Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/rVFry1FAkigNg8dspSSzSXj6sU0.roa
File: rVFry1FAkigNg8dspSSzSXj6sU0.roa (raw, json)
Hash identifier: X1S/7zmtTElg7IFTSZccEMvRqIvc82My1fZQHvwIiAc=
Subject key identifier: AD:51:6B:CB:51:40:92:28:0D:83:C7:6C:A5:24:B3:49:78:FA:B1:4D
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1891
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rVFry1FAkigNg8dspSSzSXj6sU0.roa
Signing time: Fri 17 Jan 2025 01:25:16 +0000
ROA not before: Fri 17 Jan 2025 01:25:16 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 103.221.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6289 (0x1891)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:16 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=AD516BCB514092280D83C76CA524B34978FAB14D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4c:67:a2:40:19:8f:c2:10:a6:d4:a7:eb:0b:
0c:5e:48:32:ab:9f:20:41:b0:0f:32:ee:e3:21:db:
68:64:40:f4:05:e2:a7:9d:e6:ac:fa:91:e1:bc:e2:
ba:45:39:c7:1d:05:2a:3c:db:0e:f8:14:d2:1d:58:
1f:c9:8a:ed:1c:8c:3b:13:a1:cb:f7:33:d0:90:14:
97:67:75:8b:bf:1c:c3:d5:a9:92:05:c3:4a:60:63:
72:ec:a6:41:45:44:35:fd:6a:27:b0:2d:0d:6a:a6:
cc:9e:95:53:a5:c6:12:5a:74:c9:fd:26:46:ea:32:
51:9a:5f:b8:8d:ec:6e:a3:2c:03:5b:04:9c:93:67:
84:bd:7c:72:97:62:72:59:59:36:07:10:da:6f:1b:
62:44:cf:ee:6a:07:01:0f:ad:06:8a:eb:6e:a0:d2:
ee:6a:a9:04:24:ce:d6:a7:ac:7b:56:c3:94:ea:6a:
30:23:be:f0:bf:3d:f0:53:7b:29:54:05:5e:ae:64:
38:88:28:2a:d3:b9:89:39:e0:11:18:ac:de:b5:cd:
c8:b0:ad:7c:e8:e6:76:2f:bd:ca:d0:4b:7c:6d:e1:
fb:ce:27:86:4b:66:ee:8c:44:77:ab:d1:ea:68:92:
7b:71:2d:96:09:6f:0b:ef:cb:35:ea:a6:94:67:35:
8b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:51:6B:CB:51:40:92:28:0D:83:C7:6C:A5:24:B3:49:78:FA:B1:4D
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rVFry1FAkigNg8dspSSzSXj6sU0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.39.0/24
Signature Algorithm: sha256WithRSAEncryption
20:8c:b9:48:cf:d4:d5:03:4c:05:e0:ef:a4:30:e3:99:b0:0a:
19:bb:03:56:ef:81:73:9a:6f:e8:63:98:2d:5c:3d:2f:c0:16:
32:e4:f0:24:62:2a:eb:45:c6:05:94:9b:b9:a9:78:5b:e0:f0:
30:5f:5d:72:65:0a:0d:40:58:77:b2:11:27:57:b5:ab:14:9d:
27:ca:15:59:01:51:a3:78:95:83:7a:dd:68:9d:01:69:8c:7b:
7f:34:a8:40:35:b3:a3:51:68:44:78:ea:d4:3c:4a:60:2b:36:
a3:42:58:1e:d7:d1:26:e9:bf:b1:8a:5a:d5:dc:5e:67:e9:77:
2a:84:fc:df:51:a6:a4:38:be:15:64:14:e5:af:12:52:4b:1c:
35:94:4b:60:50:0d:f3:b8:5d:0e:45:05:cf:a9:a1:d2:83:7f:
8c:64:48:81:05:c1:eb:2b:6c:3f:b7:2b:f0:e3:ff:47:4e:ce:
43:06:b9:9b:62:a5:a4:27:1e:e4:42:02:5a:2f:ab:7f:47:2c:
ef:82:2c:51:78:de:63:67:67:d6:e3:ca:7a:73:91:12:fb:5d:
1d:02:0c:d8:38:e2:2d:bc:43:6c:f1:eb:2d:9a:40:f9:7c:de:
43:02:14:07:ac:8b:e0:6a:2d:b7:50:24:e0:0e:f0:64:3d:bb:
17:fe:77:68
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGJEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEFENTE2QkNCNTE0MDky
MjgwRDgzQzc2Q0E1MjRCMzQ5NzhGQUIxNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKTGeiQBmPwhCm1KfrCwxeSDKrnyBBsA8y7uMh22hkQPQF4qed
5qz6keG84rpFOccdBSo82w74FNIdWB/Jiu0cjDsTocv3M9CQFJdndYu/HMPVqZIF
w0pgY3LspkFFRDX9aiewLQ1qpsyelVOlxhJadMn9JkbqMlGaX7iN7G6jLANbBJyT
Z4S9fHKXYnJZWTYHENpvG2JEz+5qBwEPrQaK626g0u5qqQQkztanrHtWw5TqajAj
vvC/PfBTeylUBV6uZDiIKCrTuYk54BEYrN61zciwrXzo5nYvvcrQS3xt4fvOJ4ZL
Zu6MRHer0epokntxLZYJbwvvyzXqppRnNYs5AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUrVFry1FAkigNg8dspSSzSXj6sU0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3JWRnJ5MUZBa2lnTmc4
ZHNwU1N6U1hqNnNVMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3ScwDQYJKoZIhvcNAQELBQADggEBACCMuUjP1NUDTAXg76Qw45mwChm7A1bv
gXOab+hjmC1cPS/AFjLk8CRiKutFxgWUm7mpeFvg8DBfXXJlCg1AWHeyESdXtasU
nSfKFVkBUaN4lYN63WidAWmMe380qEA1s6NRaER46tQ8SmArNqNCWB7X0Sbpv7GK
WtXcXmfpdyqE/N9RpqQ4vhVkFOWvElJLHDWUS2BQDfO4XQ5FBc+podKDf4xkSIEF
wesrbD+3K/Dj/0dOzkMGuZtipaQnHuRCAlovq39HLO+CLFF43mNnZ9bjynpzkRL7
XR0CDNg44i28Q2zx6y2aQPl83kMCFAesi+BqLbdQJOAO8GQ9uxf+d2g=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:24 2025 by rpki-client