Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/_5bNmBRgcjYITaGuSoPvgGadIhA.roa
File: _5bNmBRgcjYITaGuSoPvgGadIhA.roa (raw, json)
Hash identifier: 0WObnk/CSCpTUQaQqIPKiu5ioAgTlFI/8DL5GfpWVrM=
Subject key identifier: FF:96:CD:98:14:60:72:36:08:4D:A1:AE:4A:83:EF:80:66:9D:22:10
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18E9
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/_5bNmBRgcjYITaGuSoPvgGadIhA.roa
Signing time: Fri 17 Jan 2025 01:25:46 +0000
ROA not before: Fri 17 Jan 2025 01:25:46 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 103.221.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6377 (0x18e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:46 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=FF96CD9814607236084DA1AE4A83EF80669D2210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a6:9d:ec:e0:fe:22:02:0f:97:ce:86:75:16:
56:05:39:97:9f:6e:ff:9b:27:02:94:97:ed:c5:ab:
f5:0e:08:58:6f:8a:f4:74:87:66:9a:5c:d6:38:85:
13:92:31:f8:da:3a:29:c5:e7:09:a0:77:92:a6:43:
fc:d3:35:32:be:bb:52:cc:46:47:68:a5:25:fb:44:
31:a1:38:c4:77:19:1f:6d:75:dd:b1:9c:e1:67:ca:
f3:a4:5e:85:d2:8c:e1:71:57:8b:bd:ba:7f:b5:b8:
cf:a2:d7:1c:3e:82:e2:f2:7a:50:1d:67:85:7d:0b:
ec:c6:94:50:70:76:cb:f0:fd:8d:e0:ea:f0:d9:9b:
e9:75:2e:8f:db:c6:e9:52:7a:bd:56:8a:03:68:6e:
49:b1:81:5d:65:65:a0:da:fc:05:b4:c0:cf:26:8b:
f3:9d:63:54:4e:c4:e7:c4:2e:87:f8:d1:52:b9:e0:
8b:54:02:31:07:f2:8d:81:6a:cc:23:08:7e:b1:be:
e2:9c:e3:f0:a0:22:82:41:2e:32:26:9f:a7:9f:13:
12:a4:0c:d2:2a:43:9b:9d:ee:34:d4:44:53:28:06:
b7:c8:dd:3c:ad:9d:74:f3:86:e7:5c:56:e5:f6:ec:
e4:f4:d0:eb:1e:4b:a7:fd:15:cf:01:db:4b:98:00:
b5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:96:CD:98:14:60:72:36:08:4D:A1:AE:4A:83:EF:80:66:9D:22:10
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/_5bNmBRgcjYITaGuSoPvgGadIhA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.35.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:ff:9f:ac:97:55:2c:c8:f1:8a:4c:a8:45:8a:bc:30:92:f9:
b6:bc:b5:c2:8e:36:5e:0a:0f:08:54:73:9f:54:cf:54:b2:47:
90:69:ae:26:e1:f7:38:69:a6:e4:e3:28:4d:70:00:8c:74:52:
bb:53:c7:70:08:4b:33:73:c5:79:13:40:bb:e7:4b:ed:b2:57:
2e:39:42:54:4e:5d:f5:b9:d0:fe:89:cd:cb:af:ba:39:8b:51:
03:e7:55:ba:c0:db:49:d6:5a:2c:6b:db:cd:7c:ee:58:84:f7:
1a:3e:4c:b1:85:d8:e9:21:69:eb:10:b4:bb:28:f3:6e:95:ae:
3a:73:6d:c1:a3:e4:c5:a4:69:57:5c:1a:c3:c5:84:ee:f0:80:
54:17:0a:19:17:35:c5:f3:e3:5b:c4:c6:c0:14:11:c7:3a:75:
ff:a1:ca:c4:64:2f:c8:59:92:f3:d3:78:db:51:01:3a:d9:cd:
04:be:75:11:9e:03:6a:85:e3:c1:37:d7:68:e8:5f:0a:85:ee:
ee:31:46:a9:c8:09:59:12:cf:a2:07:a2:a3:a4:4e:29:17:59:
00:dd:83:65:5b:a2:f3:0a:7a:90:e3:8d:14:9f:7e:e9:d7:f6:
f7:5f:d5:4b:01:94:6e:38:fa:be:05:e5:62:30:b0:8f:3d:c3:
59:43:63:f6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGOkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEZGOTZDRDk4MTQ2MDcy
MzYwODREQTFBRTRBODNFRjgwNjY5RDIyMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIpp3s4P4iAg+XzoZ1FlYFOZefbv+bJwKUl+3Fq/UOCFhvivR0
h2aaXNY4hROSMfjaOinF5wmgd5KmQ/zTNTK+u1LMRkdopSX7RDGhOMR3GR9tdd2x
nOFnyvOkXoXSjOFxV4u9un+1uM+i1xw+guLyelAdZ4V9C+zGlFBwdsvw/Y3g6vDZ
m+l1Lo/bxulSer1WigNobkmxgV1lZaDa/AW0wM8mi/OdY1ROxOfELof40VK54ItU
AjEH8o2BaswjCH6xvuKc4/CgIoJBLjImn6efExKkDNIqQ5ud7jTURFMoBrfI3Tyt
nXTzhudcVuX27OT00OseS6f9Fc8B20uYALVxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU/5bNmBRgcjYITaGuSoPvgGadIhAwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L181Yk5tQlJnY2pZSVRh
R3VTb1B2Z0dhZEloQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3SMwDQYJKoZIhvcNAQELBQADggEBANL/n6yXVSzI8YpMqEWKvDCS+ba8tcKO
Nl4KDwhUc59Uz1SyR5Bpribh9zhppuTjKE1wAIx0UrtTx3AISzNzxXkTQLvnS+2y
Vy45QlROXfW50P6JzcuvujmLUQPnVbrA20nWWixr28187liE9xo+TLGF2OkhaesQ
tLso826VrjpzbcGj5MWkaVdcGsPFhO7wgFQXChkXNcXz41vExsAUEcc6df+hysRk
L8hZkvPTeNtRATrZzQS+dRGeA2qF48E312joXwqF7u4xRqnICVkSz6IHoqOkTikX
WQDdg2VbovMKepDjjRSffunX9vdf1UsBlG44+r4F5WIwsI89w1lDY/Y=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:56 2025 by rpki-client