Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/qOqsMq7A99SkWOIUVsOPXWz3Axw.roa
File: qOqsMq7A99SkWOIUVsOPXWz3Axw.roa (raw, json)
Hash identifier: jivUsO/Snz5tuXOTvfBmyLAt9rNNlCd0XEA/h7MBShA=
Subject key identifier: A8:EA:AC:32:AE:C0:F7:D4:A4:58:E2:14:56:C3:8F:5D:6C:F7:03:1C
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1522
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/qOqsMq7A99SkWOIUVsOPXWz3Axw.roa
Signing time: Wed 11 Sep 2024 02:30:11 +0000
ROA not before: Wed 11 Sep 2024 02:30:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 13444
IP address blocks: 103.6.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5410 (0x1522)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:30:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A8EAAC32AEC0F7D4A458E21456C38F5D6CF7031C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:28:da:0d:a1:f4:fa:0f:0f:9e:c0:1b:41:31:
a8:c0:e8:3d:d3:99:eb:c5:9f:23:82:93:06:5d:e5:
86:c8:33:b2:f8:40:cc:ab:55:f6:2a:b9:66:e0:5b:
95:f4:17:d1:6f:c8:07:00:d8:b5:da:16:ab:1b:32:
de:67:dc:9e:a1:c7:3a:83:62:53:d1:b8:bd:24:ae:
0d:9d:29:b8:e2:ba:ae:08:da:b9:ba:95:c9:7a:2f:
ae:2f:0b:10:b5:40:cb:66:0c:77:87:5c:01:25:36:
47:20:e3:c5:11:1e:5c:fd:24:96:f1:ef:be:fc:89:
35:e3:0d:be:4d:62:ba:2c:0e:05:34:8f:9f:e1:1d:
78:71:78:8d:fa:24:39:cb:81:36:d9:69:d5:b8:96:
bf:30:e8:ee:de:65:8b:70:b7:49:8f:c3:a1:aa:dc:
15:02:23:fd:9a:aa:c7:f0:36:42:dc:5e:e0:65:d0:
92:84:e6:81:4c:5f:3f:8e:51:ee:72:b6:11:58:ba:
59:52:bf:17:64:40:c9:b2:b1:31:37:eb:e0:45:09:
ef:b0:6b:8d:ab:93:26:7d:a9:da:18:f6:47:9c:f4:
f4:ba:9f:2f:a9:66:a7:ea:aa:23:44:b5:77:f8:fe:
e9:f8:cf:27:76:24:6b:27:17:9f:3f:d1:eb:e6:24:
b1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:EA:AC:32:AE:C0:F7:D4:A4:58:E2:14:56:C3:8F:5D:6C:F7:03:1C
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/qOqsMq7A99SkWOIUVsOPXWz3Axw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.6.109.0/24
Signature Algorithm: sha256WithRSAEncryption
22:1b:7e:74:65:13:85:0a:6a:36:c7:50:6f:62:04:27:7f:b4:
44:b8:f5:51:92:f0:05:47:4e:45:b7:e4:39:1a:0c:e3:6b:07:
86:5f:44:be:bc:8c:e0:bf:c2:46:3e:70:4b:e5:63:95:41:28:
4b:8f:03:c8:09:db:66:e5:3c:26:bb:d2:17:08:6b:f8:84:4a:
e8:65:1d:d7:2f:5d:87:59:24:8c:b9:c1:05:37:38:23:27:e2:
c5:ae:be:e6:1f:74:2a:f2:60:a8:82:c8:60:b2:79:bd:c3:e1:
40:fe:dc:1c:9d:e5:e9:42:48:eb:21:9f:de:87:37:f1:ba:44:
ee:ca:93:83:59:99:2f:39:f9:62:4f:c1:c0:2f:4e:a7:bd:56:
58:ba:07:e9:32:f6:e2:d0:21:6c:c9:99:9f:19:d3:19:b6:46:
36:18:3e:36:08:03:6f:f6:a2:75:f8:a8:db:e0:3a:12:45:02:
b8:42:97:a6:b6:e6:91:17:a6:4c:04:b7:f2:11:bf:27:13:7d:
32:9e:22:8a:d4:e4:ae:e5:fe:7e:67:f9:bc:3e:9b:48:5a:7c:
9d:59:f8:81:a7:b5:6e:01:cd:3e:8b:07:0f:38:a2:1f:71:db:
af:3b:ca:df:ed:5d:53:7a:e8:9d:77:e3:3a:2e:cf:74:49:a0:
d3:bc:14:06
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFSIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjMwMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE4RUFBQzMyQUVDMEY3
RDRBNDU4RTIxNDU2QzM4RjVENkNGNzAzMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWKNoNofT6Dw+ewBtBMajA6D3TmevFnyOCkwZd5YbIM7L4QMyr
VfYquWbgW5X0F9FvyAcA2LXaFqsbMt5n3J6hxzqDYlPRuL0krg2dKbjiuq4I2rm6
lcl6L64vCxC1QMtmDHeHXAElNkcg48URHlz9JJbx7778iTXjDb5NYrosDgU0j5/h
HXhxeI36JDnLgTbZadW4lr8w6O7eZYtwt0mPw6Gq3BUCI/2aqsfwNkLcXuBl0JKE
5oFMXz+OUe5ythFYullSvxdkQMmysTE36+BFCe+wa42rkyZ9qdoY9kec9PS6ny+p
ZqfqqiNEtXf4/un4zyd2JGsnF58/0evmJLFBAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUqOqsMq7A99SkWOIUVsOPXWz3AxwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3FPcXNNcTdBOTlTa1dP
SVVWc09QWFd6M0F4dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnBm0wDQYJKoZIhvcNAQELBQADggEBACIbfnRlE4UKajbHUG9iBCd/tES49VGS
8AVHTkW35DkaDONrB4ZfRL68jOC/wkY+cEvlY5VBKEuPA8gJ22blPCa70hcIa/iE
SuhlHdcvXYdZJIy5wQU3OCMn4sWuvuYfdCryYKiCyGCyeb3D4UD+3Byd5elCSOsh
n96HN/G6RO7Kk4NZmS85+WJPwcAvTqe9Vli6B+ky9uLQIWzJmZ8Z0xm2RjYYPjYI
A2/2onX4qNvgOhJFArhCl6a25pEXpkwEt/IRvycTfTKeIorU5K7l/n5n+bw+m0ha
fJ1Z+IGntW4BzT6LBw84oh9x2687yt/tXVN66J134zouz3RJoNO8FAY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:19:54 2025 by rpki-client