Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/Z8DcHc0EsqPPWyGZnGf6ztrMxJg.roa
File: Z8DcHc0EsqPPWyGZnGf6ztrMxJg.roa (raw, json)
Hash identifier: Jg6r1KW2XQyQkWRKLyW3c/zNexvnXNBu1dP0ZHWt1fI=
Subject key identifier: 67:C0:DC:1D:CD:04:B2:A3:CF:5B:21:99:9C:67:FA:CE:DA:CC:C4:98
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 180A
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Z8DcHc0EsqPPWyGZnGf6ztrMxJg.roa
Signing time: Fri 17 Jan 2025 01:24:29 +0000
ROA not before: Fri 17 Jan 2025 01:24:29 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 103.221.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6154 (0x180a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:29 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=67C0DC1DCD04B2A3CF5B21999C67FACEDACCC498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b6:60:b3:b6:83:cf:d1:06:56:23:e0:05:76:
35:79:ac:34:c7:f2:77:55:56:68:07:5c:c6:ee:2a:
0f:43:8b:60:f3:ea:dd:c6:7e:a6:1a:55:9e:71:11:
33:fd:36:95:a0:de:77:87:82:f2:95:34:40:fe:8e:
08:32:52:90:53:3f:12:84:29:f3:a8:a3:3f:53:ad:
0a:25:fe:00:97:72:42:4a:8a:69:52:5f:30:72:1d:
75:52:27:01:11:55:23:d8:99:fc:f1:d6:6f:dd:c9:
54:d8:23:11:7a:bc:3b:42:56:2a:d0:6c:e5:d9:f9:
60:b4:5d:eb:c4:05:0d:74:3f:3d:ab:dc:59:ed:6c:
d4:e6:d2:1d:05:52:9c:24:2b:ba:da:7c:dd:4f:dc:
ca:87:cd:b8:e7:de:04:61:73:9e:88:46:89:42:9c:
93:97:28:a4:96:ce:a3:2e:8b:b9:57:18:c9:4c:ab:
59:de:6b:1f:f5:13:02:15:05:e0:91:4f:d6:ef:5d:
53:ab:97:2c:05:f6:86:c9:80:9f:0f:2f:5e:52:2a:
f4:ae:cb:22:31:12:5e:cc:30:4b:49:aa:46:6c:c6:
5e:05:78:31:eb:8b:83:8c:58:7b:49:77:dd:65:f7:
99:65:cc:0d:07:ed:0a:71:43:34:7f:66:20:83:40:
19:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:C0:DC:1D:CD:04:B2:A3:CF:5B:21:99:9C:67:FA:CE:DA:CC:C4:98
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Z8DcHc0EsqPPWyGZnGf6ztrMxJg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.43.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:44:a7:de:b5:6a:94:64:ae:2b:42:de:26:5d:29:19:c8:d7:
ef:6e:dc:5e:10:bc:3e:7e:d4:56:6c:93:8e:3b:f3:af:6d:46:
d0:a1:bf:09:85:fe:01:68:d7:85:67:27:cc:08:c1:b9:77:a0:
4d:8d:a0:8b:a2:39:9d:08:9e:01:11:da:4d:5b:31:60:47:33:
5c:e7:59:a4:fd:a2:eb:26:a3:39:f5:80:f6:a5:52:37:2a:bd:
83:08:a6:5a:78:c4:2e:66:d8:6c:52:ae:f9:3d:e9:0c:45:03:
33:aa:1f:56:21:47:ef:91:41:dd:5b:ae:5c:e5:69:71:93:2e:
c2:99:97:af:7c:0c:1d:46:19:0f:c3:49:61:7e:79:50:99:5a:
34:8c:82:18:84:93:76:d3:78:d5:23:a2:19:97:1e:c8:d4:6a:
32:98:16:cf:f3:82:1a:db:2d:f4:ca:a2:41:28:be:91:9a:4e:
4a:67:04:aa:8e:50:93:f6:1f:51:82:a6:ac:00:9c:02:24:70:
27:22:c2:59:cc:cb:da:95:b2:a1:14:49:79:81:5b:33:18:bf:
30:a3:24:b9:51:b8:86:85:89:52:f3:ed:dd:d6:4b:81:d3:49:
c4:9b:67:47:c2:ad:27:2b:38:69:8d:1f:af:89:d4:83:51:3e:
3c:19:5c:fc
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGAowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0MjlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY3QzBEQzFEQ0QwNEIy
QTNDRjVCMjE5OTlDNjdGQUNFREFDQ0M0OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCotmCztoPP0QZWI+AFdjV5rDTH8ndVVmgHXMbuKg9Di2Dz6t3G
fqYaVZ5xETP9NpWg3neHgvKVNED+jggyUpBTPxKEKfOooz9TrQol/gCXckJKimlS
XzByHXVSJwERVSPYmfzx1m/dyVTYIxF6vDtCVirQbOXZ+WC0XevEBQ10Pz2r3Fnt
bNTm0h0FUpwkK7rafN1P3MqHzbjn3gRhc56IRolCnJOXKKSWzqMui7lXGMlMq1ne
ax/1EwIVBeCRT9bvXVOrlywF9obJgJ8PL15SKvSuyyIxEl7MMEtJqkZsxl4FeDHr
i4OMWHtJd91l95llzA0H7QpxQzR/ZiCDQBlZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUZ8DcHc0EsqPPWyGZnGf6ztrMxJgwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1o4RGNIYzBFc3FQUFd5
R1puR2Y2enRyTXhKZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3SswDQYJKoZIhvcNAQELBQADggEBAKJEp961apRkritC3iZdKRnI1+9u3F4Q
vD5+1FZsk447869tRtChvwmF/gFo14VnJ8wIwbl3oE2NoIuiOZ0IngER2k1bMWBH
M1znWaT9ousmozn1gPalUjcqvYMIplp4xC5m2GxSrvk96QxFAzOqH1YhR++RQd1b
rlzlaXGTLsKZl698DB1GGQ/DSWF+eVCZWjSMghiEk3bTeNUjohmXHsjUajKYFs/z
ghrbLfTKokEovpGaTkpnBKqOUJP2H1GCpqwAnAIkcCciwlnMy9qVsqEUSXmBWzMY
vzCjJLlRuIaFiVLz7d3WS4HTScSbZ0fCrScrOGmNH6+J1INRPjwZXPw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:02 2025 by rpki-client