Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/sCLd0PX5RMQ-lJbMXtm1-jzIuvE.roa
File: sCLd0PX5RMQ-lJbMXtm1-jzIuvE.roa (raw, json)
Hash identifier: EofVaVZ7pDXk5E0KPgMT/55GwPvgwq311dRS8riuvQU=
Subject key identifier: B0:22:DD:D0:F5:F9:44:C4:3E:94:96:CC:5E:D9:B5:FA:3C:C8:BA:F1
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 153F
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sCLd0PX5RMQ-lJbMXtm1-jzIuvE.roa
Signing time: Wed 11 Sep 2024 03:57:56 +0000
ROA not before: Wed 11 Sep 2024 03:57:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 103.220.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5439 (0x153f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 03:57:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B022DDD0F5F944C43E9496CC5ED9B5FA3CC8BAF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9b:a2:e9:e3:60:48:7d:44:74:9a:78:29:70:
c0:fc:48:90:30:71:8d:c5:f1:0c:26:ae:c6:a4:00:
30:7e:3c:58:bd:4f:3b:f2:14:b2:fb:97:f6:ae:6b:
06:df:96:8f:c2:5a:f8:d6:90:90:5e:1c:7a:06:84:
86:a4:f6:79:3b:ab:a2:55:05:a5:93:e0:a4:cb:cd:
45:a7:9b:ae:5e:14:84:87:ee:0b:3c:a9:c0:56:67:
08:2d:c0:db:9f:4f:87:8c:83:d1:b9:14:d2:af:51:
5f:73:5e:25:7e:ea:e1:f0:df:60:bc:57:42:04:a1:
72:04:d1:1a:dc:0c:99:2b:e0:e6:99:ab:de:22:81:
d2:fe:1f:77:60:df:88:72:59:c2:29:77:be:3d:ce:
95:08:35:e3:22:17:72:45:bf:9f:03:e3:49:52:56:
d1:8b:9b:a5:6f:05:41:21:5e:b6:b6:0d:94:a4:d4:
c6:73:f2:00:0b:b9:c2:05:06:14:6b:bc:de:21:3f:
43:bb:5f:12:aa:21:41:88:68:ee:44:cd:8f:db:59:
01:0d:b3:e1:e1:c9:df:c8:e7:bd:dd:d6:0f:f8:ef:
aa:10:96:a2:b6:ff:e8:51:3b:06:7f:5e:e9:08:0a:
7c:f4:24:92:99:74:24:56:f5:d4:78:f9:ce:0c:3e:
8b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:22:DD:D0:F5:F9:44:C4:3E:94:96:CC:5E:D9:B5:FA:3C:C8:BA:F1
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sCLd0PX5RMQ-lJbMXtm1-jzIuvE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.220.253.0/24
Signature Algorithm: sha256WithRSAEncryption
86:ea:0b:26:b3:ea:a8:c4:17:72:06:e4:3e:38:07:e7:b3:5d:
38:6a:d4:cb:c6:ab:cd:df:2e:64:2c:eb:76:01:04:35:8a:cd:
eb:4c:7c:7d:d6:eb:b5:a8:86:3b:51:a7:16:b5:03:65:7c:10:
b3:07:cb:a4:ab:19:bd:a6:e9:5b:61:9b:43:3e:2a:4d:f6:1f:
0d:52:e8:2d:11:58:31:9e:e6:17:2c:0a:73:b5:22:3d:e4:57:
44:f9:b8:1c:4b:f6:12:71:c2:8f:e5:03:1a:04:5e:4f:25:6a:
00:2e:2a:f1:fb:f9:86:4a:55:2d:04:76:05:26:28:9e:e0:85:
90:c2:da:62:26:13:1d:5d:3c:3f:ae:b9:23:e8:7f:00:ce:31:
f3:19:a6:1a:b7:4a:10:48:0d:c0:44:ec:13:28:a0:63:42:63:
69:cc:07:3a:41:fb:36:72:dd:4c:31:67:b8:47:c8:f6:bc:5d:
b4:95:68:4d:9f:a6:56:a2:a0:e3:c6:43:48:0d:cf:bf:be:98:
23:b5:1f:74:55:14:7a:10:1a:e8:38:40:30:1a:ea:0d:b8:52:
97:1f:44:a0:98:0c:32:8a:17:1d:da:60:72:e3:41:7d:92:b5:
1e:e0:d3:98:54:29:fa:00:b2:bd:8b:27:54:05:01:f6:c1:91:
ab:c0:b8:fb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFT8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MzU3NTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIwMjJEREQwRjVGOTQ0
QzQzRTk0OTZDQzVFRDlCNUZBM0NDOEJBRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLm6Lp42BIfUR0mngpcMD8SJAwcY3F8QwmrsakADB+PFi9Tzvy
FLL7l/auawbflo/CWvjWkJBeHHoGhIak9nk7q6JVBaWT4KTLzUWnm65eFISH7gs8
qcBWZwgtwNufT4eMg9G5FNKvUV9zXiV+6uHw32C8V0IEoXIE0RrcDJkr4OaZq94i
gdL+H3dg34hyWcIpd749zpUINeMiF3JFv58D40lSVtGLm6VvBUEhXra2DZSk1MZz
8gALucIFBhRrvN4hP0O7XxKqIUGIaO5EzY/bWQENs+Hhyd/I573d1g/476oQlqK2
/+hROwZ/XukICnz0JJKZdCRW9dR4+c4MPouFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsCLd0PX5RMQ+lJbMXtm1+jzIuvEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3NDTGQwUFg1Uk1RLWxK
Yk1YdG0xLWp6SXV2RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3P0wDQYJKoZIhvcNAQELBQADggEBAIbqCyaz6qjEF3IG5D44B+ezXThq1MvG
q83fLmQs63YBBDWKzetMfH3W67WohjtRpxa1A2V8ELMHy6SrGb2m6Vthm0M+Kk32
Hw1S6C0RWDGe5hcsCnO1Ij3kV0T5uBxL9hJxwo/lAxoEXk8lagAuKvH7+YZKVS0E
dgUmKJ7ghZDC2mImEx1dPD+uuSPofwDOMfMZphq3ShBIDcBE7BMooGNCY2nMBzpB
+zZy3UwxZ7hHyPa8XbSVaE2fplaioOPGQ0gNz7++mCO1H3RVFHoQGug4QDAa6g24
UpcfRKCYDDKKFx3aYHLjQX2StR7g05hUKfoAsr2LJ1QFAfbBkavAuPs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:33 2025 by rpki-client