Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/t3VMMQcr8T5EleRaz6X4LloN1cs.roa
File: t3VMMQcr8T5EleRaz6X4LloN1cs.roa (raw, json)
Hash identifier: fKvrIdjBFutMx1nl+/OYpBDw6mTqtuUqel5d1YZWmaI=
Subject key identifier: B7:75:4C:31:07:2B:F1:3E:44:95:E4:5A:CF:A5:F8:2E:5A:0D:D5:CB
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1517
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/t3VMMQcr8T5EleRaz6X4LloN1cs.roa
Signing time: Wed 11 Sep 2024 02:30:07 +0000
ROA not before: Wed 11 Sep 2024 02:30:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 13444
IP address blocks: 103.221.40.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5399 (0x1517)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:30:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B7754C31072BF13E4495E45ACFA5F82E5A0DD5CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c9:51:b6:4e:eb:c1:99:f2:9a:e5:83:cb:87:
3e:f6:d8:62:b1:ca:44:c3:16:06:46:c7:bd:dd:83:
ff:af:aa:b1:af:52:86:31:1b:8a:d1:c3:82:a6:71:
3f:f2:61:1b:33:91:4e:2e:2a:12:b0:55:e9:8d:23:
c7:e4:a8:e6:32:14:6f:73:06:00:4c:56:a8:5d:f2:
74:f7:bf:db:fe:ab:7b:b3:91:e9:8f:78:14:1f:9b:
db:de:7d:c2:8f:67:71:3c:65:4c:14:92:e3:6b:4c:
2e:99:ab:63:bc:e2:78:df:b3:61:53:43:bf:b2:d1:
05:94:86:26:0b:a8:cf:4c:18:fb:20:96:ea:d3:23:
1d:ba:e4:c7:9a:bb:8f:90:03:09:dc:8f:cc:72:9a:
92:fc:4c:ad:e4:2a:d2:57:be:c5:ba:ad:b2:99:ee:
6a:d3:e4:77:fa:3b:1f:36:fd:ea:c7:31:ac:68:d8:
2d:a9:b0:0e:36:10:99:fe:fd:66:1e:63:36:36:d7:
c6:d2:b4:81:8f:50:70:43:fc:5e:30:23:af:25:37:
f8:ed:92:0b:7e:bb:e4:f8:fa:f9:ef:07:4d:64:75:
a5:40:a6:2c:5a:ba:ba:54:8d:2b:35:5a:f0:55:d5:
af:3a:cb:c2:4a:06:b3:69:8c:ba:b5:cb:9c:6b:c6:
21:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:75:4C:31:07:2B:F1:3E:44:95:E4:5A:CF:A5:F8:2E:5A:0D:D5:CB
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/t3VMMQcr8T5EleRaz6X4LloN1cs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.40.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:ff:92:30:87:d5:39:77:ce:ec:b5:d8:50:6b:e4:c4:87:9f:
9a:35:2c:54:ce:47:11:20:51:b6:af:e5:58:4f:15:f1:ab:9d:
a0:03:9e:6d:60:d7:16:b5:e9:e9:cc:eb:4f:c4:3a:d7:0f:ea:
66:71:c9:b2:37:21:cf:43:62:f0:26:77:94:f9:f4:0f:fa:9a:
4e:23:35:4e:90:f0:db:96:8b:01:6b:74:15:97:93:ed:c6:97:
94:73:c6:d3:9a:18:b5:6f:6c:27:29:8a:8d:1b:7e:0f:93:cf:
98:92:19:09:dc:04:d5:27:d6:f2:f0:74:c4:b2:0b:0a:81:27:
4f:6a:11:01:32:66:5f:a5:28:8f:b0:1f:a7:2b:2e:13:f2:1d:
ab:fa:49:18:8b:92:50:df:32:32:c2:92:ab:14:0f:bb:da:13:
79:96:d3:f2:55:2f:c3:2b:ae:be:0f:d9:e7:bb:0b:3c:4f:12:
70:eb:3b:2d:8c:99:8a:f9:41:65:aa:77:70:04:67:73:d8:da:
ba:2b:66:14:e4:61:d0:ba:01:d9:d4:32:8e:f3:d1:da:3a:fb:
e7:7b:33:d2:de:53:98:ea:0e:b5:65:b5:9f:da:39:21:df:d4:
26:2b:59:9f:65:83:e9:36:21:6f:d8:b5:f9:7e:02:0c:eb:7b:
17:ff:31:14
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFRcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjMwMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI3NzU0QzMxMDcyQkYx
M0U0NDk1RTQ1QUNGQTVGODJFNUEwREQ1Q0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/yVG2TuvBmfKa5YPLhz722GKxykTDFgZGx73dg/+vqrGvUoYx
G4rRw4KmcT/yYRszkU4uKhKwVemNI8fkqOYyFG9zBgBMVqhd8nT3v9v+q3uzkemP
eBQfm9vefcKPZ3E8ZUwUkuNrTC6Zq2O84njfs2FTQ7+y0QWUhiYLqM9MGPsglurT
Ix265Meau4+QAwncj8xympL8TK3kKtJXvsW6rbKZ7mrT5Hf6Ox82/erHMaxo2C2p
sA42EJn+/WYeYzY218bStIGPUHBD/F4wI68lN/jtkgt+u+T4+vnvB01kdaVApixa
urpUjSs1WvBV1a86y8JKBrNpjLq1y5xrxiHhAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUt3VMMQcr8T5EleRaz6X4LloN1cswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3QzVk1NUWNyOFQ1RWxl
UmF6Nlg0TGxvTjFjcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3SgwDQYJKoZIhvcNAQELBQADggEBAGr/kjCH1Tl3zuy12FBr5MSHn5o1LFTO
RxEgUbav5VhPFfGrnaADnm1g1xa16enM60/EOtcP6mZxybI3Ic9DYvAmd5T59A/6
mk4jNU6Q8NuWiwFrdBWXk+3Gl5RzxtOaGLVvbCcpio0bfg+Tz5iSGQncBNUn1vLw
dMSyCwqBJ09qEQEyZl+lKI+wH6crLhPyHav6SRiLklDfMjLCkqsUD7vaE3mW0/JV
L8Mrrr4P2ee7CzxPEnDrOy2MmYr5QWWqd3AEZ3PY2rorZhTkYdC6AdnUMo7z0do6
++d7M9LeU5jqDrVltZ/aOSHf1CYrWZ9lg+k2IW/Ytfl+Agzrexf/MRQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:24:28 2025 by rpki-client