Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/cnXrVaoVs_V5nmb8NEhnspWEFA8.roa
File: cnXrVaoVs_V5nmb8NEhnspWEFA8.roa (raw, json)
Hash identifier: BHvF1hhPYtaXNC/iFdVDrWU8fKbfZarL+JOVgruP/Rg=
Subject key identifier: 72:75:EB:55:AA:15:B3:F5:79:9E:66:FC:34:48:67:B2:95:84:14:0F
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1538
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cnXrVaoVs_V5nmb8NEhnspWEFA8.roa
Signing time: Wed 11 Sep 2024 03:57:54 +0000
ROA not before: Wed 11 Sep 2024 03:57:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 103.221.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5432 (0x1538)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 03:57:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7275EB55AA15B3F5799E66FC344867B29584140F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5c:4a:fe:c2:8c:a4:9c:f3:09:6f:52:8a:76:
42:97:a7:9c:52:f3:fc:13:8d:41:fa:be:48:2c:be:
6b:cd:ae:df:c4:ed:bb:f1:76:4a:cd:db:29:47:3d:
2a:75:08:76:a8:18:d1:1e:22:03:03:ff:33:a8:61:
7d:58:75:22:5a:19:70:03:8d:2c:b0:9b:40:52:fa:
be:81:12:95:35:a7:93:20:e9:fc:b6:94:f3:4e:48:
1d:df:fa:c6:c4:02:0b:91:c0:f8:5c:46:51:bb:1d:
5d:c3:3a:57:71:46:66:f2:c8:a5:4c:db:b3:29:9d:
74:28:62:9d:c6:14:be:7c:b6:29:ac:64:7e:b9:e7:
96:ab:b3:35:3a:81:ef:86:6f:32:db:38:b4:3f:a9:
86:52:2a:b4:52:8b:16:6d:68:97:b5:e3:47:93:61:
7c:9e:68:ad:c6:5a:a9:b1:cc:6b:2b:0b:a2:5b:5a:
39:65:b1:d9:d2:dc:8c:f9:fa:4a:33:3e:e3:bd:a1:
d7:07:19:9a:ea:23:87:5b:36:67:26:1e:d0:9f:cc:
75:b9:f9:b8:1e:93:00:60:73:7e:7c:7b:6e:d6:fb:
ae:a8:18:2c:63:6b:ea:81:eb:cc:85:b4:92:b4:14:
02:52:11:e7:3f:02:18:3a:fa:c3:78:87:6b:62:d1:
5c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:75:EB:55:AA:15:B3:F5:79:9E:66:FC:34:48:67:B2:95:84:14:0F
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cnXrVaoVs_V5nmb8NEhnspWEFA8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.5.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:a3:52:20:0f:53:db:b7:ae:ef:15:84:ee:98:b3:51:87:50:
73:e7:df:69:da:a2:14:94:19:9b:2a:da:e1:db:1b:6a:f4:70:
c7:15:dc:ae:e0:e5:bd:0a:43:54:c2:64:0b:16:85:4d:dd:7d:
a7:36:2b:e0:ec:0c:ee:e9:a0:e2:06:09:ac:e2:26:52:30:bf:
aa:7d:78:5d:9a:6f:87:f3:30:7b:a1:18:f4:54:12:22:e9:d5:
57:11:c8:91:54:8c:7d:f6:97:31:6f:48:8d:d8:67:7f:3e:1b:
65:25:2f:35:b6:1c:12:7a:b8:d8:31:c0:37:3b:0a:00:24:a0:
eb:70:97:6d:cb:28:7b:bf:f7:2f:88:17:99:bf:8e:61:10:08:
f9:62:be:47:cf:0f:82:aa:32:11:79:bb:5b:14:2f:c4:e8:0c:
a0:dc:fc:79:1f:b4:53:72:4e:b2:2b:5c:bb:63:b1:07:25:a8:
ec:53:9f:6f:16:ae:0a:91:0f:df:22:67:fd:d4:65:c7:d0:5e:
c5:17:4d:f0:5a:69:67:ba:43:ef:2f:30:e1:1b:0e:6f:e4:55:
d5:86:5e:e4:63:29:0d:86:5e:c0:c6:99:ea:31:f8:36:7e:4e:
c0:bf:fe:30:88:f2:65:37:5a:d3:07:c8:6c:de:a2:1d:69:33:
ac:67:68:b5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFTgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MzU3NTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcyNzVFQjU1QUExNUIz
RjU3OTlFNjZGQzM0NDg2N0IyOTU4NDE0MEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCYXEr+woyknPMJb1KKdkKXp5xS8/wTjUH6vkgsvmvNrt/E7bvx
dkrN2ylHPSp1CHaoGNEeIgMD/zOoYX1YdSJaGXADjSywm0BS+r6BEpU1p5Mg6fy2
lPNOSB3f+sbEAguRwPhcRlG7HV3DOldxRmbyyKVM27MpnXQoYp3GFL58timsZH65
55arszU6ge+GbzLbOLQ/qYZSKrRSixZtaJe140eTYXyeaK3GWqmxzGsrC6JbWjll
sdnS3Iz5+kozPuO9odcHGZrqI4dbNmcmHtCfzHW5+bgekwBgc358e27W+66oGCxj
a+qB68yFtJK0FAJSEec/Ahg6+sN4h2ti0VzPAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUcnXrVaoVs/V5nmb8NEhnspWEFA8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2NuWHJWYW9Wc19WNW5t
YjhORWhuc3BXRUZBOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3QUwDQYJKoZIhvcNAQELBQADggEBAE6jUiAPU9u3ru8VhO6Ys1GHUHPn32na
ohSUGZsq2uHbG2r0cMcV3K7g5b0KQ1TCZAsWhU3dfac2K+DsDO7poOIGCaziJlIw
v6p9eF2ab4fzMHuhGPRUEiLp1VcRyJFUjH32lzFvSI3YZ38+G2UlLzW2HBJ6uNgx
wDc7CgAkoOtwl23LKHu/9y+IF5m/jmEQCPlivkfPD4KqMhF5u1sUL8ToDKDc/Hkf
tFNyTrIrXLtjsQclqOxTn28WrgqRD98iZ/3UZcfQXsUXTfBaaWe6Q+8vMOEbDm/k
VdWGXuRjKQ2GXsDGmeox+DZ+TsC//jCI8mU3WtMHyGzeoh1pM6xnaLU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:30 2025 by rpki-client