Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/RVmqTgCFfZcejDz4Tpchqz3EckU.roa
File: RVmqTgCFfZcejDz4Tpchqz3EckU.roa (raw, json)
Hash identifier: YzUgwam9+jLNuSlrEeZ43gCbVhg4qrD8jVzGkkEIu/Y=
Subject key identifier: 45:59:AA:4E:00:85:7D:97:1E:8C:3C:F8:4E:97:21:AB:3D:C4:72:45
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 14B4
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/RVmqTgCFfZcejDz4Tpchqz3EckU.roa
Signing time: Wed 11 Sep 2024 02:23:41 +0000
ROA not before: Wed 11 Sep 2024 02:23:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 59083
IP address blocks: 103.10.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5300 (0x14b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4559AA4E00857D971E8C3CF84E9721AB3DC47245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cb:ec:d1:e4:3b:0e:e8:01:cd:f6:08:97:7f:
93:45:ed:e6:ea:08:92:19:6d:34:f6:e7:da:19:05:
20:b9:ad:81:6d:86:59:e7:4c:1d:17:14:54:71:0a:
06:16:10:fc:af:34:ef:04:82:06:6e:dd:a6:5c:77:
91:8f:ba:d5:4e:4e:df:b3:eb:c1:2c:83:05:8a:c1:
eb:9f:b8:83:1d:d4:5b:80:eb:25:59:9f:37:39:22:
ac:26:de:6a:67:88:9b:38:e1:08:cc:17:03:b7:f9:
bd:fd:37:c3:70:c6:fb:58:87:93:49:4e:5b:32:c3:
1e:c2:4a:18:3a:35:f6:72:22:f9:e4:6e:0a:84:24:
57:80:0a:a6:1d:fb:78:ac:42:f5:d9:56:97:0c:3b:
55:d7:f1:46:d3:cc:3b:b7:c7:98:7b:1f:13:31:2f:
38:08:a5:8f:28:77:96:f0:5b:49:91:48:99:7e:b6:
b0:35:c1:6a:63:be:37:c7:28:d2:a5:6e:6e:01:54:
b3:af:5d:58:05:2c:9e:02:18:ea:da:2f:dd:1c:29:
a2:62:e0:7f:ec:4c:60:9a:8e:24:13:31:91:9c:a7:
f6:bb:88:ed:1d:0b:7d:b5:e4:36:84:8e:b5:36:c7:
3b:99:50:c5:42:4b:93:50:77:18:0e:a6:81:ee:4d:
83:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:59:AA:4E:00:85:7D:97:1E:8C:3C:F8:4E:97:21:AB:3D:C4:72:45
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/RVmqTgCFfZcejDz4Tpchqz3EckU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.10.3.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:e0:f8:a7:cc:50:54:d3:e8:d3:47:ab:30:e6:58:d6:0c:50:
89:18:db:dc:69:61:56:62:61:c2:ea:74:8d:34:7a:8f:9b:4f:
16:9c:fe:fd:0c:30:c2:d6:00:48:c5:98:ec:1b:50:02:c5:b7:
e4:99:ea:01:63:99:49:6c:a9:3e:6e:7f:f5:74:65:b0:6b:3e:
49:eb:e5:0e:84:e4:35:12:29:04:04:28:10:4c:78:46:a7:c4:
8d:92:62:dd:52:bc:de:d7:45:4c:f5:07:cd:c3:d7:0e:38:17:
c6:0d:98:e1:a8:ef:9f:c6:e6:e6:e4:69:f7:2a:e1:e9:66:36:
ca:57:53:99:35:37:af:68:48:41:9c:84:f7:54:b5:3c:37:70:
ff:f9:15:b5:80:dd:18:39:f2:8d:7c:31:5c:fe:08:4a:6f:da:
12:0f:bb:77:b4:a6:82:fa:0e:4f:f0:9f:ea:f3:b5:3d:db:5b:
78:90:a6:06:5c:8d:b4:ac:ef:f4:45:af:43:c4:80:5d:35:3d:
0d:85:a1:a3:c4:80:1d:16:f3:87:66:36:e7:47:be:8f:af:a0:
97:36:eb:0a:36:0a:2f:69:c2:f8:7b:da:03:7e:a0:2f:27:42:
ed:27:e4:1f:78:18:61:bd:86:f5:74:e5:24:e1:0c:98:b8:48:
94:b2:7d:9a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFLQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ1NTlBQTRFMDA4NTdE
OTcxRThDM0NGODRFOTcyMUFCM0RDNDcyNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRy+zR5DsO6AHN9giXf5NF7ebqCJIZbTT259oZBSC5rYFthlnn
TB0XFFRxCgYWEPyvNO8EggZu3aZcd5GPutVOTt+z68EsgwWKweufuIMd1FuA6yVZ
nzc5Iqwm3mpniJs44QjMFwO3+b39N8NwxvtYh5NJTlsywx7CShg6NfZyIvnkbgqE
JFeACqYd+3isQvXZVpcMO1XX8UbTzDu3x5h7HxMxLzgIpY8od5bwW0mRSJl+trA1
wWpjvjfHKNKlbm4BVLOvXVgFLJ4CGOraL90cKaJi4H/sTGCajiQTMZGcp/a7iO0d
C3215DaEjrU2xzuZUMVCS5NQdxgOpoHuTYN9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQURVmqTgCFfZcejDz4Tpchqz3EckUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1JWbXFUZ0NGZlpjZWpE
ejRUcGNocXozRWNrVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnCgMwDQYJKoZIhvcNAQELBQADggEBAKTg+KfMUFTT6NNHqzDmWNYMUIkY29xp
YVZiYcLqdI00eo+bTxac/v0MMMLWAEjFmOwbUALFt+SZ6gFjmUlsqT5uf/V0ZbBr
Pknr5Q6E5DUSKQQEKBBMeEanxI2SYt1SvN7XRUz1B83D1w44F8YNmOGo75/G5ubk
afcq4elmNspXU5k1N69oSEGchPdUtTw3cP/5FbWA3Rg58o18MVz+CEpv2hIPu3e0
poL6Dk/wn+rztT3bW3iQpgZcjbSs7/RFr0PEgF01PQ2FoaPEgB0W84dmNudHvo+v
oJc26wo2Ci9pwvh72gN+oC8nQu0n5B94GGG9hvV05SThDJi4SJSyfZo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:12 2025 by rpki-client