Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/dw2PiE5UcC2nW2pABwoyPXk_ASI.roa
File: dw2PiE5UcC2nW2pABwoyPXk_ASI.roa (raw, json)
Hash identifier: 3Bq0x3DdZ3anzL4u7CU7uBa8H25vxmA6nQn9kZgHLjo=
Subject key identifier: 77:0D:8F:88:4E:54:70:2D:A7:5B:6A:40:07:0A:32:3D:79:3F:01:22
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18B3
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dw2PiE5UcC2nW2pABwoyPXk_ASI.roa
Signing time: Fri 17 Jan 2025 01:25:26 +0000
ROA not before: Fri 17 Jan 2025 01:25:26 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 103.221.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6323 (0x18b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:26 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=770D8F884E54702DA75B6A40070A323D793F0122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:9e:1f:21:f9:72:01:b1:7b:24:2f:71:05:e3:
05:24:6e:91:4d:3d:b8:f1:c8:da:cd:36:8e:a3:73:
3c:4c:b6:91:ae:88:8d:13:48:6b:c2:f0:51:f5:03:
94:4f:a5:dd:fd:4f:13:28:35:a4:6e:f7:44:cc:ee:
5b:b0:35:4f:61:24:a4:cd:b9:06:2d:b4:25:d7:49:
da:e6:e9:e3:c8:e9:42:98:d4:ef:f5:65:38:0c:a5:
5b:1a:76:31:86:df:d1:5c:81:c6:10:60:24:9c:8b:
4e:fc:5d:9c:f3:b9:ef:4d:44:f4:bd:0d:9b:54:99:
f3:26:cd:28:c1:71:84:e9:fa:31:36:56:47:77:d5:
bf:fd:d3:3c:a7:d7:67:a2:7b:56:e4:0c:2d:42:f9:
cf:01:4c:d6:00:69:a7:bb:48:94:98:c1:51:53:91:
4f:bf:dc:8b:99:79:b4:b6:d2:c6:d9:38:f0:90:b6:
ce:7e:fb:00:78:ca:bd:21:d1:57:ef:20:c1:ea:9c:
67:3c:5c:8a:de:f5:8a:d7:3d:2e:8b:0c:92:75:8d:
73:2f:d5:b1:71:b9:b5:1a:4b:0d:68:68:10:98:63:
ce:dc:50:be:ae:b9:02:99:02:04:2f:9d:ec:4f:7f:
7e:59:8d:23:15:5a:0d:2f:f6:2a:58:8a:1f:77:21:
7c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:0D:8F:88:4E:54:70:2D:A7:5B:6A:40:07:0A:32:3D:79:3F:01:22
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dw2PiE5UcC2nW2pABwoyPXk_ASI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.20.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:93:b4:fa:f7:08:c7:97:d4:4f:ca:4d:a1:f9:ec:e1:68:01:
d9:1b:fc:65:56:df:7c:72:ed:bb:23:4e:1e:86:c0:97:ee:cd:
67:50:8c:0b:72:59:bd:6c:e5:2f:a7:09:cd:e5:86:ba:92:0d:
e4:4b:28:10:15:c1:24:03:d2:3c:5f:af:b4:8e:db:a0:de:8b:
31:f3:4b:87:3e:74:a7:cf:eb:70:b0:00:db:fe:db:34:2d:71:
f4:16:16:c0:9a:a6:7c:82:1f:1c:f1:38:e9:72:8d:7c:e1:65:
9d:b5:3b:8c:c3:78:86:d4:66:b1:02:5d:ba:ae:a3:f9:ef:d7:
56:71:bb:d3:c8:2c:89:a2:80:f9:5e:ce:7c:a4:e3:3e:95:ad:
19:26:3c:6b:1d:2e:82:d8:12:c0:c7:8e:c8:32:88:4b:e8:2f:
08:fc:39:d1:7f:2d:ed:62:99:70:7f:89:ba:34:cb:8c:cf:23:
9b:d0:f3:c7:26:ac:1f:b5:fa:6f:53:e5:8e:9e:6f:52:3f:23:
37:e5:c1:c3:af:d1:e3:3e:e0:9a:4e:4d:fd:e2:48:1c:03:b2:
57:9e:80:02:a0:30:42:f2:cc:62:1a:c6:3e:64:da:51:07:03:
94:b8:37:01:bd:8c:3e:1c:98:1b:bb:27:f0:2f:fa:2c:7f:89:
b0:e0:f4:17
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGLMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MjZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDc3MEQ4Rjg4NEU1NDcw
MkRBNzVCNkE0MDA3MEEzMjNENzkzRjAxMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgnh8h+XIBsXskL3EF4wUkbpFNPbjxyNrNNo6jczxMtpGuiI0T
SGvC8FH1A5RPpd39TxMoNaRu90TM7luwNU9hJKTNuQYttCXXSdrm6ePI6UKY1O/1
ZTgMpVsadjGG39FcgcYQYCSci078XZzzue9NRPS9DZtUmfMmzSjBcYTp+jE2Vkd3
1b/90zyn12eie1bkDC1C+c8BTNYAaae7SJSYwVFTkU+/3IuZebS20sbZOPCQts5+
+wB4yr0h0VfvIMHqnGc8XIre9YrXPS6LDJJ1jXMv1bFxubUaSw1oaBCYY87cUL6u
uQKZAgQvnexPf35ZjSMVWg0v9ipYih93IXztAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUdw2PiE5UcC2nW2pABwoyPXk/ASIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2R3MlBpRTVVY0Myblcy
cEFCd295UFhrX0FTSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3RQwDQYJKoZIhvcNAQELBQADggEBALOTtPr3CMeX1E/KTaH57OFoAdkb/GVW
33xy7bsjTh6GwJfuzWdQjAtyWb1s5S+nCc3lhrqSDeRLKBAVwSQD0jxfr7SO26De
izHzS4c+dKfP63CwANv+2zQtcfQWFsCapnyCHxzxOOlyjXzhZZ21O4zDeIbUZrEC
Xbquo/nv11Zxu9PILImigPleznyk4z6VrRkmPGsdLoLYEsDHjsgyiEvoLwj8OdF/
Le1imXB/ibo0y4zPI5vQ88cmrB+1+m9T5Y6eb1I/IzflwcOv0eM+4JpOTf3iSBwD
sleegAKgMELyzGIaxj5k2lEHA5S4NwG9jD4cmBu7J/Av+ix/ibDg9Bc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:02:21 2025 by rpki-client