Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/_Ro5pPv1Xqjz2Y4Y4Ldvex1ke_I.roa
File: _Ro5pPv1Xqjz2Y4Y4Ldvex1ke_I.roa (raw, json)
Hash identifier: 4OFTWBikonE+842wSQlSvLm7zT+9M9jV5ce9+wF6fkw=
Subject key identifier: FD:1A:39:A4:FB:F5:5E:A8:F3:D9:8E:18:E0:B7:6F:7B:1D:64:7B:F2
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18AB
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/_Ro5pPv1Xqjz2Y4Y4Ldvex1ke_I.roa
Signing time: Fri 17 Jan 2025 01:25:23 +0000
ROA not before: Fri 17 Jan 2025 01:25:23 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 103.221.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6315 (0x18ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:23 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=FD1A39A4FBF55EA8F3D98E18E0B76F7B1D647BF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b3:db:10:30:2b:f3:6c:07:67:02:6c:b4:1a:
42:63:8e:1f:dc:67:50:b9:ac:18:40:55:fb:87:b6:
45:19:cb:f3:5c:7a:a6:18:b1:46:dd:b3:3f:dc:9e:
15:73:69:b9:9f:1f:52:4f:50:a1:21:c8:b9:0b:17:
d8:3e:e3:90:18:c2:21:3c:4d:9d:9a:fa:05:ff:57:
22:f1:91:85:e8:c1:3f:25:30:a7:37:75:0e:a6:39:
48:c0:09:33:50:f6:99:10:11:db:fe:aa:d6:f3:67:
3d:92:f3:a5:d4:24:08:bd:f0:09:e8:1d:c7:73:ae:
f1:6f:58:e0:e5:dc:ae:53:fb:66:08:90:30:cb:af:
be:7a:4f:fa:c6:bf:c8:5c:2d:36:fc:91:68:ec:c8:
a7:eb:0b:ce:62:b3:e1:2e:9f:94:66:3c:e7:76:c0:
bf:dd:0a:a0:79:33:44:0f:41:35:e5:5a:ad:4e:fb:
30:a2:6e:58:19:12:8c:6b:21:9e:08:9f:4d:ce:38:
bd:79:df:28:9c:35:42:cd:8f:26:f1:e1:2d:f7:22:
20:f6:bd:85:40:0f:49:05:b4:95:c2:f8:84:22:fa:
ac:b2:76:47:52:b7:d5:37:b5:df:22:d8:c6:08:3b:
46:19:de:7e:f8:98:60:e1:15:c4:b6:96:5e:0f:de:
b3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:1A:39:A4:FB:F5:5E:A8:F3:D9:8E:18:E0:B7:6F:7B:1D:64:7B:F2
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/_Ro5pPv1Xqjz2Y4Y4Ldvex1ke_I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.16.0/24
Signature Algorithm: sha256WithRSAEncryption
38:ef:90:24:49:c8:29:43:7e:79:48:2b:94:4c:a1:9a:9e:cc:
34:d1:cc:23:a7:65:c2:f4:91:6f:b4:0f:c5:d6:a7:9f:8c:e4:
3e:ef:a0:3a:ba:58:5c:7b:67:9b:af:bd:6f:d0:85:8e:7b:43:
50:2f:be:e7:b7:a5:31:20:6d:b7:1e:ad:61:36:44:c4:15:65:
23:aa:9c:cf:cd:bb:95:55:26:f0:97:a8:44:45:69:6d:aa:c3:
74:9a:03:43:6b:e1:03:73:22:d6:dd:91:c6:53:22:0f:04:25:
6f:2d:a9:6c:ee:d4:14:2d:74:3d:44:7d:0f:ce:0d:5b:90:13:
96:c8:93:2f:e6:96:d4:f0:41:aa:bd:a5:38:6d:4f:05:06:3b:
24:ad:68:5b:cc:38:5d:49:7a:a0:81:7a:5e:1d:95:a5:be:68:
b8:6f:23:5b:b7:e2:06:d9:03:cf:08:a5:82:41:2e:c9:a9:bb:
fc:e2:ad:5f:a1:00:4c:bd:47:1e:bd:f9:ab:79:cc:1b:7e:94:
84:84:3e:47:f1:f9:6d:bd:0f:bb:d6:04:9c:66:db:31:54:e1:
4e:60:61:0a:40:2f:5a:29:df:6b:38:89:73:dd:33:ca:55:bc:
a5:5e:b4:21:b8:70:1f:17:cd:7d:32:8c:08:15:79:22:46:49:
ec:c0:ac:92
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGKswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MjNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEZEMUEzOUE0RkJGNTVF
QThGM0Q5OEUxOEUwQjc2RjdCMUQ2NDdCRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKs9sQMCvzbAdnAmy0GkJjjh/cZ1C5rBhAVfuHtkUZy/NceqYY
sUbdsz/cnhVzabmfH1JPUKEhyLkLF9g+45AYwiE8TZ2a+gX/VyLxkYXowT8lMKc3
dQ6mOUjACTNQ9pkQEdv+qtbzZz2S86XUJAi98AnoHcdzrvFvWODl3K5T+2YIkDDL
r756T/rGv8hcLTb8kWjsyKfrC85is+Eun5RmPOd2wL/dCqB5M0QPQTXlWq1O+zCi
blgZEoxrIZ4In03OOL153yicNULNjybx4S33IiD2vYVAD0kFtJXC+IQi+qyydkdS
t9U3td8i2MYIO0YZ3n74mGDhFcS2ll4P3rO7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU/Ro5pPv1Xqjz2Y4Y4Ldvex1ke/IwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L19SbzVwUHYxWHFqejJZ
NFk0TGR2ZXgxa2VfSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RAwDQYJKoZIhvcNAQELBQADggEBADjvkCRJyClDfnlIK5RMoZqezDTRzCOn
ZcL0kW+0D8XWp5+M5D7voDq6WFx7Z5uvvW/QhY57Q1Avvue3pTEgbbcerWE2RMQV
ZSOqnM/Nu5VVJvCXqERFaW2qw3SaA0Nr4QNzItbdkcZTIg8EJW8tqWzu1BQtdD1E
fQ/ODVuQE5bIky/mltTwQaq9pThtTwUGOyStaFvMOF1JeqCBel4dlaW+aLhvI1u3
4gbZA88IpYJBLsmpu/zirV+hAEy9Rx69+at5zBt+lISEPkfx+W29D7vWBJxm2zFU
4U5gYQpAL1op32s4iXPdM8pVvKVetCG4cB8XzX0yjAgVeSJGSezArJI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:20:18 2025 by rpki-client