Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/qMZRgpH6Xbfi6wCR5q5J0nzzfow.roa
File: qMZRgpH6Xbfi6wCR5q5J0nzzfow.roa (raw, json)
Hash identifier: Oeik1nWhoy7h0gwXKDtX7T6DNaYSNZywzweBa2IlUxw=
Subject key identifier: A8:C6:51:82:91:FA:5D:B7:E2:EB:00:91:E6:AE:49:D2:7C:F3:7E:8C
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1519
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/qMZRgpH6Xbfi6wCR5q5J0nzzfow.roa
Signing time: Wed 11 Sep 2024 02:30:08 +0000
ROA not before: Wed 11 Sep 2024 02:30:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 13444
IP address blocks: 103.221.93.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5401 (0x1519)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:30:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A8C6518291FA5DB7E2EB0091E6AE49D27CF37E8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:de:b6:20:24:60:51:c2:e4:4a:13:c4:6b:16:
a9:aa:2f:06:5a:b8:6a:a7:ae:ff:0f:fb:5b:21:62:
87:5d:72:c8:1f:c8:af:ba:97:27:3f:4c:34:8c:e8:
25:1e:10:61:f9:5c:ed:b1:06:88:c3:0f:33:1b:dc:
c4:56:fa:a4:6d:0d:54:76:92:11:69:6a:5e:42:3e:
7f:af:6a:5f:8d:7a:c6:20:7e:b6:95:8f:99:c9:03:
06:2d:60:8c:6b:71:a5:dc:5d:a1:02:d2:5c:95:26:
4d:d2:80:3e:69:c8:75:f5:66:d8:cd:2d:33:8f:b7:
70:33:35:a3:99:d5:11:73:db:a7:03:ad:d7:f3:eb:
0f:10:3c:8f:79:0a:b8:cd:dc:18:e3:f0:22:94:dd:
5e:eb:84:b6:78:53:74:e9:68:8a:0d:9e:fb:cb:da:
4b:50:98:23:16:97:09:24:14:95:54:ed:dc:76:ce:
ce:56:d5:0a:e3:1a:7a:0b:c0:ae:c9:0b:a5:40:dd:
5d:5c:d5:04:d1:18:be:3a:35:7b:a0:dc:66:76:0b:
cd:b9:ed:d6:b3:32:35:e1:c7:24:ae:cf:3b:67:d2:
49:5a:62:fa:10:45:ae:a6:2f:80:71:a4:56:c7:e9:
2e:da:bd:df:8b:2b:1e:a4:8d:13:ce:4a:87:9b:42:
87:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C6:51:82:91:FA:5D:B7:E2:EB:00:91:E6:AE:49:D2:7C:F3:7E:8C
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/qMZRgpH6Xbfi6wCR5q5J0nzzfow.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.93.0/24
Signature Algorithm: sha256WithRSAEncryption
52:e0:71:5d:7d:85:10:91:55:a3:d4:90:3b:61:d6:5e:da:23:
6b:8d:36:80:84:a6:f6:a0:93:d4:31:85:97:44:43:31:4a:c1:
c2:44:31:b1:87:9d:46:22:bc:70:f0:3a:3c:34:16:ab:06:a2:
e7:07:47:72:72:39:0b:5f:7d:5e:b8:96:a0:24:5e:f2:91:27:
67:66:68:79:6b:8e:ae:76:2f:87:55:da:12:6b:7e:b3:29:e1:
95:6e:fd:e9:79:ef:74:23:63:b0:0a:69:d0:0f:c6:03:4a:4a:
65:87:4f:70:2d:1f:b7:23:01:bb:c7:0f:b1:78:d0:ce:45:a7:
6f:a8:54:ac:d6:bc:de:ee:25:79:7a:e7:31:59:ab:a8:4f:9c:
be:b9:1f:ed:e2:67:31:39:ba:fe:f2:59:60:28:c7:6c:f6:e9:
0e:82:60:8e:05:6b:eb:54:30:93:2a:30:08:5f:13:9d:c9:b7:
dc:7c:3e:33:d7:a3:f2:c7:61:da:1e:1e:1b:e4:4b:12:76:d0:
63:f2:ee:0c:c5:1d:61:6d:bb:6a:93:ef:fc:bd:64:44:1d:40:
9c:12:1d:ac:fe:82:20:1c:f7:09:3c:99:5a:8b:77:60:a7:1e:
90:d7:0f:1f:00:99:c6:e1:3e:70:09:68:86:85:42:b4:d0:60:
c2:3a:45:e7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFRkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjMwMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE4QzY1MTgyOTFGQTVE
QjdFMkVCMDA5MUU2QUU0OUQyN0NGMzdFOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDn3rYgJGBRwuRKE8RrFqmqLwZauGqnrv8P+1shYoddcsgfyK+6
lyc/TDSM6CUeEGH5XO2xBojDDzMb3MRW+qRtDVR2khFpal5CPn+val+NesYgfraV
j5nJAwYtYIxrcaXcXaEC0lyVJk3SgD5pyHX1ZtjNLTOPt3AzNaOZ1RFz26cDrdfz
6w8QPI95CrjN3Bjj8CKU3V7rhLZ4U3TpaIoNnvvL2ktQmCMWlwkkFJVU7dx2zs5W
1QrjGnoLwK7JC6VA3V1c1QTRGL46NXug3GZ2C8257dazMjXhxySuzztn0klaYvoQ
Ra6mL4BxpFbH6S7avd+LKx6kjRPOSoebQofzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUqMZRgpH6Xbfi6wCR5q5J0nzzfowwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3FNWlJncEg2WGJmaTZ3
Q1I1cTVKMG56emZvdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3V0wDQYJKoZIhvcNAQELBQADggEBAFLgcV19hRCRVaPUkDth1l7aI2uNNoCE
pvagk9QxhZdEQzFKwcJEMbGHnUYivHDwOjw0FqsGoucHR3JyOQtffV64lqAkXvKR
J2dmaHlrjq52L4dV2hJrfrMp4ZVu/el573QjY7AKadAPxgNKSmWHT3AtH7cjAbvH
D7F40M5Fp2+oVKzWvN7uJXl65zFZq6hPnL65H+3iZzE5uv7yWWAox2z26Q6CYI4F
a+tUMJMqMAhfE53Jt9x8PjPXo/LHYdoeHhvkSxJ20GPy7gzFHWFtu2qT7/y9ZEQd
QJwSHaz+giAc9wk8mVqLd2CnHpDXDx8AmcbhPnAJaIaFQrTQYMI6Rec=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:12 2025 by rpki-client