Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/jjYpwUwQz2eVh6bFov7wwIm_3sQ.roa
File: jjYpwUwQz2eVh6bFov7wwIm_3sQ.roa (raw, json)
Hash identifier: hFTEVtpfbgGk0LfVVmId41Ds9xtZRSau/ROGW6UoYZ8=
Subject key identifier: 8E:36:29:C1:4C:10:CF:67:95:87:A6:C5:A2:FE:F0:C0:89:BF:DE:C4
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18EE
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/jjYpwUwQz2eVh6bFov7wwIm_3sQ.roa
Signing time: Fri 17 Jan 2025 01:25:49 +0000
ROA not before: Fri 17 Jan 2025 01:25:49 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 103.221.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6382 (0x18ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:49 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=8E3629C14C10CF679587A6C5A2FEF0C089BFDEC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:83:47:27:5a:92:0a:bd:26:f0:54:22:54:17:
d8:99:ab:c6:ce:ae:f0:87:a0:6b:31:a2:e2:6f:56:
f0:67:58:56:86:58:2f:5d:80:7e:75:56:7e:9c:7a:
25:88:42:02:c5:03:bc:f2:1b:cb:47:56:bb:bc:b3:
9a:fd:ec:6a:0d:c1:c5:7f:e9:7c:f6:32:3d:a5:5b:
3f:c7:92:1c:17:b0:43:5c:20:be:a3:a3:fb:78:f6:
93:88:91:2b:a8:9c:d4:ec:41:b3:89:57:c4:c3:81:
5d:f1:48:11:2d:63:02:29:a9:5c:3b:0a:67:f4:23:
23:e3:49:92:d1:ab:74:32:2c:d7:6f:5d:b4:9d:fb:
0d:4a:a7:de:3b:26:03:6c:16:36:24:fb:63:2a:d0:
31:7d:8f:ae:53:53:82:4d:14:ed:24:90:53:c6:db:
cc:9c:c7:35:54:1e:ff:fd:69:09:8c:db:10:b3:8b:
bf:ca:de:be:c9:0c:ea:6e:9f:69:fe:15:69:e1:bd:
ed:3b:f9:ec:32:cd:be:02:56:88:3b:70:36:2e:6c:
84:ce:ec:a7:ca:aa:41:29:be:63:b5:fa:08:af:7d:
cc:ed:c6:45:83:9b:a6:03:38:61:7d:5c:e6:db:86:
a3:41:5c:6f:5e:1e:b0:1d:8d:1c:69:62:90:28:f2:
23:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:36:29:C1:4C:10:CF:67:95:87:A6:C5:A2:FE:F0:C0:89:BF:DE:C4
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/jjYpwUwQz2eVh6bFov7wwIm_3sQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.2.0/24
Signature Algorithm: sha256WithRSAEncryption
18:27:e1:0a:5b:63:86:db:e7:44:40:f1:ad:47:ae:1d:dc:65:
7e:aa:22:07:79:79:c7:00:8f:9d:46:c0:9a:67:a9:ed:2f:49:
82:b4:59:59:8d:6f:f4:a1:65:16:e2:58:c5:cb:23:d5:71:f1:
2a:50:6a:e7:25:73:b1:b6:20:55:40:23:65:02:24:b2:1e:3d:
0a:1c:d0:3e:07:29:dd:13:f0:ed:4b:de:d9:40:af:5e:c4:fd:
13:65:e3:c0:28:2e:8b:36:ef:e3:09:fe:c9:be:75:41:af:63:
7a:9d:3e:af:59:1c:cf:09:2a:a2:96:56:a1:a5:35:6b:90:93:
37:24:27:ac:fb:e5:ad:2f:5c:87:2e:6e:78:a5:b1:4f:b4:bb:
2d:b5:33:48:b9:cf:78:5b:b3:dc:7d:60:3c:30:da:37:03:c9:
b6:eb:85:5a:e1:f3:bd:06:1a:4a:99:5d:9c:13:02:4c:71:04:
b6:54:f2:43:d6:8d:5c:2e:92:87:44:d8:59:4d:ca:c6:ef:05:
9a:9c:ac:f6:b6:3e:d3:37:90:6b:e1:74:48:1d:03:65:61:ee:
09:ba:c9:66:c8:5d:cb:5e:70:10:a5:72:fb:a3:62:9a:23:e9:
4d:9c:10:82:5b:36:32:d4:9a:90:c1:5b:83:d3:85:0a:41:94:
22:ff:9c:09
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGO4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhFMzYyOUMxNEMxMENG
Njc5NTg3QTZDNUEyRkVGMEMwODlCRkRFQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUg0cnWpIKvSbwVCJUF9iZq8bOrvCHoGsxouJvVvBnWFaGWC9d
gH51Vn6ceiWIQgLFA7zyG8tHVru8s5r97GoNwcV/6Xz2Mj2lWz/HkhwXsENcIL6j
o/t49pOIkSuonNTsQbOJV8TDgV3xSBEtYwIpqVw7Cmf0IyPjSZLRq3QyLNdvXbSd
+w1Kp947JgNsFjYk+2Mq0DF9j65TU4JNFO0kkFPG28ycxzVUHv/9aQmM2xCzi7/K
3r7JDOpun2n+FWnhve07+ewyzb4CVog7cDYubITO7KfKqkEpvmO1+givfcztxkWD
m6YDOGF9XObbhqNBXG9eHrAdjRxpYpAo8iMxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUjjYpwUwQz2eVh6bFov7wwIm/3sQwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2pqWXB3VXdRejJlVmg2
YkZvdjd3d0ltXzNzUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3QIwDQYJKoZIhvcNAQELBQADggEBABgn4QpbY4bb50RA8a1Hrh3cZX6qIgd5
eccAj51GwJpnqe0vSYK0WVmNb/ShZRbiWMXLI9Vx8SpQauclc7G2IFVAI2UCJLIe
PQoc0D4HKd0T8O1L3tlAr17E/RNl48AoLos27+MJ/sm+dUGvY3qdPq9ZHM8JKqKW
VqGlNWuQkzckJ6z75a0vXIcubnilsU+0uy21M0i5z3hbs9x9YDww2jcDybbrhVrh
870GGkqZXZwTAkxxBLZU8kPWjVwukodE2FlNysbvBZqcrPa2PtM3kGvhdEgdA2Vh
7gm6yWbIXctecBClcvujYpoj6U2cEIJbNjLUmpDBW4PThQpBlCL/nAk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:33 2025 by rpki-client