Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/rFDgvkz0otGv8MYjjT9jwe5VfLc.roa
File: rFDgvkz0otGv8MYjjT9jwe5VfLc.roa (raw, json)
Hash identifier: h2Np9JMWJTz8tATsOlOVQp0HIf4sIA5g2/MZv2Jdjpg=
Subject key identifier: AC:50:E0:BE:4C:F4:A2:D1:AF:F0:C6:23:8D:3F:63:C1:EE:55:7C:B7
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1837
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rFDgvkz0otGv8MYjjT9jwe5VfLc.roa
Signing time: Fri 17 Jan 2025 01:24:45 +0000
ROA not before: Fri 17 Jan 2025 01:24:45 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 103.221.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6199 (0x1837)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:45 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=AC50E0BE4CF4A2D1AFF0C6238D3F63C1EE557CB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:87:73:de:77:58:96:17:85:5b:c5:29:8e:52:
20:d2:ec:eb:56:1f:81:ce:3c:0b:3b:4a:0f:c1:b7:
2f:35:d7:6b:6c:15:a2:ca:0a:e8:0e:24:43:54:d7:
3f:cc:9e:50:28:15:f3:6f:dc:fb:74:30:96:5e:cb:
69:e1:2e:13:3e:70:73:65:36:28:e9:a3:07:c8:dd:
50:35:4f:ff:51:e4:a7:67:8b:2e:32:6f:b2:d2:2c:
09:f6:ff:87:fe:fb:2d:07:39:74:3b:50:64:16:9b:
6f:5b:fc:57:79:ba:89:4d:7a:aa:d9:42:9b:73:a1:
b9:6c:94:d5:a3:6f:0f:ff:1e:f1:de:59:3e:96:35:
17:6b:45:b9:8b:42:d6:7b:ac:da:d1:c5:75:22:1e:
3c:b4:8d:a5:4d:0d:a6:aa:1f:ad:17:dd:c6:68:45:
cd:ab:17:32:66:bd:66:bf:6c:e7:9f:58:ea:fe:7f:
52:e5:3c:26:f8:5a:79:40:60:e3:0c:a8:4a:66:eb:
3f:c2:f3:4b:7c:77:80:b9:16:cc:50:14:e8:4f:45:
2c:09:74:44:20:f7:b5:0d:50:8d:b6:d1:2d:87:8d:
d3:94:28:3e:20:96:19:0b:63:ed:af:a6:99:9c:0c:
e6:a8:38:21:ff:0d:64:f1:d9:8d:80:6d:a4:f2:b1:
db:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:50:E0:BE:4C:F4:A2:D1:AF:F0:C6:23:8D:3F:63:C1:EE:55:7C:B7
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rFDgvkz0otGv8MYjjT9jwe5VfLc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.20.0/24
Signature Algorithm: sha256WithRSAEncryption
27:85:e2:6f:72:3b:01:23:03:c5:4e:aa:a3:6a:a8:2c:59:87:
af:3b:2b:b9:08:04:b7:59:ca:3a:51:76:68:5b:66:16:43:d1:
f2:9a:11:3d:58:ab:96:28:15:60:b0:0a:32:4b:76:84:74:e4:
f0:b4:79:a3:b1:cb:57:12:09:c3:b9:f5:b7:53:04:99:92:f2:
98:d1:8e:97:da:c8:90:09:12:d3:fe:72:8a:28:b2:e0:a8:ab:
e6:03:dd:bf:38:83:f7:0a:fd:87:94:0b:c2:fb:35:c7:ff:70:
7f:4c:47:fd:73:8d:86:6a:64:ed:28:89:75:06:fa:be:46:fe:
a9:0a:7c:39:6b:ed:50:e7:ac:10:6f:ed:ec:23:f8:61:b3:15:
82:a1:ee:f7:1f:e5:b4:41:f0:13:bc:61:42:71:09:7e:eb:f5:
f7:3a:b7:4c:40:1e:76:7f:37:72:71:28:0e:ed:85:a8:25:cc:
01:93:f0:f2:d3:22:03:d6:cb:2a:2b:54:46:55:5f:31:1e:76:
4a:d8:4e:9c:90:86:f8:5f:e6:ce:7e:8c:83:d7:a0:f8:ba:8a:
02:ca:93:fa:e0:e9:f5:77:1c:30:22:dd:b2:d2:4d:3a:cd:cf:
f9:d1:35:62:fb:37:a7:58:31:40:26:a7:f5:3c:11:b0:d2:b1:
8e:d6:20:11
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGDcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0NDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEFDNTBFMEJFNENGNEEy
RDFBRkYwQzYyMzhEM0Y2M0MxRUU1NTdDQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEh3Ped1iWF4VbxSmOUiDS7OtWH4HOPAs7Sg/Bty8112tsFaLK
CugOJENU1z/MnlAoFfNv3Pt0MJZey2nhLhM+cHNlNijpowfI3VA1T/9R5Kdniy4y
b7LSLAn2/4f++y0HOXQ7UGQWm29b/Fd5uolNeqrZQptzoblslNWjbw//HvHeWT6W
NRdrRbmLQtZ7rNrRxXUiHjy0jaVNDaaqH60X3cZoRc2rFzJmvWa/bOefWOr+f1Ll
PCb4WnlAYOMMqEpm6z/C80t8d4C5FsxQFOhPRSwJdEQg97UNUI220S2HjdOUKD4g
lhkLY+2vppmcDOaoOCH/DWTx2Y2AbaTysdtdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUrFDgvkz0otGv8MYjjT9jwe5VfLcwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3JGRGd2a3owb3RHdjhN
WWpqVDlqd2U1VmZMYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RQwDQYJKoZIhvcNAQELBQADggEBACeF4m9yOwEjA8VOqqNqqCxZh687K7kI
BLdZyjpRdmhbZhZD0fKaET1Yq5YoFWCwCjJLdoR05PC0eaOxy1cSCcO59bdTBJmS
8pjRjpfayJAJEtP+cooosuCoq+YD3b84g/cK/YeUC8L7Ncf/cH9MR/1zjYZqZO0o
iXUG+r5G/qkKfDlr7VDnrBBv7ewj+GGzFYKh7vcf5bRB8BO8YUJxCX7r9fc6t0xA
HnZ/N3JxKA7thaglzAGT8PLTIgPWyyorVEZVXzEedkrYTpyQhvhf5s5+jIPXoPi6
igLKk/rg6fV3HDAi3bLSTTrNz/nRNWL7N6dYMUAmp/U8EbDSsY7WIBE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:18 2025 by rpki-client