Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/hkSO-diooUm7sKI4SwX6B6A9STU.roa
File: hkSO-diooUm7sKI4SwX6B6A9STU.roa (raw, json)
Hash identifier: yL0CZ594NShIUd04w8fIwdZIyNFbWHfP9CwYYnx1DPc=
Subject key identifier: 86:44:8E:F9:D8:A8:A1:49:BB:B0:A2:38:4B:05:FA:07:A0:3D:49:35
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18DE
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hkSO-diooUm7sKI4SwX6B6A9STU.roa
Signing time: Fri 17 Jan 2025 01:25:43 +0000
ROA not before: Fri 17 Jan 2025 01:25:43 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 103.220.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6366 (0x18de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:43 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=86448EF9D8A8A149BBB0A2384B05FA07A03D4935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:ce:c1:1f:b0:df:6d:e1:2f:b3:5a:c4:1c:f6:
b6:ac:fe:a9:f0:8f:b4:50:78:9e:c8:e6:28:08:34:
d6:3d:8d:18:ea:03:94:99:79:f0:7a:db:9e:89:60:
63:80:c5:2a:21:ab:a4:ce:e9:3e:47:01:ac:ac:63:
d3:ee:9a:3f:4f:fc:69:28:aa:d3:d6:c0:b3:ef:f9:
c2:6f:32:8f:ab:c2:17:a9:45:51:bd:b7:87:f7:a5:
e5:0b:5b:01:04:4c:85:ae:60:6f:2c:51:1e:fc:5a:
11:2d:fb:33:6d:50:7b:de:3c:29:9e:26:7e:5e:2c:
dd:7f:25:48:d1:04:d1:fe:c7:86:a4:7d:c0:6d:50:
9a:ce:4c:2f:28:d6:3e:2e:e0:32:82:3b:76:2c:06:
6c:aa:71:82:97:62:dd:36:97:66:d7:24:b6:28:aa:
d6:1a:c0:17:99:76:59:51:83:a5:3b:0b:1d:78:79:
f4:cf:12:64:65:e4:ff:38:bc:4e:3d:ca:6b:a1:12:
d5:4b:d7:78:af:db:2e:de:0d:09:3f:b5:46:4a:aa:
a1:10:12:90:1f:1e:59:21:f0:5b:a8:31:bd:c8:e2:
64:99:c4:23:46:df:92:e2:b1:0c:0c:2a:d3:34:64:
de:c7:70:a4:95:6c:37:bb:89:02:9e:60:14:b8:5e:
75:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:44:8E:F9:D8:A8:A1:49:BB:B0:A2:38:4B:05:FA:07:A0:3D:49:35
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hkSO-diooUm7sKI4SwX6B6A9STU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.220.255.0/24
Signature Algorithm: sha256WithRSAEncryption
02:a5:b5:6a:84:6e:8f:fd:c0:63:81:99:99:c3:d7:59:00:fd:
8e:4d:63:53:6c:f5:dc:8c:fc:62:04:b6:dd:72:29:81:ee:05:
e4:90:f4:05:df:a5:3f:c1:c0:68:65:df:d8:42:d6:e9:7f:3f:
1a:1b:5c:33:3a:d4:9c:f1:58:38:9a:1f:4d:2d:65:2c:61:93:
49:d7:00:b4:8f:e8:d6:6f:be:30:71:ae:6f:eb:7e:98:59:30:
69:30:bd:8f:27:09:49:be:ef:1f:db:c0:4a:7c:bc:23:6c:f5:
b5:22:63:72:2a:2c:57:e8:80:30:61:c0:96:e0:ad:bc:1d:99:
a4:23:2b:31:75:7d:0e:d9:a0:98:f9:6c:ea:a4:48:27:d8:0a:
65:28:a7:84:3b:29:99:69:c4:2a:13:e3:a7:75:24:5d:77:b8:
cc:02:76:c3:7f:e9:b7:6b:a1:11:74:8f:36:16:01:18:b4:cc:
40:a9:03:72:e7:e8:ca:81:5c:07:33:91:ae:9e:fc:86:14:68:
51:8a:3a:98:bd:d6:6d:cd:ee:9b:ed:67:3a:78:3e:31:28:a0:
62:62:27:63:26:96:5c:98:e8:ab:81:66:5e:2c:dd:b7:e5:95:
7a:9a:62:4f:27:a1:b4:da:d3:03:31:19:3a:de:0c:86:05:0d:
da:24:c4:ba
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg2NDQ4RUY5RDhBOEEx
NDlCQkIwQTIzODRCMDVGQTA3QTAzRDQ5MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD2zsEfsN9t4S+zWsQc9ras/qnwj7RQeJ7I5igINNY9jRjqA5SZ
efB6256JYGOAxSohq6TO6T5HAaysY9Pumj9P/GkoqtPWwLPv+cJvMo+rwhepRVG9
t4f3peULWwEETIWuYG8sUR78WhEt+zNtUHvePCmeJn5eLN1/JUjRBNH+x4akfcBt
UJrOTC8o1j4u4DKCO3YsBmyqcYKXYt02l2bXJLYoqtYawBeZdllRg6U7Cx14efTP
EmRl5P84vE49ymuhEtVL13iv2y7eDQk/tUZKqqEQEpAfHlkh8FuoMb3I4mSZxCNG
35LisQwMKtM0ZN7HcKSVbDe7iQKeYBS4XnV/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUhkSO+diooUm7sKI4SwX6B6A9STUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2hrU08tZGlvb1VtN3NL
STRTd1g2QjZBOVNUVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3P8wDQYJKoZIhvcNAQELBQADggEBAAKltWqEbo/9wGOBmZnD11kA/Y5NY1Ns
9dyM/GIEtt1yKYHuBeSQ9AXfpT/BwGhl39hC1ul/PxobXDM61JzxWDiaH00tZSxh
k0nXALSP6NZvvjBxrm/rfphZMGkwvY8nCUm+7x/bwEp8vCNs9bUiY3IqLFfogDBh
wJbgrbwdmaQjKzF1fQ7ZoJj5bOqkSCfYCmUop4Q7KZlpxCoT46d1JF13uMwCdsN/
6bdroRF0jzYWARi0zECpA3Ln6MqBXAczka6e/IYUaFGKOpi91m3N7pvtZzp4PjEo
oGJiJ2MmllyY6KuBZl4s3bfllXqaYk8nobTa0wMxGTreDIYFDdokxLo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:08 2025 by rpki-client