Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/wPIXYFHOXUltZ5Yy8Gx-KUpt4Eo.roa
File: wPIXYFHOXUltZ5Yy8Gx-KUpt4Eo.roa (raw, json)
Hash identifier: +/LshZTAFjoRgDdSCsCtcKZ9M69tN2ah400pVZpD3N8=
Subject key identifier: C0:F2:17:60:51:CE:5D:49:6D:67:96:32:F0:6C:7E:29:4A:6D:E0:4A
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18DC
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/wPIXYFHOXUltZ5Yy8Gx-KUpt4Eo.roa
Signing time: Fri 17 Jan 2025 01:25:41 +0000
ROA not before: Fri 17 Jan 2025 01:25:41 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 103.221.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6364 (0x18dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:41 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=C0F2176051CE5D496D679632F06C7E294A6DE04A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:9a:0f:53:c9:6b:71:5f:bd:4c:76:c4:2b:67:
34:59:23:0a:b8:1f:88:d6:68:49:ba:b4:ce:33:69:
cc:52:49:17:47:e0:86:f5:4d:2b:96:85:e8:a7:ff:
92:8a:92:2e:b2:51:87:c4:80:91:f4:e9:ad:13:32:
e1:ed:ab:3a:3a:3a:a5:19:09:b1:eb:18:2c:d5:d6:
95:0a:dc:98:71:a0:7b:9e:f4:85:17:66:4f:c0:0a:
c2:0e:83:5a:90:df:9d:be:15:a0:bf:d5:0a:9d:f9:
c9:6e:44:42:42:8c:a8:d4:00:12:49:df:19:fc:de:
bd:b4:73:d4:9e:3a:5f:b4:40:b9:06:de:19:1b:51:
f5:8a:33:ff:a1:d3:6e:86:ee:bd:4d:34:c1:79:f2:
9a:e8:41:35:be:61:9b:72:54:46:18:39:09:16:7b:
79:66:2f:9a:1b:5f:89:61:21:9a:27:bd:7d:9c:18:
9d:ea:98:79:44:ed:1e:8d:d6:de:24:8a:cd:6c:b1:
57:aa:56:51:59:89:84:3a:09:b1:55:bd:f0:40:10:
b5:8a:92:6d:1b:77:d1:71:88:28:f5:45:c3:13:58:
ae:bd:9b:cb:bf:39:86:69:0b:5e:d1:ff:87:6e:f1:
54:2c:56:5a:a1:9e:2a:1d:3c:59:0a:c9:f6:c8:f3:
e2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F2:17:60:51:CE:5D:49:6D:67:96:32:F0:6C:7E:29:4A:6D:E0:4A
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/wPIXYFHOXUltZ5Yy8Gx-KUpt4Eo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.21.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:65:a2:5e:cc:6a:df:62:2b:e2:e1:63:70:0e:31:0a:46:8c:
a5:01:12:35:63:6b:78:98:d5:6a:38:77:e1:25:c7:07:62:76:
5a:ea:e7:23:9e:8b:c8:ec:b3:2c:f4:04:b7:e5:8d:b9:19:54:
86:7a:77:f1:0e:4c:ab:37:27:a8:30:ed:d9:06:70:d7:ef:a3:
32:11:48:4a:f0:91:95:08:12:4d:7d:10:19:7a:83:f7:10:5a:
8b:a7:eb:af:22:6d:16:4b:b8:b4:74:37:f6:40:86:f9:45:f7:
1b:7b:4d:23:ff:dd:6b:eb:a5:61:36:90:92:0a:bc:4d:03:40:
20:af:e3:47:38:5b:6c:3a:5f:2c:44:82:d0:e7:d6:77:32:1a:
68:14:be:8a:42:83:c4:7f:78:70:7f:cb:ab:06:79:79:93:4e:
7f:1f:5a:3c:44:bc:d7:fa:ca:c1:a2:aa:02:88:5f:6b:b5:bf:
e4:94:fb:25:bf:af:7b:a6:02:57:28:48:99:47:ff:8f:bc:25:
8c:6e:6b:59:f4:d1:a5:8b:56:be:44:f7:d1:e1:a5:8c:fa:93:
4c:ae:5e:43:60:8a:1c:ba:76:d3:89:56:bb:f5:3e:dd:33:d1:
6b:11:4f:f3:40:5b:5f:97:08:7f:69:ab:ad:d8:23:7a:c0:63:
ae:53:15:ec
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGNwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEMwRjIxNzYwNTFDRTVE
NDk2RDY3OTYzMkYwNkM3RTI5NEE2REUwNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD8mg9TyWtxX71MdsQrZzRZIwq4H4jWaEm6tM4zacxSSRdH4Ib1
TSuWhein/5KKki6yUYfEgJH06a0TMuHtqzo6OqUZCbHrGCzV1pUK3JhxoHue9IUX
Zk/ACsIOg1qQ352+FaC/1Qqd+cluREJCjKjUABJJ3xn83r20c9SeOl+0QLkG3hkb
UfWKM/+h026G7r1NNMF58proQTW+YZtyVEYYOQkWe3lmL5obX4lhIZonvX2cGJ3q
mHlE7R6N1t4kis1ssVeqVlFZiYQ6CbFVvfBAELWKkm0bd9FxiCj1RcMTWK69m8u/
OYZpC17R/4du8VQsVlqhniodPFkKyfbI8+KdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUwPIXYFHOXUltZ5Yy8Gx+KUpt4EowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3dQSVhZRkhPWFVsdFo1
WXk4R3gtS1VwdDRFby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RUwDQYJKoZIhvcNAQELBQADggEBAM9lol7Mat9iK+LhY3AOMQpGjKUBEjVj
a3iY1Wo4d+Elxwdidlrq5yOei8jssyz0BLfljbkZVIZ6d/EOTKs3J6gw7dkGcNfv
ozIRSErwkZUIEk19EBl6g/cQWoun668ibRZLuLR0N/ZAhvlF9xt7TSP/3WvrpWE2
kJIKvE0DQCCv40c4W2w6XyxEgtDn1ncyGmgUvopCg8R/eHB/y6sGeXmTTn8fWjxE
vNf6ysGiqgKIX2u1v+SU+yW/r3umAlcoSJlH/4+8JYxua1n00aWLVr5E99HhpYz6
k0yuXkNgihy6dtOJVrv1Pt0z0WsRT/NAW1+XCH9pq63YI3rAY65TFew=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:44 2025 by rpki-client