Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/f_iO8Sue_iPU7L4aY61MDfamiRg.roa
File: f_iO8Sue_iPU7L4aY61MDfamiRg.roa (raw, json)
Hash identifier: huxhJ919J6HZNO0Dv0YyP70RvtQFxfZXDB+QQzeJ+eY=
Subject key identifier: 7F:F8:8E:F1:2B:9E:FE:23:D4:EC:BE:1A:63:AD:4C:0D:F6:A6:89:18
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1545
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/f_iO8Sue_iPU7L4aY61MDfamiRg.roa
Signing time: Wed 11 Sep 2024 03:59:19 +0000
ROA not before: Wed 11 Sep 2024 03:59:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 103.221.24.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5445 (0x1545)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 03:59:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7FF88EF12B9EFE23D4ECBE1A63AD4C0DF6A68918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:53:f8:20:6c:6b:23:f2:c0:a3:94:70:16:0a:
78:9a:b3:09:de:d5:e6:76:dd:65:62:cc:1f:a0:96:
a6:1a:10:41:51:5e:30:db:b5:e4:18:f3:6a:83:28:
37:d3:86:a4:5f:ed:97:8c:c7:04:61:97:40:37:e0:
85:8f:59:78:22:5f:84:dc:fc:ee:56:97:ca:d2:c6:
07:c8:99:b7:8c:99:04:60:4a:68:d0:47:4c:92:77:
e4:f1:d3:7a:a5:98:ee:3f:cc:c6:64:d1:4c:a2:27:
ef:da:e8:af:4a:87:61:5a:42:e1:36:07:e5:67:1c:
7c:d5:5d:8c:cf:53:92:2c:35:47:87:1b:58:cc:b0:
6c:b0:26:48:f8:75:2e:28:9c:ae:74:4f:a2:46:6e:
96:75:1a:9b:dd:f1:5a:b1:b7:49:bf:d2:a9:1b:34:
3d:a1:ee:b0:a8:0c:bf:f0:ba:a9:0c:88:2f:58:44:
5e:20:65:82:06:4c:d1:89:e4:a7:cd:c7:d2:a9:76:
a1:d0:c1:fd:97:86:c7:cc:2a:13:e8:af:82:09:69:
96:82:34:0d:ac:5c:d7:47:2e:62:03:07:06:90:36:
ff:d8:36:60:53:c1:0e:88:e4:af:f6:b8:81:cd:9e:
51:8a:4c:62:48:5b:2d:61:23:83:fd:3e:3d:a6:3c:
9a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F8:8E:F1:2B:9E:FE:23:D4:EC:BE:1A:63:AD:4C:0D:F6:A6:89:18
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/f_iO8Sue_iPU7L4aY61MDfamiRg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.24.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:9c:da:f4:26:ed:c8:2f:dd:b2:05:82:b1:48:71:8f:5b:20:
28:35:90:9d:9b:29:a9:4d:e7:b1:a5:32:44:b2:a7:9b:a2:37:
e0:c9:60:0c:52:05:c9:33:d8:5a:05:cb:d6:7a:02:e7:30:e3:
bc:cc:aa:77:f0:a8:b3:2a:e3:ce:87:45:a4:c4:53:96:3a:97:
d5:21:80:5c:00:60:0c:9e:d4:50:d2:44:12:7f:43:a1:10:5e:
9c:0c:9a:d2:2b:57:bf:39:ff:50:a9:8e:c2:76:4c:89:00:d2:
03:2b:28:06:ab:03:e3:e9:bd:4c:b9:3e:e5:f8:71:ad:5b:a8:
55:3f:22:89:12:20:57:bb:36:5b:44:e4:d1:c1:e7:9c:45:5d:
a6:dd:b6:f2:cc:6c:c2:26:28:b0:ce:8d:66:80:0a:d1:01:80:
86:59:e6:48:57:94:30:e5:a4:24:23:09:60:59:83:01:7d:79:
a8:08:0f:b2:1b:dc:8b:4a:56:4a:51:8e:7d:b7:e2:0e:6d:03:
a7:26:93:33:86:45:cb:cd:35:00:a3:94:6e:f1:2d:fa:be:ca:
8b:68:23:0e:8c:fb:03:9d:bd:e1:86:ab:cd:60:f8:e4:34:43:
f5:4e:5c:5f:7c:3f:d4:35:0f:38:e9:0e:38:5c:0a:fe:13:dc:
f9:ec:56:15
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFUUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MzU5MTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdGRjg4RUYxMkI5RUZF
MjNENEVDQkUxQTYzQUQ0QzBERjZBNjg5MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVU/ggbGsj8sCjlHAWCniaswne1eZ23WVizB+glqYaEEFRXjDb
teQY82qDKDfThqRf7ZeMxwRhl0A34IWPWXgiX4Tc/O5Wl8rSxgfImbeMmQRgSmjQ
R0ySd+Tx03qlmO4/zMZk0UyiJ+/a6K9Kh2FaQuE2B+VnHHzVXYzPU5IsNUeHG1jM
sGywJkj4dS4onK50T6JGbpZ1Gpvd8Vqxt0m/0qkbND2h7rCoDL/wuqkMiC9YRF4g
ZYIGTNGJ5KfNx9KpdqHQwf2XhsfMKhPor4IJaZaCNA2sXNdHLmIDBwaQNv/YNmBT
wQ6I5K/2uIHNnlGKTGJIWy1hI4P9Pj2mPJopAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUf/iO8Sue/iPU7L4aY61MDfamiRgwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2ZfaU84U3VlX2lQVTdM
NGFZNjFNRGZhbWlSZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RgwDQYJKoZIhvcNAQELBQADggEBAMmc2vQm7cgv3bIFgrFIcY9bICg1kJ2b
KalN57GlMkSyp5uiN+DJYAxSBckz2FoFy9Z6Aucw47zMqnfwqLMq486HRaTEU5Y6
l9UhgFwAYAye1FDSRBJ/Q6EQXpwMmtIrV785/1CpjsJ2TIkA0gMrKAarA+PpvUy5
PuX4ca1bqFU/IokSIFe7NltE5NHB55xFXabdtvLMbMImKLDOjWaACtEBgIZZ5khX
lDDlpCQjCWBZgwF9eagID7Ib3ItKVkpRjn234g5tA6cmkzOGRcvNNQCjlG7xLfq+
yotoIw6M+wOdveGGq81g+OQ0Q/VOXF98P9Q1DzjpDjhcCv4T3PnsVhU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:09:37 2025 by rpki-client