Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/hTl6gQ3XxwY-aaSNe0WYWifXrOI.roa
File: hTl6gQ3XxwY-aaSNe0WYWifXrOI.roa (raw, json)
Hash identifier: Q5HpYfJdOr/4c3F0s+jXV3Oivo1CGT6SEChkwkaVxhU=
Subject key identifier: 85:39:7A:81:0D:D7:C7:06:3E:69:A4:8D:7B:45:98:5A:27:D7:AC:E2
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1885
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hTl6gQ3XxwY-aaSNe0WYWifXrOI.roa
Signing time: Fri 17 Jan 2025 01:25:11 +0000
ROA not before: Fri 17 Jan 2025 01:25:11 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 103.221.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6277 (0x1885)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:11 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=85397A810DD7C7063E69A48D7B45985A27D7ACE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:15:ba:25:bb:d9:67:99:2f:74:48:65:ec:3f:
62:98:b2:20:e1:b7:55:7e:df:03:79:3d:e6:f0:73:
6e:c1:94:1f:e8:c9:94:3f:20:09:69:2b:e9:2b:1a:
d2:79:cc:0f:4a:8a:68:c8:19:e8:ff:b1:b6:10:85:
4f:44:bf:0e:80:98:3b:b7:b8:ca:a1:2b:21:79:09:
b8:a1:6f:69:67:48:bd:65:1a:02:4b:39:49:4f:c0:
99:e6:f4:1c:e8:4d:3f:b8:ab:f2:d1:1b:f1:78:76:
26:6e:cf:78:c0:1b:1a:11:ac:6b:c5:aa:a5:98:13:
5b:8c:ba:93:84:63:aa:69:c1:b0:f0:ff:95:48:c6:
43:e7:dd:63:07:9e:f9:f6:a3:92:1f:ce:86:c6:3d:
c7:de:d9:db:bc:a0:7a:31:c7:cc:b5:74:67:54:cb:
6b:c5:f3:1d:ba:34:ac:24:a7:05:fe:8b:b3:e2:70:
55:ff:be:69:44:30:c9:8d:96:96:73:72:39:3e:28:
34:58:2c:d1:ee:25:c7:96:7a:82:8a:76:bc:06:f3:
12:b1:18:94:6c:a6:39:e4:1c:f9:8a:d2:62:b1:a9:
bc:a0:73:e0:05:31:64:40:70:f1:83:d4:72:42:26:
83:f3:78:b4:bc:6f:a2:6d:e8:e0:6f:47:ec:37:1d:
cf:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:39:7A:81:0D:D7:C7:06:3E:69:A4:8D:7B:45:98:5A:27:D7:AC:E2
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hTl6gQ3XxwY-aaSNe0WYWifXrOI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.15.0/24
Signature Algorithm: sha256WithRSAEncryption
dd:a4:bc:45:02:a8:8e:25:0f:29:18:d6:0c:38:20:b8:dd:51:
b2:17:d1:da:f5:40:38:07:f5:2f:4c:27:4b:11:94:c1:6a:b6:
b8:90:dd:3c:c9:fa:05:a7:a2:2a:ff:9a:9d:ef:70:dd:7e:e2:
ce:3b:40:da:1f:d3:d7:dc:5f:7b:40:60:b6:68:e7:bb:10:16:
27:93:d5:f3:d3:a8:2b:df:a7:aa:de:14:07:2e:f1:f1:84:d6:
84:99:97:28:45:58:1b:6e:a4:7a:40:9e:1e:d5:1e:7d:e6:d2:
f7:d1:dd:bc:e2:bb:d5:56:56:57:94:03:76:8b:f0:7b:ed:7c:
eb:b3:b7:58:b0:34:8d:cc:6e:75:b8:0a:1c:2f:e9:13:bc:83:
db:a7:34:b4:8a:79:d6:83:55:c4:41:f3:d4:6e:cb:b7:93:76:
d4:2a:43:ef:9f:de:44:c9:c7:68:0b:d3:d7:c1:44:86:f0:53:
0c:71:a6:33:1f:6c:a8:2a:5f:c8:ee:d2:a7:91:ae:7d:86:c7:
e8:ba:24:2b:b2:06:25:6b:c8:07:3a:bd:72:65:24:f7:94:bf:
7d:c1:d6:7c:b3:97:87:ff:43:75:1d:7c:26:4b:be:59:ef:7d:
22:0f:67:5a:31:0e:36:11:56:70:ae:44:c1:9f:3b:e0:ce:72:
e4:45:51:89
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGIUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg1Mzk3QTgxMEREN0M3
MDYzRTY5QTQ4RDdCNDU5ODVBMjdEN0FDRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnFbolu9lnmS90SGXsP2KYsiDht1V+3wN5Pebwc27BlB/oyZQ/
IAlpK+krGtJ5zA9KimjIGej/sbYQhU9Evw6AmDu3uMqhKyF5Cbihb2lnSL1lGgJL
OUlPwJnm9BzoTT+4q/LRG/F4diZuz3jAGxoRrGvFqqWYE1uMupOEY6ppwbDw/5VI
xkPn3WMHnvn2o5IfzobGPcfe2du8oHoxx8y1dGdUy2vF8x26NKwkpwX+i7PicFX/
vmlEMMmNlpZzcjk+KDRYLNHuJceWeoKKdrwG8xKxGJRspjnkHPmK0mKxqbygc+AF
MWRAcPGD1HJCJoPzeLS8b6Jt6OBvR+w3Hc+HAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUhTl6gQ3XxwY+aaSNe0WYWifXrOIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2hUbDZnUTNYeHdZLWFh
U05lMFdZV2lmWHJPSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3Q8wDQYJKoZIhvcNAQELBQADggEBAN2kvEUCqI4lDykY1gw4ILjdUbIX0dr1
QDgH9S9MJ0sRlMFqtriQ3TzJ+gWnoir/mp3vcN1+4s47QNof09fcX3tAYLZo57sQ
FieT1fPTqCvfp6reFAcu8fGE1oSZlyhFWBtupHpAnh7VHn3m0vfR3bziu9VWVleU
A3aL8HvtfOuzt1iwNI3MbnW4Chwv6RO8g9unNLSKedaDVcRB89Ruy7eTdtQqQ++f
3kTJx2gL09fBRIbwUwxxpjMfbKgqX8ju0qeRrn2Gx+i6JCuyBiVryAc6vXJlJPeU
v33B1nyzl4f/Q3UdfCZLvlnvfSIPZ1oxDjYRVnCuRMGfO+DOcuRFUYk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:24 2025 by rpki-client