Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/QTtVe7rR4YlSme4smWRBaGmms4M.roa
File: QTtVe7rR4YlSme4smWRBaGmms4M.roa (raw, json)
Hash identifier: +E2k4oDDkmLJz+Ij+3r8b1j13h9C+LWHaVd7vO1ursw=
Subject key identifier: 41:3B:55:7B:BA:D1:E1:89:52:99:EE:2C:99:64:41:68:69:A6:B3:83
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 148D
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/QTtVe7rR4YlSme4smWRBaGmms4M.roa
Signing time: Wed 11 Sep 2024 02:23:28 +0000
ROA not before: Wed 11 Sep 2024 02:23:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24373
IP address blocks: 103.221.4.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5261 (0x148d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=413B557BBAD1E1895299EE2C9964416869A6B383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b3:ca:15:ef:20:06:8a:ba:31:f5:41:0f:a8:
3e:72:3d:06:12:7a:38:f0:07:fc:72:dc:13:7d:08:
b6:3d:d6:d9:f3:6e:0c:89:25:b0:42:97:19:f9:34:
45:05:75:8a:00:f1:cb:c1:e5:80:dd:3d:2d:24:9f:
a6:a6:1b:bd:b8:57:1a:34:da:6d:97:05:1a:9c:f2:
c2:91:ab:ec:01:73:c4:b6:79:0c:dc:7d:f4:5a:81:
2f:8b:dd:8e:7a:36:16:87:d9:6f:2b:3c:4b:c9:67:
3c:98:14:1d:aa:36:4e:73:a1:03:06:41:fb:0c:1e:
4c:39:80:ce:ad:5a:b8:4b:bc:bf:05:f5:b1:6f:63:
6f:d1:05:ad:21:e1:a7:89:aa:9b:21:1d:6f:33:e2:
90:9e:23:03:43:79:ea:a5:65:9b:33:3c:a0:ac:5a:
59:9f:30:aa:6e:e2:6b:cb:49:0d:17:5e:98:d2:5b:
82:f1:54:d4:4c:7a:54:16:f5:e0:6e:4a:2e:dc:2e:
df:d7:1f:d6:67:a1:18:bf:57:17:95:56:c1:91:7a:
64:0e:1e:b1:8b:ee:43:a6:5c:a9:5f:09:98:55:07:
9c:a9:99:7a:11:44:7d:c6:9f:e2:ac:c2:cd:f4:51:
3c:28:e1:9c:f7:47:a6:07:3e:c0:7f:aa:44:97:16:
fa:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:3B:55:7B:BA:D1:E1:89:52:99:EE:2C:99:64:41:68:69:A6:B3:83
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/QTtVe7rR4YlSme4smWRBaGmms4M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.4.0/22
Signature Algorithm: sha256WithRSAEncryption
c8:e3:ac:c5:5c:79:70:20:83:de:02:02:ec:00:9c:1c:94:d7:
80:43:76:2d:7f:37:fe:44:fd:eb:35:5b:c4:ee:ce:1e:1e:5f:
84:35:72:7e:4f:2d:d5:c0:13:e1:9e:bf:60:8f:80:42:35:a9:
d5:80:11:52:dc:86:2b:71:05:8f:fb:2a:de:09:c5:f3:4e:45:
b1:3d:12:4f:8f:14:72:bd:30:ae:38:4c:04:b3:8d:9c:5d:a9:
b5:f8:02:24:41:b3:56:4d:e8:e3:65:99:c2:9b:29:3b:0d:f2:
80:7d:9d:75:1a:c8:15:fc:09:f3:42:e2:65:ba:bc:01:d0:15:
46:98:ce:8c:b9:7b:ac:69:3b:27:89:88:50:de:e0:2c:2d:55:
de:d5:10:f0:6f:38:ef:8c:c1:53:5d:5f:d7:42:91:89:92:fe:
68:77:73:b2:4a:fa:15:62:e1:9b:1f:50:6b:dd:e2:e5:27:e7:
6b:e4:9b:09:4d:41:b0:9a:f0:2f:48:e1:8b:b0:f4:42:cc:b1:
72:24:f6:87:87:9b:0b:c5:f5:83:08:ac:6f:94:90:94:78:41:
e3:d0:48:e0:98:0a:c5:de:78:df:16:39:d7:1c:11:1d:07:bf:
6c:db:c2:d2:49:c6:5c:45:d2:d3:d8:99:0c:ba:36:7b:3c:e4:
b3:74:26:6f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFI0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQxM0I1NTdCQkFEMUUx
ODk1Mjk5RUUyQzk5NjQ0MTY4NjlBNkIzODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgs8oV7yAGirox9UEPqD5yPQYSejjwB/xy3BN9CLY91tnzbgyJ
JbBClxn5NEUFdYoA8cvB5YDdPS0kn6amG724Vxo02m2XBRqc8sKRq+wBc8S2eQzc
ffRagS+L3Y56NhaH2W8rPEvJZzyYFB2qNk5zoQMGQfsMHkw5gM6tWrhLvL8F9bFv
Y2/RBa0h4aeJqpshHW8z4pCeIwNDeeqlZZszPKCsWlmfMKpu4mvLSQ0XXpjSW4Lx
VNRMelQW9eBuSi7cLt/XH9ZnoRi/VxeVVsGRemQOHrGL7kOmXKlfCZhVB5ypmXoR
RH3Gn+Ksws30UTwo4Zz3R6YHPsB/qkSXFvqfAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUQTtVe7rR4YlSme4smWRBaGmms4MwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1FUdFZlN3JSNFlsU21l
NHNtV1JCYUdtbXM0TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3QQwDQYJKoZIhvcNAQELBQADggEBAMjjrMVceXAgg94CAuwAnByU14BDdi1/
N/5E/es1W8Tuzh4eX4Q1cn5PLdXAE+Gev2CPgEI1qdWAEVLchitxBY/7Kt4JxfNO
RbE9Ek+PFHK9MK44TASzjZxdqbX4AiRBs1ZN6ONlmcKbKTsN8oB9nXUayBX8CfNC
4mW6vAHQFUaYzoy5e6xpOyeJiFDe4CwtVd7VEPBvOO+MwVNdX9dCkYmS/mh3c7JK
+hVi4ZsfUGvd4uUn52vkmwlNQbCa8C9I4Yuw9ELMsXIk9oeHmwvF9YMIrG+UkJR4
QePQSOCYCsXeeN8WOdccER0Hv2zbwtJJxlxF0tPYmQy6Nns85LN0Jm8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:24 2025 by rpki-client