Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/abAk_nj5k5_jsgGrDPQAYCIrhP4.roa
File: abAk_nj5k5_jsgGrDPQAYCIrhP4.roa (raw, json)
Hash identifier: ANIty69sMeNKP5QhHFAycJU1IDHr6swj9Rth8r9wC3E=
Subject key identifier: 69:B0:24:FE:78:F9:93:9F:E3:B2:01:AB:0C:F4:00:60:22:2B:84:FE
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 14E3
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/abAk_nj5k5_jsgGrDPQAYCIrhP4.roa
Signing time: Wed 11 Sep 2024 02:23:57 +0000
ROA not before: Wed 11 Sep 2024 02:23:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24373
IP address blocks: 103.220.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5347 (0x14e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=69B024FE78F9939FE3B201AB0CF40060222B84FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:69:f9:82:7a:b5:46:3a:fb:ae:5f:8d:2f:3f:
9f:a3:a5:2e:a5:a0:1e:46:ad:36:1f:ad:14:39:d4:
54:48:12:e1:f0:e7:0f:6a:a2:d5:5b:22:49:41:04:
89:6e:67:ff:af:aa:54:21:47:47:c4:98:4c:70:9f:
ed:d6:79:6e:57:03:5e:d7:22:d1:a4:a6:bc:de:04:
00:ce:7d:43:bf:dc:f4:83:02:a6:b0:4f:68:81:67:
81:f5:6e:ec:21:d7:7f:20:ea:4f:7d:55:c3:2b:bc:
7e:7a:ae:17:69:3e:71:be:0d:8e:23:27:53:2b:92:
d7:9d:e6:b3:02:60:95:4b:19:d2:38:c9:7c:6d:d2:
83:a6:a1:30:7a:c5:e4:7f:e8:ba:81:08:0b:c8:0d:
b0:6e:c0:4e:0d:9e:06:04:14:f1:e5:bf:62:0a:a0:
d8:7f:8f:d6:ed:43:58:89:18:24:72:11:b9:41:94:
a4:27:97:54:8b:e5:24:2b:4d:fb:c0:88:7c:da:8c:
05:6f:64:81:99:0d:95:4f:44:3b:f9:3c:a9:86:49:
4f:93:a8:4e:d5:cf:93:2f:1b:e2:6d:d1:30:10:4a:
86:3e:2d:7b:23:5b:a8:23:ed:41:0e:38:06:a6:e1:
80:b2:5b:c1:e5:30:8e:32:29:4d:01:2a:c0:ac:d2:
f7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:B0:24:FE:78:F9:93:9F:E3:B2:01:AB:0C:F4:00:60:22:2B:84:FE
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/abAk_nj5k5_jsgGrDPQAYCIrhP4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.220.248.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:2f:fc:05:ce:93:15:12:30:0d:73:8b:e8:64:f2:9a:6f:0e:
7d:30:78:1d:2a:e5:9c:a1:ba:6d:9c:15:d0:1f:44:c5:71:66:
04:7a:74:0e:c7:a6:59:74:ba:75:a3:c5:e2:e5:67:c8:4b:7c:
6b:70:2b:cd:52:d8:80:c5:fa:e7:cd:9b:64:47:5d:d6:64:02:
80:14:fa:88:fc:c7:55:ed:3c:59:04:6c:6c:20:94:2c:f1:a7:
ff:75:20:d0:7c:66:8b:4f:b2:89:22:6f:c5:32:c1:8b:75:85:
dd:a3:0c:5c:3d:41:27:b9:3f:e3:fa:3d:22:5f:ad:b8:73:9a:
aa:4a:93:fc:38:9c:81:ad:9c:41:b8:92:58:dd:07:a3:36:52:
f0:cc:06:08:3d:c7:03:39:3b:4b:6f:1b:14:58:13:c8:13:51:
24:f2:10:27:88:82:34:a5:89:7e:fb:76:65:34:7b:33:0e:d3:
ff:67:7a:6c:6c:c2:8d:75:06:51:dd:74:1a:fd:9b:2d:71:9e:
ed:ee:38:7f:a5:fc:03:1d:94:41:e5:02:6f:fd:1d:36:98:69:
a7:7b:d7:0d:ab:12:8a:41:c7:43:fb:30:40:d5:46:91:de:97:
c9:de:a6:8f:73:5a:00:03:78:0a:2a:3f:39:ee:d3:74:96:36:
d5:cc:af:07
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFOMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY5QjAyNEZFNzhGOTkz
OUZFM0IyMDFBQjBDRjQwMDYwMjIyQjg0RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaafmCerVGOvuuX40vP5+jpS6loB5GrTYfrRQ51FRIEuHw5w9q
otVbIklBBIluZ/+vqlQhR0fEmExwn+3WeW5XA17XItGkprzeBADOfUO/3PSDAqaw
T2iBZ4H1buwh138g6k99VcMrvH56rhdpPnG+DY4jJ1Mrkted5rMCYJVLGdI4yXxt
0oOmoTB6xeR/6LqBCAvIDbBuwE4NngYEFPHlv2IKoNh/j9btQ1iJGCRyEblBlKQn
l1SL5SQrTfvAiHzajAVvZIGZDZVPRDv5PKmGSU+TqE7Vz5MvG+Jt0TAQSoY+LXsj
W6gj7UEOOAam4YCyW8HlMI4yKU0BKsCs0vdZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUabAk/nj5k5/jsgGrDPQAYCIrhP4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2FiQWtfbmo1azVfanNn
R3JEUFFBWUNJcmhQNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3PgwDQYJKoZIhvcNAQELBQADggEBAKMv/AXOkxUSMA1zi+hk8ppvDn0weB0q
5Zyhum2cFdAfRMVxZgR6dA7Hpll0unWjxeLlZ8hLfGtwK81S2IDF+ufNm2RHXdZk
AoAU+oj8x1XtPFkEbGwglCzxp/91INB8ZotPsokib8UywYt1hd2jDFw9QSe5P+P6
PSJfrbhzmqpKk/w4nIGtnEG4kljdB6M2UvDMBgg9xwM5O0tvGxRYE8gTUSTyECeI
gjSliX77dmU0ezMO0/9nemxswo11BlHddBr9my1xnu3uOH+l/AMdlEHlAm/9HTaY
aad71w2rEopBx0P7MEDVRpHel8nepo9zWgADeAoqPznu03SWNtXMrwc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:14:46 2025 by rpki-client