Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/WI2XzHGpctJMZEdrjZZ0HZNxE24.roa
File: WI2XzHGpctJMZEdrjZZ0HZNxE24.roa (raw, json)
Hash identifier: ZUDXuITgVfceB41IICHjhln0mV89N+nj9OmmjW0FnVU=
Subject key identifier: 58:8D:97:CC:71:A9:72:D2:4C:64:47:6B:8D:96:74:1D:93:71:13:6E
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1884
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/WI2XzHGpctJMZEdrjZZ0HZNxE24.roa
Signing time: Fri 17 Jan 2025 01:25:10 +0000
ROA not before: Fri 17 Jan 2025 01:25:10 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 138527
IP address blocks: 103.220.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6276 (0x1884)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:10 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=588D97CC71A972D24C64476B8D96741D9371136E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:c5:13:0f:e6:06:16:b2:8d:20:59:76:c6:a7:
e9:09:e1:76:cb:fb:9d:f9:ac:5c:51:f4:38:a0:f4:
4d:35:46:2e:3b:8c:45:93:cc:a7:81:8e:2f:ec:e6:
9b:90:84:e2:d8:b8:c2:5e:c7:e6:6d:e8:e1:95:d8:
df:69:f6:65:2b:68:e6:17:e8:46:53:5e:95:de:a6:
b3:69:ee:b7:bd:90:13:ca:f1:da:3a:3a:c7:12:f1:
ab:0d:af:d0:bb:35:93:fe:6b:0e:69:3e:5e:7f:1a:
26:3d:ad:ff:4a:44:e8:be:92:af:bf:d3:be:54:53:
60:c0:5f:0c:31:0a:a5:83:5a:9d:4c:7d:dc:7e:0b:
41:04:cc:00:61:1c:11:54:2d:78:7f:87:8b:89:28:
c4:99:ff:8b:28:61:6a:2e:6e:1d:9a:88:c7:55:48:
81:70:f2:55:6d:9f:b1:99:52:04:b1:e4:9a:ca:74:
aa:e8:b0:89:ed:7c:5a:f3:92:90:76:a4:81:15:dd:
b4:16:5a:25:2e:c0:4e:0a:50:ad:90:74:8e:54:4c:
e4:ee:d9:65:84:a2:bf:28:0e:58:cb:61:f1:11:d5:
cd:7a:49:ba:dd:ee:82:8a:14:a6:76:cd:c5:73:84:
86:44:80:07:2e:73:21:26:7b:ef:84:0e:ac:59:bb:
d4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:8D:97:CC:71:A9:72:D2:4C:64:47:6B:8D:96:74:1D:93:71:13:6E
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/WI2XzHGpctJMZEdrjZZ0HZNxE24.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.220.248.0/22
Signature Algorithm: sha256WithRSAEncryption
49:56:0a:2d:f5:8b:1e:43:0d:7b:20:d7:10:c5:7d:12:7e:a5:
42:0f:28:a9:fa:d2:a4:b5:69:06:77:64:70:f6:6c:a2:4c:e1:
ea:9f:9f:1d:97:f2:4e:a7:cd:81:46:6d:02:fa:a9:c1:cf:12:
4d:ce:e6:19:26:7b:e7:3a:6d:86:70:ac:ca:0d:e2:85:2d:79:
25:30:1d:6f:51:55:62:81:67:eb:73:61:f1:f6:55:49:98:83:
70:ad:07:5d:b0:11:67:47:a0:9a:83:10:1c:af:8f:ca:61:15:
3d:58:1b:99:bf:62:2e:b1:2b:1c:a7:21:a6:03:8a:65:11:d8:
de:f1:7e:11:a4:61:45:5e:66:77:0d:51:0d:2d:67:3a:ef:80:
d9:ee:ad:d7:5f:71:ee:e0:57:3b:a9:8e:30:7d:78:ce:1a:0b:
92:1b:f3:f3:bb:a1:fa:7d:94:84:72:26:e9:dd:1c:83:e2:d0:
9a:23:4a:fe:57:8b:b0:d0:89:39:7e:b0:e6:fb:a7:23:70:02:
a4:dd:9b:a4:84:59:29:88:90:ad:42:70:e8:03:b8:e0:1e:f1:
60:3d:0c:43:bd:97:1c:22:21:b9:4b:8d:51:d1:cf:f7:cb:25:
ca:ae:e3:41:61:0b:94:61:57:97:6b:0d:65:32:d8:c0:61:02:
46:2a:d0:08
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGIQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDU4OEQ5N0NDNzFBOTcy
RDI0QzY0NDc2QjhEOTY3NDFEOTM3MTEzNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxxRMP5gYWso0gWXbGp+kJ4XbL+535rFxR9Dig9E01Ri47jEWT
zKeBji/s5puQhOLYuMJex+Zt6OGV2N9p9mUraOYX6EZTXpXeprNp7re9kBPK8do6
OscS8asNr9C7NZP+aw5pPl5/GiY9rf9KROi+kq+/075UU2DAXwwxCqWDWp1Mfdx+
C0EEzABhHBFULXh/h4uJKMSZ/4soYWoubh2aiMdVSIFw8lVtn7GZUgSx5JrKdKro
sIntfFrzkpB2pIEV3bQWWiUuwE4KUK2QdI5UTOTu2WWEor8oDljLYfER1c16Sbrd
7oKKFKZ2zcVzhIZEgAcucyEme++EDqxZu9SxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUWI2XzHGpctJMZEdrjZZ0HZNxE24wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1dJMlh6SEdwY3RKTVpF
ZHJqWlowSFpOeEUyNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3PgwDQYJKoZIhvcNAQELBQADggEBAElWCi31ix5DDXsg1xDFfRJ+pUIPKKn6
0qS1aQZ3ZHD2bKJM4eqfnx2X8k6nzYFGbQL6qcHPEk3O5hkme+c6bYZwrMoN4oUt
eSUwHW9RVWKBZ+tzYfH2VUmYg3CtB12wEWdHoJqDEByvj8phFT1YG5m/Yi6xKxyn
IaYDimUR2N7xfhGkYUVeZncNUQ0tZzrvgNnurddfce7gVzupjjB9eM4aC5Ib8/O7
ofp9lIRyJundHIPi0JojSv5Xi7DQiTl+sOb7pyNwAqTdm6SEWSmIkK1CcOgDuOAe
8WA9DEO9lxwiIblLjVHRz/fLJcqu40FhC5RhV5drDWUy2MBhAkYq0Ag=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:30 2025 by rpki-client