Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/mnE2_OQkEjol34mD-fQ5Zue1WK4.roa
File: mnE2_OQkEjol34mD-fQ5Zue1WK4.roa (raw, json)
Hash identifier: vDQovrtBEKcjncf8i/cGV4m/WmDQmEFBHaBCf4vUe5Q=
Subject key identifier: 9A:71:36:FC:E4:24:12:3A:25:DF:89:83:F9:F4:39:66:E7:B5:58:AE
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1481
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/mnE2_OQkEjol34mD-fQ5Zue1WK4.roa
Signing time: Wed 11 Sep 2024 02:23:24 +0000
ROA not before: Wed 11 Sep 2024 02:23:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 103.221.8.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5249 (0x1481)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9A7136FCE424123A25DF8983F9F43966E7B558AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a3:40:95:83:1d:47:b4:bf:8a:fa:ad:71:84:
b6:ac:96:66:7d:34:03:43:09:67:1f:00:b4:bb:0a:
3e:dd:fe:18:46:36:7d:9e:4e:13:e2:58:d8:38:53:
72:1f:6a:62:f5:20:99:18:6d:6a:63:6c:05:67:a4:
46:33:ad:9c:da:e0:70:d7:df:5c:27:c9:6e:2d:62:
d3:17:16:fb:c0:10:30:46:c0:8a:fd:be:64:b2:63:
07:92:74:ee:8b:30:32:bc:77:3e:da:48:6c:35:bf:
4d:9e:6a:1a:7e:97:13:f1:81:51:b1:b6:e9:94:05:
8c:fa:f6:29:fa:28:c1:02:0e:75:bc:95:96:48:51:
a4:73:cb:e5:21:a6:84:35:b3:77:44:83:05:5e:84:
34:3a:9a:0a:27:ae:f3:9b:99:2e:04:8b:7e:36:ef:
5c:71:e6:03:82:5c:19:47:ea:84:92:b4:71:ef:cf:
10:e2:fa:6e:57:59:50:e8:02:55:20:fd:06:00:6b:
02:c5:af:9b:19:16:55:b5:fd:53:77:3f:e6:d6:ca:
b3:b4:c0:ae:a5:a9:bc:9f:b3:32:39:e7:c8:c8:19:
5a:b7:95:41:b5:c2:9a:32:41:18:01:95:dd:96:fb:
14:a0:e6:ff:8c:6c:b9:7f:dd:9a:9e:e8:c6:ad:d9:
a7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:71:36:FC:E4:24:12:3A:25:DF:89:83:F9:F4:39:66:E7:B5:58:AE
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/mnE2_OQkEjol34mD-fQ5Zue1WK4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.8.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:d5:47:df:dd:08:0c:c3:13:62:97:ec:58:6c:12:ca:4a:0c:
75:f0:81:0c:8d:71:b1:96:82:cc:46:be:e2:cd:32:b8:24:78:
6d:30:23:18:61:7d:88:8b:76:11:9d:65:d5:e8:fe:b0:4f:14:
d0:d5:06:4f:36:20:13:bf:0d:76:3a:b8:4f:dc:03:7b:c4:35:
37:2b:e4:7b:21:57:34:0d:c0:da:16:67:4e:ea:4c:f7:72:5f:
56:07:a9:1a:da:59:83:3a:70:37:99:4e:e9:87:df:10:bd:12:
3b:26:9c:5c:f4:ef:ae:23:c1:64:e6:65:35:aa:9f:36:bb:05:
17:a5:8c:fd:b7:53:13:08:3a:97:e4:16:53:7c:07:49:a4:04:
4c:c6:9d:a1:5d:f9:03:57:f3:07:78:53:74:26:8f:c8:99:47:
d1:de:a0:ff:cd:ce:95:f6:d0:cd:ea:06:03:3a:e4:da:38:7d:
3d:71:ed:e9:21:5d:16:cc:d4:70:5e:f2:ee:b5:cb:d6:e5:21:
b9:6c:d4:78:85:3e:2a:54:8a:70:05:8b:88:82:d3:3a:d8:2c:
78:24:30:90:83:7e:f0:01:a3:9a:41:dc:d2:82:6f:f2:81:98:
a1:19:2d:0e:d4:10:4f:f6:a0:fc:03:61:fd:61:f7:82:26:7f:
f4:a2:ef:0b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFIEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlBNzEzNkZDRTQyNDEy
M0EyNURGODk4M0Y5RjQzOTY2RTdCNTU4QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7o0CVgx1HtL+K+q1xhLaslmZ9NANDCWcfALS7Cj7d/hhGNn2e
ThPiWNg4U3IfamL1IJkYbWpjbAVnpEYzrZza4HDX31wnyW4tYtMXFvvAEDBGwIr9
vmSyYweSdO6LMDK8dz7aSGw1v02eahp+lxPxgVGxtumUBYz69in6KMECDnW8lZZI
UaRzy+UhpoQ1s3dEgwVehDQ6mgonrvObmS4Ei34271xx5gOCXBlH6oSStHHvzxDi
+m5XWVDoAlUg/QYAawLFr5sZFlW1/VN3P+bWyrO0wK6lqbyfszI558jIGVq3lUG1
wpoyQRgBld2W+xSg5v+MbLl/3Zqe6Mat2acJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUmnE2/OQkEjol34mD+fQ5Zue1WK4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L21uRTJfT1FrRWpvbDM0
bUQtZlE1WnVlMVdLNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3QgwDQYJKoZIhvcNAQELBQADggEBAMXVR9/dCAzDE2KX7FhsEspKDHXwgQyN
cbGWgsxGvuLNMrgkeG0wIxhhfYiLdhGdZdXo/rBPFNDVBk82IBO/DXY6uE/cA3vE
NTcr5HshVzQNwNoWZ07qTPdyX1YHqRraWYM6cDeZTumH3xC9EjsmnFz0764jwWTm
ZTWqnza7BReljP23UxMIOpfkFlN8B0mkBEzGnaFd+QNX8wd4U3Qmj8iZR9HeoP/N
zpX20M3qBgM65No4fT1x7ekhXRbM1HBe8u61y9blIbls1HiFPipUinAFi4iC0zrY
LHgkMJCDfvABo5pB3NKCb/KBmKEZLQ7UEE/2oPwDYf1h94Imf/Si7ws=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:25 2025 by rpki-client