Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/jmBFcnxb-s6K367ZDGVIxVShBUE.roa
File: jmBFcnxb-s6K367ZDGVIxVShBUE.roa (raw, json)
Hash identifier: c0FBYaD3aXYvciPcOmEm3clk0Tl+gKl07WtKzqow6JA=
Subject key identifier: 8E:60:45:72:7C:5B:FA:CE:8A:DF:AE:D9:0C:65:48:C5:54:A1:05:41
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1535
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/jmBFcnxb-s6K367ZDGVIxVShBUE.roa
Signing time: Wed 11 Sep 2024 03:57:53 +0000
ROA not before: Wed 11 Sep 2024 03:57:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 103.221.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5429 (0x1535)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 03:57:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8E6045727C5BFACE8ADFAED90C6548C554A10541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e4:cd:5f:af:56:ab:f9:87:ee:5a:da:18:62:
6d:40:2c:f6:a9:37:c5:9e:09:45:f2:8e:c0:18:d6:
c7:8e:b1:77:9e:c6:62:fa:c6:66:dd:51:2f:2c:cb:
c8:ec:44:4d:37:27:44:6a:b1:1d:74:a4:70:76:bf:
8d:86:b7:22:72:3e:a0:76:8e:31:9c:96:86:8e:50:
dd:84:c2:7c:62:f9:dc:e3:74:3a:1b:dd:cb:63:77:
d4:ad:cd:68:9e:f2:43:e9:be:1f:b4:f0:5f:e8:9d:
c2:bb:ef:a8:ae:8e:69:50:05:f7:cd:59:38:b0:da:
c3:22:88:f6:af:b3:fe:59:97:60:aa:38:16:0f:68:
ad:31:a7:c2:87:76:bf:d6:88:2e:90:7c:fd:6d:ef:
39:60:29:15:94:c5:39:b2:9a:7a:3e:31:fe:1c:51:
7d:ab:a3:1a:b7:a2:0b:93:36:eb:a0:5c:a7:c0:02:
f7:00:2d:ec:ba:0c:df:d3:e3:e3:a4:d1:e9:b5:f4:
20:aa:84:43:a4:eb:89:5f:48:4f:ce:e2:40:76:fc:
97:c2:7f:1e:e7:67:00:3c:d5:07:92:72:03:4a:5d:
46:af:eb:66:fd:3b:0c:9d:6a:af:f1:c3:92:53:da:
36:b6:b1:9b:9d:d2:ce:ea:b4:e0:cc:51:ae:d3:55:
a4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:60:45:72:7C:5B:FA:CE:8A:DF:AE:D9:0C:65:48:C5:54:A1:05:41
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/jmBFcnxb-s6K367ZDGVIxVShBUE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.1.0/24
Signature Algorithm: sha256WithRSAEncryption
98:4e:00:fd:e2:3f:75:26:0a:c4:44:88:a6:d2:2b:34:7e:c0:
db:6a:57:2e:4c:b4:c0:21:90:ba:f8:9f:28:ea:98:86:48:82:
38:f1:17:92:5e:08:36:20:6e:b0:ff:1d:ff:a9:6e:d5:c0:f1:
3b:af:97:7c:8e:04:81:e7:af:34:b1:9b:8c:30:df:e6:57:6f:
95:1b:a6:0b:43:79:10:f5:37:98:ac:c0:a3:79:57:07:f6:16:
34:ae:b8:60:74:79:9d:f7:b8:a5:62:15:37:cc:33:90:7f:01:
b9:70:ae:5c:63:2f:1e:f1:fa:46:e8:1f:95:61:d2:6d:cb:1c:
a9:a2:21:57:fa:0b:7e:01:a2:bd:20:b2:15:6e:df:af:12:cc:
e6:be:ad:8d:ac:e8:ae:23:38:19:ee:bb:4b:61:56:51:24:91:
f2:08:11:99:8d:55:e5:54:5e:fc:5b:57:d4:ce:ee:7d:bb:cb:
5a:e6:04:ed:42:3e:86:31:a6:b0:4c:9c:a5:7f:ee:03:37:16:
8e:0f:dd:82:52:0c:05:fd:38:ac:40:4c:a0:5b:88:45:fe:01:
ca:ec:d1:9a:da:bd:52:88:c9:d4:e1:9d:0b:af:4a:50:0d:62:
5b:86:c9:62:43:d7:01:06:bd:40:8d:87:7a:d1:fd:fc:09:fe:
7c:f8:49:13
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFTUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MzU3NTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhFNjA0NTcyN0M1QkZB
Q0U4QURGQUVEOTBDNjU0OEM1NTRBMTA1NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw5M1fr1ar+YfuWtoYYm1ALPapN8WeCUXyjsAY1seOsXeexmL6
xmbdUS8sy8jsRE03J0RqsR10pHB2v42GtyJyPqB2jjGcloaOUN2Ewnxi+dzjdDob
3ctjd9StzWie8kPpvh+08F/oncK776iujmlQBffNWTiw2sMiiPavs/5Zl2CqOBYP
aK0xp8KHdr/WiC6QfP1t7zlgKRWUxTmymno+Mf4cUX2roxq3oguTNuugXKfAAvcA
Ley6DN/T4+Ok0em19CCqhEOk64lfSE/O4kB2/JfCfx7nZwA81QeScgNKXUav62b9
Owydaq/xw5JT2ja2sZud0s7qtODMUa7TVaRrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUjmBFcnxb+s6K367ZDGVIxVShBUEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2ptQkZjbnhiLXM2SzM2
N1pER1ZJeFZTaEJVRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3QEwDQYJKoZIhvcNAQELBQADggEBAJhOAP3iP3UmCsREiKbSKzR+wNtqVy5M
tMAhkLr4nyjqmIZIgjjxF5JeCDYgbrD/Hf+pbtXA8Tuvl3yOBIHnrzSxm4ww3+ZX
b5UbpgtDeRD1N5iswKN5Vwf2FjSuuGB0eZ33uKViFTfMM5B/AblwrlxjLx7x+kbo
H5Vh0m3LHKmiIVf6C34Bor0gshVu368SzOa+rY2s6K4jOBnuu0thVlEkkfIIEZmN
VeVUXvxbV9TO7n27y1rmBO1CPoYxprBMnKV/7gM3Fo4P3YJSDAX9OKxATKBbiEX+
Acrs0ZravVKIydThnQuvSlANYluGyWJD1wEGvUCNh3rR/fwJ/nz4SRM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:03 2025 by rpki-client