Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/jYwRhY-F1NpKrFaAWkiVCnohw24.roa
File: jYwRhY-F1NpKrFaAWkiVCnohw24.roa (raw, json)
Hash identifier: 3PewvgQRH98yHLfkW3DHsq72WgtKalzltWhx8cVvWP0=
Subject key identifier: 8D:8C:11:85:8F:85:D4:DA:4A:AC:56:80:5A:48:95:0A:7A:21:C3:6E
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18E3
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/jYwRhY-F1NpKrFaAWkiVCnohw24.roa
Signing time: Fri 17 Jan 2025 01:25:44 +0000
ROA not before: Fri 17 Jan 2025 01:25:44 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59083
IP address blocks: 103.10.0.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6371 (0x18e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:44 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=8D8C11858F85D4DA4AAC56805A48950A7A21C36E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fa:3b:6d:68:e1:f9:7d:b6:94:31:37:82:4d:
85:64:45:f9:2d:c1:99:22:c2:6e:d6:9d:8d:12:76:
a3:f2:73:a3:18:e6:b0:52:b5:40:76:f5:0d:02:ac:
8b:3b:94:3e:5c:dd:97:51:b7:ee:c9:53:f0:47:13:
b2:ef:66:94:42:0c:48:a7:7e:b7:c3:d2:c3:5a:8a:
ea:36:cf:aa:18:7f:5f:8d:d6:95:f9:85:f2:32:df:
89:97:42:da:02:48:85:ed:d7:b2:04:be:0f:33:c4:
c7:8b:7a:3b:e5:a7:a8:21:fc:e6:02:1e:f4:cb:32:
34:16:1b:d3:a4:88:22:3b:ab:2f:44:46:f1:35:be:
cf:bd:93:61:40:48:60:38:1a:a2:d6:d0:b5:ea:0c:
57:1d:7c:84:87:49:39:cb:d0:34:e5:2c:4d:07:58:
db:13:be:4e:40:ac:6c:1d:15:84:d6:2c:40:ca:37:
fa:d8:d5:a9:6b:66:e7:30:5a:b8:da:7f:33:37:c8:
1e:07:d2:b4:b0:21:b4:8b:9f:9f:39:1b:02:82:35:
22:91:25:5d:52:d0:5e:09:73:cf:22:87:2e:07:46:
50:ac:f9:90:eb:c5:be:c2:9d:32:34:cc:f7:3b:d3:
22:a7:e5:a2:28:c7:ce:41:0a:92:11:d4:aa:1b:b7:
ee:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:8C:11:85:8F:85:D4:DA:4A:AC:56:80:5A:48:95:0A:7A:21:C3:6E
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/jYwRhY-F1NpKrFaAWkiVCnohw24.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.10.0.0/22
Signature Algorithm: sha256WithRSAEncryption
67:d6:ea:9b:50:c2:fc:5e:08:ec:09:7b:77:13:a3:fd:85:40:
65:d7:8d:ce:f3:a0:93:0e:de:74:40:c0:3f:87:43:eb:0c:b2:
75:c2:c9:e5:e9:71:62:41:23:b1:1f:04:db:7a:ec:ba:4d:99:
0e:ad:03:9c:26:38:a4:f5:e4:0b:36:60:c7:ac:ec:58:39:8c:
47:66:5a:b3:45:b0:db:80:a8:8d:e0:97:2b:9e:d9:7c:16:49:
ba:07:01:c2:c3:29:60:f3:97:be:84:ef:74:0a:9d:0e:ed:4c:
2c:d8:5f:b8:be:e4:f6:c5:35:c2:65:5f:d0:2d:c8:7e:b5:ab:
f8:2e:e9:30:6b:3a:70:41:2a:63:61:9d:6f:b8:01:b8:c2:db:
46:c8:1d:f8:86:eb:5a:50:d8:9d:14:e9:8c:f5:68:35:b9:5e:
b6:d0:76:04:81:01:0b:bf:2e:98:c4:9d:99:27:62:b2:3a:ef:
67:5e:e7:40:9c:3a:dc:46:ae:23:bf:be:c5:8e:75:ea:38:36:
2b:71:74:5c:ab:d4:a4:85:9a:df:42:a1:bb:01:ba:65:7c:28:
5e:e6:3c:58:7b:bc:25:e3:a5:d4:46:70:b5:30:27:93:f8:bd:
91:77:35:2b:8c:d0:ad:e0:db:02:34:a1:40:d0:af:ce:9c:cc:
d8:e4:95:75
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGOMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhEOEMxMTg1OEY4NUQ0
REE0QUFDNTY4MDVBNDg5NTBBN0EyMUMzNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP+jttaOH5fbaUMTeCTYVkRfktwZkiwm7WnY0SdqPyc6MY5rBS
tUB29Q0CrIs7lD5c3ZdRt+7JU/BHE7LvZpRCDEinfrfD0sNaiuo2z6oYf1+N1pX5
hfIy34mXQtoCSIXt17IEvg8zxMeLejvlp6gh/OYCHvTLMjQWG9OkiCI7qy9ERvE1
vs+9k2FASGA4GqLW0LXqDFcdfISHSTnL0DTlLE0HWNsTvk5ArGwdFYTWLEDKN/rY
1alrZucwWrjafzM3yB4H0rSwIbSLn585GwKCNSKRJV1S0F4Jc88ihy4HRlCs+ZDr
xb7CnTI0zPc70yKn5aIox85BCpIR1Kobt+43AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUjYwRhY+F1NpKrFaAWkiVCnohw24wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2pZd1JoWS1GMU5wS3JG
YUFXa2lWQ25vaHcyNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJnCgAwDQYJKoZIhvcNAQELBQADggEBAGfW6ptQwvxeCOwJe3cTo/2FQGXXjc7z
oJMO3nRAwD+HQ+sMsnXCyeXpcWJBI7EfBNt67LpNmQ6tA5wmOKT15As2YMes7Fg5
jEdmWrNFsNuAqI3glyue2XwWSboHAcLDKWDzl76E73QKnQ7tTCzYX7i+5PbFNcJl
X9AtyH61q/gu6TBrOnBBKmNhnW+4AbjC20bIHfiG61pQ2J0U6Yz1aDW5XrbQdgSB
AQu/LpjEnZknYrI672de50CcOtxGriO/vsWOdeo4NitxdFyr1KSFmt9CobsBumV8
KF7mPFh7vCXjpdRGcLUwJ5P4vZF3NSuM0K3g2wI0oUDQr86czNjklXU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:46 2025 by rpki-client