Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/l1wL_xD24NiGwh73XkUMg8OXCVw.roa
File: l1wL_xD24NiGwh73XkUMg8OXCVw.roa (raw, json)
Hash identifier: rCNT3pQXqJ+c4qiVGadProLHMobrYUyudacYiRstHug=
Subject key identifier: 97:5C:0B:FF:10:F6:E0:D8:86:C2:1E:F7:5E:45:0C:83:C3:97:09:5C
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1504
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/l1wL_xD24NiGwh73XkUMg8OXCVw.roa
Signing time: Wed 11 Sep 2024 02:27:32 +0000
ROA not before: Wed 11 Sep 2024 02:27:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 13444
IP address blocks: 103.221.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5380 (0x1504)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:27:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=975C0BFF10F6E0D886C21EF75E450C83C397095C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:19:19:0e:41:f8:65:94:c9:94:9c:16:8b:18:
c2:f3:99:ce:62:eb:7e:20:17:1d:49:4a:36:c6:f1:
45:52:b9:56:e1:ae:f9:0d:d6:38:2b:7e:32:cd:60:
c3:22:09:c0:2e:88:cf:24:8b:bb:2f:b8:6f:48:16:
28:89:5e:3f:c7:45:38:65:48:df:14:df:f3:a3:a0:
00:d5:34:e4:66:80:88:26:54:33:f2:dc:0e:c7:22:
1d:64:89:d7:18:df:d1:1d:f1:32:ee:89:89:08:25:
06:a8:75:ff:50:8f:d4:e2:41:a7:ed:46:1a:b6:b8:
34:b5:12:d0:b6:85:ef:18:df:c6:62:62:72:30:35:
6b:f2:b8:4e:b3:f2:f5:23:03:28:f4:5c:20:16:58:
e4:aa:a0:8b:1c:98:6b:70:0e:9c:30:ec:89:4a:32:
6c:be:be:4c:66:7f:9e:53:94:98:52:f4:59:06:01:
c8:17:a6:71:98:f4:e3:a1:e7:53:21:d4:6d:37:1a:
15:80:52:09:4c:26:db:ba:c5:57:f7:f0:cb:19:2f:
f9:bf:d3:15:cb:8f:8b:e9:11:af:ff:e9:8a:16:34:
e6:cf:4e:b7:0f:2e:79:17:3d:9a:0b:b5:ab:e3:f3:
3d:63:ba:d4:2d:d4:cd:a3:37:82:31:2a:44:5c:a1:
a5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5C:0B:FF:10:F6:E0:D8:86:C2:1E:F7:5E:45:0C:83:C3:97:09:5C
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/l1wL_xD24NiGwh73XkUMg8OXCVw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.21.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:d9:7f:50:62:b8:8a:d8:66:61:cd:2f:3e:0c:d3:37:2b:90:
ba:c7:20:fa:e9:01:f3:85:ba:cd:ae:c3:26:ce:a4:56:6d:4a:
7e:d0:2b:cc:cf:32:2a:bf:8d:c5:93:5c:2c:65:d1:ef:95:c0:
3d:0c:1b:ee:8b:8b:3c:8f:90:bb:4d:3d:33:87:54:f9:ff:3d:
ee:63:ef:21:5f:d9:a2:cb:7a:4f:e6:3b:17:09:63:33:34:a3:
a4:8a:c3:4e:68:5a:2e:29:8f:9c:9b:13:ab:fc:80:2c:c1:94:
21:f2:f1:74:7c:47:fe:69:1f:b1:e2:e9:74:f8:23:86:dd:98:
6a:2f:fc:99:ea:48:57:18:35:03:30:1b:2d:72:4f:0c:5c:e8:
0b:6e:4e:ca:1c:8b:a2:ca:a8:e3:02:01:bf:98:d0:64:fc:34:
44:00:24:d9:e3:86:80:44:bf:89:e5:83:73:a4:cf:18:24:38:
d6:24:74:53:78:b6:d9:ea:6e:20:9f:d3:40:6f:3e:d8:fa:12:
17:24:69:e0:21:cd:9b:f6:16:7e:46:6d:33:f3:a0:a4:d9:fe:
86:1d:a0:0d:76:6f:5b:98:ba:8f:85:18:92:14:2b:e2:d1:b3:
38:80:9b:c7:c9:cb:22:94:37:43:60:a5:e1:30:65:64:69:97:
93:80:af:d7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFQQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjI3MzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3NUMwQkZGMTBGNkUw
RDg4NkMyMUVGNzVFNDUwQzgzQzM5NzA5NUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYGRkOQfhllMmUnBaLGMLzmc5i634gFx1JSjbG8UVSuVbhrvkN
1jgrfjLNYMMiCcAuiM8ki7svuG9IFiiJXj/HRThlSN8U3/OjoADVNORmgIgmVDPy
3A7HIh1kidcY39Ed8TLuiYkIJQaodf9Qj9TiQaftRhq2uDS1EtC2he8Y38ZiYnIw
NWvyuE6z8vUjAyj0XCAWWOSqoIscmGtwDpww7IlKMmy+vkxmf55TlJhS9FkGAcgX
pnGY9OOh51Mh1G03GhWAUglMJtu6xVf38MsZL/m/0xXLj4vpEa//6YoWNObPTrcP
LnkXPZoLtavj8z1jutQt1M2jN4IxKkRcoaXRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUl1wL/xD24NiGwh73XkUMg8OXCVwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2wxd0xfeEQyNE5pR3do
NzNYa1VNZzhPWENWdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RUwDQYJKoZIhvcNAQELBQADggEBAA7Zf1BiuIrYZmHNLz4M0zcrkLrHIPrp
AfOFus2uwybOpFZtSn7QK8zPMiq/jcWTXCxl0e+VwD0MG+6LizyPkLtNPTOHVPn/
Pe5j7yFf2aLLek/mOxcJYzM0o6SKw05oWi4pj5ybE6v8gCzBlCHy8XR8R/5pH7Hi
6XT4I4bdmGov/JnqSFcYNQMwGy1yTwxc6AtuTsoci6LKqOMCAb+Y0GT8NEQAJNnj
hoBEv4nlg3OkzxgkONYkdFN4ttnqbiCf00BvPtj6EhckaeAhzZv2Fn5GbTPzoKTZ
/oYdoA12b1uYuo+FGJIUK+LRsziAm8fJyyKUN0NgpeEwZWRpl5OAr9c=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:17 2025 by rpki-client