Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/o4vkVp0FCwug32iOj7xA0dqzvjE.roa
File: o4vkVp0FCwug32iOj7xA0dqzvjE.roa (raw, json)
Hash identifier: yG9PvstQ5eqVGosD0UWD6VqNOZcoCAijNLh9tg8BR6M=
Subject key identifier: A3:8B:E4:56:9D:05:0B:0B:A0:DF:68:8E:8F:BC:40:D1:DA:B3:BE:31
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 14FA
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/o4vkVp0FCwug32iOj7xA0dqzvjE.roa
Signing time: Wed 11 Sep 2024 02:26:13 +0000
ROA not before: Wed 11 Sep 2024 02:26:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 13444
IP address blocks: 103.221.12.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5370 (0x14fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:26:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A38BE4569D050B0BA0DF688E8FBC40D1DAB3BE31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:18:24:1f:8c:b0:a4:b1:12:21:d7:9b:a4:dd:
5e:ef:6f:ed:9c:d4:54:53:69:7a:b0:a4:2a:24:a8:
1d:6a:f1:be:46:82:8f:29:4a:13:8e:1b:6c:b5:b6:
40:d4:15:0a:a0:79:46:bd:5e:40:49:0e:5d:5b:91:
3b:0f:ad:da:17:7b:d7:e8:2b:c2:b1:36:c7:97:01:
89:b9:94:55:1f:7a:0a:85:71:8e:f4:d1:b1:5c:8d:
87:cf:51:fd:ed:e5:53:79:71:f3:9c:85:ff:5a:79:
fa:1c:5b:d7:d1:45:c1:0e:8e:fa:f8:95:91:6d:f3:
97:98:e3:b7:99:24:45:d0:40:f5:6a:7a:aa:83:5e:
0e:03:7d:90:56:7f:0a:dd:9e:4b:3c:19:a7:cc:dc:
6b:c3:b8:ac:3f:35:14:e8:c9:c9:c7:ca:4f:e4:04:
1b:56:55:3d:c6:5c:37:47:4f:46:57:c7:7e:23:86:
d7:8d:e6:27:61:d8:16:03:84:e0:e6:86:aa:4b:2d:
f2:22:88:c4:cd:8f:f5:ba:81:31:77:7c:3d:66:3c:
87:f0:bb:bd:ad:8d:56:3e:7e:55:0c:36:b2:eb:ec:
b3:87:42:d2:ea:9a:ff:5b:4f:bb:6d:61:ca:ba:f0:
fc:2a:33:cb:49:aa:72:d3:cb:62:a4:83:4a:e3:e6:
a6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8B:E4:56:9D:05:0B:0B:A0:DF:68:8E:8F:BC:40:D1:DA:B3:BE:31
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/o4vkVp0FCwug32iOj7xA0dqzvjE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.12.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:f2:a0:75:94:21:f2:09:6b:3b:5f:42:cb:80:54:a3:83:c7:
92:43:ca:21:23:9e:cc:61:91:28:db:7e:f0:93:03:27:d4:63:
40:10:18:a6:1f:e6:11:96:ef:12:09:e4:11:2b:dc:0e:57:12:
bd:93:2e:92:58:de:57:cd:aa:43:86:c4:9c:c7:4e:32:d4:98:
bf:7d:b7:0d:19:d3:97:a7:6b:e2:fa:ea:ad:95:7c:36:85:53:
dd:8f:cd:0f:dc:57:b3:57:4e:9c:ce:ee:73:50:1c:14:9d:5e:
62:eb:62:3d:cc:4b:1a:a1:96:d2:46:b4:6d:f9:e9:d1:4e:20:
a4:bd:ba:1e:48:9c:ef:e3:dc:85:26:32:32:8c:66:ec:50:25:
96:db:ce:75:48:21:b6:b0:2d:f5:d6:15:88:b2:1a:1c:28:e1:
cf:2d:19:2f:f3:5e:d6:24:2a:9e:15:b5:cf:fe:01:83:9b:64:
29:94:41:4a:72:b1:57:ab:5e:5e:ad:cd:84:79:3a:00:1f:18:
c4:32:26:7c:28:18:72:a1:27:10:bd:9c:e2:05:de:37:7f:d6:
88:fe:b3:0c:c0:d2:4d:47:2b:03:65:5a:07:f6:58:7c:1a:13:
cc:ed:6a:ca:9f:f8:2a:eb:bc:6f:93:24:83:cf:02:4f:ec:5e:
dd:e9:d1:15
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFPowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjI2MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEzOEJFNDU2OUQwNTBC
MEJBMERGNjg4RThGQkM0MEQxREFCM0JFMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGGCQfjLCksRIh15uk3V7vb+2c1FRTaXqwpCokqB1q8b5Ggo8p
ShOOG2y1tkDUFQqgeUa9XkBJDl1bkTsPrdoXe9foK8KxNseXAYm5lFUfegqFcY70
0bFcjYfPUf3t5VN5cfOchf9aefocW9fRRcEOjvr4lZFt85eY47eZJEXQQPVqeqqD
Xg4DfZBWfwrdnks8GafM3GvDuKw/NRToycnHyk/kBBtWVT3GXDdHT0ZXx34jhteN
5idh2BYDhODmhqpLLfIiiMTNj/W6gTF3fD1mPIfwu72tjVY+flUMNrLr7LOHQtLq
mv9bT7ttYcq68PwqM8tJqnLTy2Kkg0rj5qY5AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUo4vkVp0FCwug32iOj7xA0dqzvjEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L280dmtWcDBGQ3d1ZzMy
aU9qN3hBMGRxenZqRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3QwwDQYJKoZIhvcNAQELBQADggEBAE3yoHWUIfIJaztfQsuAVKODx5JDyiEj
nsxhkSjbfvCTAyfUY0AQGKYf5hGW7xIJ5BEr3A5XEr2TLpJY3lfNqkOGxJzHTjLU
mL99tw0Z05ena+L66q2VfDaFU92PzQ/cV7NXTpzO7nNQHBSdXmLrYj3MSxqhltJG
tG356dFOIKS9uh5InO/j3IUmMjKMZuxQJZbbznVIIbawLfXWFYiyGhwo4c8tGS/z
XtYkKp4Vtc/+AYObZCmUQUpysVerXl6tzYR5OgAfGMQyJnwoGHKhJxC9nOIF3jd/
1oj+swzA0k1HKwNlWgf2WHwaE8ztasqf+CrrvG+TJIPPAk/sXt3p0RU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:07 2025 by rpki-client