Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/W8xzq1QS0pOxJhyHNqy1jZnsDhE.roa
File: W8xzq1QS0pOxJhyHNqy1jZnsDhE.roa (raw, json)
Hash identifier: Kk2bt/RHKK0Bc/hr2GylIqADAL4vMkDV0kGAUDL4lW4=
Subject key identifier: 5B:CC:73:AB:54:12:D2:93:B1:26:1C:87:36:AC:B5:8D:99:EC:0E:11
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 17F9
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/W8xzq1QS0pOxJhyHNqy1jZnsDhE.roa
Signing time: Fri 17 Jan 2025 01:24:22 +0000
ROA not before: Fri 17 Jan 2025 01:24:22 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59083
IP address blocks: 103.10.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6137 (0x17f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:22 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=5BCC73AB5412D293B1261C8736ACB58D99EC0E11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6f:7a:bb:d6:ad:c3:ab:c0:5a:04:44:04:1a:
2a:15:3e:2d:60:2e:1d:f3:ec:68:52:86:9d:78:df:
94:ba:62:c9:b3:c7:55:a2:ac:ed:65:f7:b8:f2:29:
fc:ae:4a:da:2a:ef:a2:1b:56:32:50:17:e3:b2:06:
48:bd:0e:52:7f:b9:a3:4e:00:65:5a:c3:0c:30:54:
fc:5b:be:7e:fa:8a:a8:93:29:53:d8:02:f7:89:5e:
c6:9b:ad:fe:d0:1e:c0:36:f3:12:0b:72:e4:46:73:
28:b1:55:48:f3:e6:be:ea:52:04:38:e0:f6:74:80:
14:3c:41:e4:3c:3e:cf:4e:47:ed:11:ed:95:b3:75:
d4:d5:3d:0a:80:6d:1e:eb:c2:80:fa:a5:84:d0:ff:
ef:fd:6a:b9:e4:47:36:87:41:a7:ec:b6:eb:6a:8a:
00:bd:87:e9:bb:7f:a6:6a:a5:36:ba:d8:7b:d4:bb:
0c:4d:92:6b:b1:81:b6:8f:3f:04:ed:07:ae:3b:0b:
72:9e:b3:60:26:ca:e4:30:0c:63:a4:a2:89:4c:14:
62:a9:f9:1d:07:3e:56:c2:20:51:e6:57:9e:2d:1b:
24:5c:cb:70:a3:45:87:c1:bd:5b:4b:10:4b:18:22:
0b:53:d7:a2:ef:f9:50:b4:7c:ae:cd:19:c0:c8:1e:
5e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:CC:73:AB:54:12:D2:93:B1:26:1C:87:36:AC:B5:8D:99:EC:0E:11
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/W8xzq1QS0pOxJhyHNqy1jZnsDhE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.10.0.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:5b:15:3d:99:02:00:df:c3:b8:a4:dd:84:86:36:e1:77:8f:
04:fb:e4:48:25:70:f7:73:b4:24:7f:96:32:d8:1d:1e:7c:82:
7c:65:02:9c:63:b4:90:af:f4:56:b9:88:20:9a:42:66:25:de:
df:a0:5c:f9:42:5e:1d:a0:6e:ed:d3:18:32:1c:3e:da:f0:8e:
58:57:a8:1c:a3:4e:6a:8f:fc:70:02:ed:83:5a:61:e2:ea:db:
74:b9:6a:f7:d3:cc:bb:aa:5c:94:29:8d:7b:0a:ea:42:71:45:
0c:52:0c:00:56:4b:bd:b2:de:9d:b5:55:69:c0:16:6d:13:e9:
23:f9:a1:17:2b:e0:b1:c7:b6:16:39:8d:e3:70:6a:d1:de:90:
65:42:2d:66:5e:a3:22:5a:c9:3a:0f:b5:0f:f3:6f:23:84:e8:
12:0d:17:4d:ca:a4:f6:6c:4e:38:fb:ee:b6:29:7f:08:f8:31:
43:c3:56:c5:9b:80:30:da:1e:43:b3:42:62:1b:30:8d:20:ce:
d7:93:f7:d6:57:76:a2:ff:aa:0a:0c:4f:44:5b:e6:6e:80:c4:
35:1f:0f:72:24:d0:c8:6c:82:30:e3:57:86:20:ac:da:c6:5b:
bd:42:c0:96:72:3b:69:18:65:33:d8:37:58:28:89:8e:bc:16:
82:24:68:b4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICF/kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0MjJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDVCQ0M3M0FCNTQxMkQy
OTNCMTI2MUM4NzM2QUNCNThEOTlFQzBFMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9b3q71q3Dq8BaBEQEGioVPi1gLh3z7GhShp1435S6Ysmzx1Wi
rO1l97jyKfyuStoq76IbVjJQF+OyBki9DlJ/uaNOAGVawwwwVPxbvn76iqiTKVPY
AveJXsabrf7QHsA28xILcuRGcyixVUjz5r7qUgQ44PZ0gBQ8QeQ8Ps9OR+0R7ZWz
ddTVPQqAbR7rwoD6pYTQ/+/9arnkRzaHQafstutqigC9h+m7f6ZqpTa62HvUuwxN
kmuxgbaPPwTtB647C3Kes2AmyuQwDGOkoolMFGKp+R0HPlbCIFHmV54tGyRcy3Cj
RYfBvVtLEEsYIgtT16Lv+VC0fK7NGcDIHl5NAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUW8xzq1QS0pOxJhyHNqy1jZnsDhEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1c4eHpxMVFTMHBPeEpo
eUhOcXkxalpuc0RoRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnCgAwDQYJKoZIhvcNAQELBQADggEBALtbFT2ZAgDfw7ik3YSGNuF3jwT75Egl
cPdztCR/ljLYHR58gnxlApxjtJCv9Fa5iCCaQmYl3t+gXPlCXh2gbu3TGDIcPtrw
jlhXqByjTmqP/HAC7YNaYeLq23S5avfTzLuqXJQpjXsK6kJxRQxSDABWS72y3p21
VWnAFm0T6SP5oRcr4LHHthY5jeNwatHekGVCLWZeoyJayToPtQ/zbyOE6BINF03K
pPZsTjj77rYpfwj4MUPDVsWbgDDaHkOzQmIbMI0gzteT99ZXdqL/qgoMT0Rb5m6A
xDUfD3Ik0MhsgjDjV4YgrNrGW71CwJZyO2kYZTPYN1goiY68FoIkaLQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:21 2025 by rpki-client