Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/eR2MEJiCHm0HJ17fTGI5Vb0eCBM.roa
File: eR2MEJiCHm0HJ17fTGI5Vb0eCBM.roa (raw, json)
Hash identifier: UTed95GF4BY6sVboy795+goMsv+KHghtxJ/WqbUA13E=
Subject key identifier: 79:1D:8C:10:98:82:1E:6D:07:27:5E:DF:4C:62:39:55:BD:1E:08:13
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1856
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/eR2MEJiCHm0HJ17fTGI5Vb0eCBM.roa
Signing time: Fri 17 Jan 2025 01:24:56 +0000
ROA not before: Fri 17 Jan 2025 01:24:56 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 103.221.25.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6230 (0x1856)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:56 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=791D8C1098821E6D07275EDF4C623955BD1E0813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d3:75:0e:c4:ef:07:1c:f4:fb:75:1e:a2:4c:
8e:1c:3c:09:3d:e0:a4:15:03:af:aa:9d:fd:40:37:
46:df:ae:61:8d:e9:73:5c:4e:2c:e6:59:e1:fe:95:
1b:04:1d:5a:6a:cc:7a:8f:9b:97:b2:07:d2:1c:76:
63:45:2d:29:72:5d:3a:0f:50:59:a8:2c:f6:ed:e7:
ab:72:46:6c:1e:08:98:ce:7a:61:f7:4d:e4:5f:23:
cd:81:23:fb:d4:d9:e6:28:9b:b2:b8:93:62:8c:6d:
82:78:b4:16:e8:de:b1:27:da:fb:48:00:75:90:c1:
02:ab:1b:74:a1:57:32:a1:98:0a:02:5e:4f:03:d1:
7c:71:04:9a:a5:1a:55:20:91:62:15:40:91:03:d8:
6c:41:89:35:a3:e1:42:75:b9:dd:44:97:bb:b7:7c:
27:8e:6b:2b:a3:bf:82:b3:5f:1d:52:b4:43:42:01:
6c:66:16:56:21:dc:ef:c9:2d:77:fb:cd:11:e5:b1:
fb:16:8d:6c:9a:78:c3:d0:e3:13:38:92:9f:8e:e9:
c2:39:3e:39:c4:97:0f:ee:6a:56:78:f5:c8:49:cc:
09:d0:ab:1c:00:63:26:f7:40:dc:b4:c0:0e:55:e3:
da:4b:0e:1e:4b:15:46:a6:4b:dd:fa:b6:e0:a8:1d:
f5:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:1D:8C:10:98:82:1E:6D:07:27:5E:DF:4C:62:39:55:BD:1E:08:13
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/eR2MEJiCHm0HJ17fTGI5Vb0eCBM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.25.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:a0:ef:38:6d:0e:b3:24:76:ad:a5:f3:2c:d5:3a:76:93:fe:
c3:fb:94:9a:e9:fd:a4:17:5d:3f:c4:60:32:db:01:99:27:9a:
0a:95:04:4c:5e:91:46:68:91:8f:73:4f:18:01:9d:1b:45:df:
93:ce:44:fb:e1:87:dd:a5:80:41:17:2f:63:8f:9a:39:fe:e4:
42:6e:b8:0a:c0:b4:67:58:e0:df:17:10:71:77:be:18:4b:91:
6a:be:93:f9:e8:d8:6d:a4:4a:60:39:01:fc:64:1d:2c:78:19:
ef:a4:99:ed:bf:1c:fe:51:a3:d5:34:90:d3:77:72:03:a0:90:
b2:ff:10:f0:46:66:ac:83:7c:7b:a0:89:e6:f7:dd:62:eb:3c:
c3:d1:70:91:9d:78:61:f6:9f:d5:21:16:cf:f2:2d:cd:f7:44:
e8:e4:45:b3:11:45:09:d8:ab:34:8c:35:22:32:98:d9:6d:4f:
e6:52:7a:d5:0a:d1:06:1c:be:d5:19:97:24:d5:19:2d:cf:15:
6f:66:90:91:82:33:d9:89:56:80:2a:09:2e:9d:68:c4:12:71:
b7:b3:5c:c4:1a:18:4c:e9:a5:d6:89:8c:b0:f1:43:54:c7:cf:
05:1f:b7:b4:da:af:53:10:9c:6c:e6:9b:6b:62:fb:68:d3:de:
2e:5f:a7:5c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGFYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0NTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDc5MUQ4QzEwOTg4MjFF
NkQwNzI3NUVERjRDNjIzOTU1QkQxRTA4MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI03UOxO8HHPT7dR6iTI4cPAk94KQVA6+qnf1AN0bfrmGN6XNc
TizmWeH+lRsEHVpqzHqPm5eyB9IcdmNFLSlyXToPUFmoLPbt56tyRmweCJjOemH3
TeRfI82BI/vU2eYom7K4k2KMbYJ4tBbo3rEn2vtIAHWQwQKrG3ShVzKhmAoCXk8D
0XxxBJqlGlUgkWIVQJED2GxBiTWj4UJ1ud1El7u3fCeOayujv4KzXx1StENCAWxm
FlYh3O/JLXf7zRHlsfsWjWyaeMPQ4xM4kp+O6cI5PjnElw/ualZ49chJzAnQqxwA
Yyb3QNy0wA5V49pLDh5LFUamS936tuCoHfUTAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUeR2MEJiCHm0HJ17fTGI5Vb0eCBMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2VSMk1FSmlDSG0wSEox
N2ZUR0k1VmIwZUNCTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RkwDQYJKoZIhvcNAQELBQADggEBANWg7zhtDrMkdq2l8yzVOnaT/sP7lJrp
/aQXXT/EYDLbAZknmgqVBExekUZokY9zTxgBnRtF35PORPvhh92lgEEXL2OPmjn+
5EJuuArAtGdY4N8XEHF3vhhLkWq+k/no2G2kSmA5AfxkHSx4Ge+kme2/HP5Ro9U0
kNN3cgOgkLL/EPBGZqyDfHugieb33WLrPMPRcJGdeGH2n9UhFs/yLc33ROjkRbMR
RQnYqzSMNSIymNltT+ZSetUK0QYcvtUZlyTVGS3PFW9mkJGCM9mJVoAqCS6daMQS
cbezXMQaGEzppdaJjLDxQ1THzwUft7Tar1MQnGzmm2ti+2jT3i5fp1w=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:19:39 2025 by rpki-client