Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/pTwNLHEm_6ZuDdOFC0QaZKSnxuY.roa
File: pTwNLHEm_6ZuDdOFC0QaZKSnxuY.roa (raw, json)
Hash identifier: R9p4PMRUDjfMaQD9dzUgZeSy6VZmFDxY67HG0STpW9M=
Subject key identifier: A5:3C:0D:2C:71:26:FF:A6:6E:0D:D3:85:0B:44:1A:64:A4:A7:C6:E6
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1839
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/pTwNLHEm_6ZuDdOFC0QaZKSnxuY.roa
Signing time: Fri 17 Jan 2025 01:24:46 +0000
ROA not before: Fri 17 Jan 2025 01:24:46 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 138527
IP address blocks: 103.198.240.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6201 (0x1839)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:46 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=A53C0D2C7126FFA66E0DD3850B441A64A4A7C6E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f5:19:d2:3c:74:7d:29:a9:7a:2d:59:2f:c3:
05:ad:3f:1a:3c:3f:8c:b2:22:86:f3:f3:bb:95:c4:
85:2b:e3:83:46:dd:46:4a:f4:9d:73:f0:af:fb:5a:
ff:f9:16:fe:20:92:d3:b2:e7:9b:0a:9a:01:ed:1e:
28:58:4a:75:4e:d2:7f:69:a6:4c:87:41:62:1a:b4:
be:43:1d:76:cc:ff:68:77:45:11:fa:98:df:35:f0:
f8:e2:20:a3:ad:eb:df:85:70:ec:94:1b:98:4e:05:
8f:c5:48:9b:b0:4c:a1:32:43:33:66:49:28:4b:b5:
4c:48:26:cc:e0:bd:06:63:fc:e6:8a:83:29:f0:21:
9e:bb:97:a0:ce:94:18:69:0a:05:ce:ad:08:28:97:
43:50:86:1e:07:eb:f3:88:a2:02:55:bc:f8:da:ad:
15:a1:08:f2:e9:1c:a6:ba:95:a4:a5:07:0b:b6:1b:
bf:41:70:41:6d:04:a8:61:45:16:e2:e7:9f:0e:a1:
8f:ca:c8:0a:6b:4c:65:0a:1a:76:16:df:d9:c7:87:
e2:47:34:7e:a0:94:47:40:56:7b:d8:67:b9:a8:09:
46:61:b0:8d:fb:97:97:9c:94:72:98:3b:47:9f:16:
9b:b3:b4:e7:e8:16:c9:e8:f9:59:23:5b:6f:dc:b8:
83:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:3C:0D:2C:71:26:FF:A6:6E:0D:D3:85:0B:44:1A:64:A4:A7:C6:E6
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/pTwNLHEm_6ZuDdOFC0QaZKSnxuY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.198.240.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:19:f1:f6:51:51:39:9f:a4:aa:34:0f:86:06:76:be:35:89:
d3:cb:3a:e5:98:20:4e:91:6f:b7:c3:0e:77:04:b0:d0:1a:84:
87:1f:88:22:28:92:7b:8f:fe:27:36:a6:c0:b3:6a:f0:7c:e1:
44:cf:85:51:f3:74:12:1e:11:53:39:ab:40:f1:92:a2:85:b4:
e7:5d:f2:02:73:4c:46:e8:40:ad:80:23:24:08:1e:c1:32:77:
9c:d3:14:07:a7:1b:4e:33:d7:1d:6f:ba:3f:cc:5a:82:dd:03:
35:36:ff:60:08:46:19:a6:84:ad:04:5f:be:bd:28:f3:15:28:
b5:a7:6d:0f:77:1d:4c:aa:10:03:61:85:78:4a:37:ec:e5:e5:
3f:18:0e:c8:4f:b5:00:95:7b:d6:54:8a:96:5d:a5:2e:1d:1d:
47:ed:04:ef:90:32:0a:e3:b7:ff:6e:0b:5b:a3:51:9a:d7:4d:
9c:8b:f2:bd:f3:1a:bd:65:22:a9:78:53:52:2e:01:f4:a3:84:
cc:4f:70:e3:73:dc:a9:39:be:76:11:e5:12:55:39:23:8e:29:
15:e8:4c:a5:d0:a8:23:c3:54:fb:72:81:b9:a3:bd:0a:0d:50:
28:fe:da:cb:47:cc:25:ed:d8:7f:de:59:97:e2:34:a5:5a:13:
9a:f3:42:97
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGDkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0NDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEE1M0MwRDJDNzEyNkZG
QTY2RTBERDM4NTBCNDQxQTY0QTRBN0M2RTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDM9RnSPHR9Kal6LVkvwwWtPxo8P4yyIobz87uVxIUr44NG3UZK
9J1z8K/7Wv/5Fv4gktOy55sKmgHtHihYSnVO0n9ppkyHQWIatL5DHXbM/2h3RRH6
mN818PjiIKOt69+FcOyUG5hOBY/FSJuwTKEyQzNmSShLtUxIJszgvQZj/OaKgynw
IZ67l6DOlBhpCgXOrQgol0NQhh4H6/OIogJVvPjarRWhCPLpHKa6laSlBwu2G79B
cEFtBKhhRRbi558OoY/KyAprTGUKGnYW39nHh+JHNH6glEdAVnvYZ7moCUZhsI37
l5eclHKYO0efFpuztOfoFsno+VkjW2/cuIOdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUpTwNLHEm/6ZuDdOFC0QaZKSnxuYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3BUd05MSEVtXzZadURk
T0ZDMFFhWktTbnh1WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJnxvAwDQYJKoZIhvcNAQELBQADggEBACoZ8fZRUTmfpKo0D4YGdr41idPLOuWY
IE6Rb7fDDncEsNAahIcfiCIoknuP/ic2psCzavB84UTPhVHzdBIeEVM5q0DxkqKF
tOdd8gJzTEboQK2AIyQIHsEyd5zTFAenG04z1x1vuj/MWoLdAzU2/2AIRhmmhK0E
X769KPMVKLWnbQ93HUyqEANhhXhKN+zl5T8YDshPtQCVe9ZUipZdpS4dHUftBO+Q
Mgrjt/9uC1ujUZrXTZyL8r3zGr1lIql4U1IuAfSjhMxPcONz3Kk5vnYR5RJVOSOO
KRXoTKXQqCPDVPtygbmjvQoNUCj+2stHzCXt2H/eWZfiNKVaE5rzQpc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:44:57 2025 by rpki-client