6A:03:C0:44:49:AD:CB
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/QSSZxDcKW006a4mVB2oDwERJrcs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.4.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:70:89:a7:d8:d3:b5:c7:a0:64:92:e9:93:38:2d:cd:a5:e6:
cc:2e:a0:94:ad:ad:8b:fb:8e:19:68:f4:b5:78:f9:7e:67:d4:
07:f3:55:75:55:e8:76:a5:37:2a:44:ae:e7:3f:8e:5d:65:89:
82:ea:b2:20:48:72:09:eb:f6:ee:78:e5:b8:13:d5:d9:8c:24:
3d:5e:63:6a:17:a6:51:1b:2c:73:10:2d:79:ab:e0:62:16:ce:
81:ee:c9:a8:b5:e2:0f:8f:38:6d:b8:18:0c:51:6e:91:b9:49:
f0:d4:ab:fe:20:3c:ac:a0:39:e6:c1:da:63:39:8b:86:7c:9c:
3c:04:63:58:c6:2a:fe:79:6a:72:44:d9:b2:2b:90:80:01:70:
8e:db:5c:3a:92:5e:3e:7e:81:f2:05:1f:de:61:76:a4:e4:a4:
44:cc:0e:a5:6c:10:4c:5a:a3:76:ae:b8:7e:bb:42:d3:0b:85:
64:1c:4b:38:62:df:88:d7:ce:eb:9a:f5:f6:c3:ec:4b:34:b3:
0e:8a:c1:51:33:40:79:81:af:96:35:45:5d:45:98:ab:87:73:
03:81:fa:42:b8:f8:0e:f8:f6:ef:56:50:09:b5:10:e4:91:39:
98:d2:d4:24:9c:dd:f0:ba:bd:be:ff:23:c6:ad:26:0b:3a:38:
e6:88:4e:a7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjI2MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQxMjQ5OUM0MzcwQTVC
NEQzQTZCODk5NTA3NkEwM0MwNDQ0OUFEQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjkqEGM92Iuml2/eMekmVU7rRCO9JynLnXS1VhxsIz/3gdAbOL
T0NavhpbjMS9mMGQtO9/MYiHLTJy0t1zRXyy4US+m5JTXZ6N1xqSRqJIo6WFBdou
feruHF0B37ZqQvvGoAc0PFyg05UoyBQnQvXMmBNSSYga4XP5ejyRafQ4EJBuB5Eg
H4b++WYyzapBV1108y6b+UFBEQrSNy+4yEU/N/xzRtdL8g9/F7XMbU14LuE6CjoW
jtiTOaKITRhar5Tgpjj1bmOY8m+icER8KESO8GGw1SkNYwYxcyNdL69+10YJ9UCN
37xp+x3DAtCWWTpvEJnX9KdNp1JN/3XiDwcjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUQSSZxDcKW006a4mVB2oDwERJrcswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1FTU1p4RGNLVzAwNmE0
bVZCMm9Ed0VSSnJjcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3QQwDQYJKoZIhvcNAQELBQADggEBAKZwiafY07XHoGSS6ZM4Lc2l5swuoJSt
rYv7jhlo9LV4+X5n1AfzVXVV6HalNypEruc/jl1liYLqsiBIcgnr9u545bgT1dmM
JD1eY2oXplEbLHMQLXmr4GIWzoHuyai14g+POG24GAxRbpG5SfDUq/4gPKygOebB
2mM5i4Z8nDwEY1jGKv55anJE2bIrkIABcI7bXDqSXj5+gfIFH95hdqTkpETMDqVs
EExao3auuH67QtMLhWQcSzhi34jXzuua9fbD7Es0sw6KwVEzQHmBr5Y1RV1FmKuH
cwOB+kK4+A749u9WUAm1EOSROZjS1CSc3fC6vb7/I8atJgs6OOaITqc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:38 2025 by rpki-client