Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/XapeRciUuP7wwILnRGKGpIkjs2Y.roa
File: XapeRciUuP7wwILnRGKGpIkjs2Y.roa (raw, json)
Hash identifier: vm1wJng1pX3nZJI+PFMyYwiNCRnUOuP8GSyb95x0zuo=
Subject key identifier: 5D:AA:5E:45:C8:94:B8:FE:F0:C0:82:E7:44:62:86:A4:89:23:B3:66
Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94
Certificate serial: 1D98
Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/XapeRciUuP7wwILnRGKGpIkjs2Y.roa
Signing time: Fri 28 Feb 2025 05:53:29 +0000
ROA not before: Fri 28 Feb 2025 05:53:29 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4134
IP address blocks: 103.203.100.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7576 (0x1d98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94
Validity
Not Before: Feb 28 05:53:29 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=5DAA5E45C894B8FEF0C082E7446286A48923B366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:92:79:24:cf:47:64:f0:e5:b2:fc:de:89:5a:
1f:09:ba:bf:13:70:33:bb:fe:41:ac:77:3b:c3:e8:
b7:6e:46:2d:57:3d:bc:e7:24:6e:a6:c9:41:1e:4f:
17:b9:05:f0:ba:5c:d8:06:25:b7:b9:7d:84:1e:a5:
e9:77:27:75:53:bc:85:52:24:78:ea:44:fe:0a:b4:
f6:e9:3d:a4:c9:0f:0d:87:e9:7c:c2:f5:07:5c:04:
f8:51:55:3c:dc:ce:48:52:2c:d7:ff:78:a1:38:2f:
e9:16:90:59:d1:ea:39:ed:4f:f5:35:de:8f:28:88:
34:d8:08:c9:fb:38:a6:8a:af:3e:3a:0f:93:ce:54:
36:ff:11:50:72:b8:eb:d2:ea:9c:89:c1:20:87:ca:
22:58:23:d1:a6:86:95:db:bf:39:8d:80:a7:d3:1e:
0e:55:52:43:08:d7:e5:bd:0a:5f:03:4d:e6:43:71:
7d:78:59:8b:e4:e3:aa:58:08:73:f5:a6:a8:10:78:
7e:99:94:c6:1b:4a:f9:47:d4:ac:79:f5:e4:14:26:
31:d0:36:bb:ad:07:db:dc:4c:3a:ef:8b:67:a8:d9:
dc:35:bd:ec:6e:76:b6:83:a5:66:b7:c5:4f:7d:72:
45:21:ad:a5:8d:5b:50:c5:71:2c:df:b2:dc:20:4d:
0a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:AA:5E:45:C8:94:B8:FE:F0:C0:82:E7:44:62:86:A4:89:23:B3:66
X509v3 Authority Key Identifier:
keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/XapeRciUuP7wwILnRGKGpIkjs2Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.100.0/22
Signature Algorithm: sha256WithRSAEncryption
49:86:6e:a1:e6:b9:62:f5:dc:3e:33:7d:71:7c:dd:e1:4e:c3:
5b:53:d0:c8:6f:08:20:8a:b9:8b:ba:83:d8:9c:07:ed:44:6a:
7f:69:dc:2b:4a:63:ef:47:c8:c3:d5:f1:a4:46:f6:54:49:e5:
58:74:28:74:61:0a:8e:a7:bb:f2:7d:da:6b:d8:ee:c1:0c:60:
c3:39:af:64:51:5d:09:22:6c:e9:d6:9c:94:6f:46:63:49:dd:
42:de:36:34:36:81:4b:f8:dc:66:61:3e:7a:97:c3:ca:1d:7a:
e0:b7:2c:0d:6c:2d:94:1f:58:d7:17:32:d1:bf:a7:0e:da:60:
5f:a8:b8:14:2f:6f:78:c4:93:51:30:9a:6a:28:99:36:32:cf:
1b:6c:eb:40:ef:98:09:9c:0d:a3:d7:7e:ac:83:05:8b:9c:4a:
6b:58:53:aa:bc:40:c6:6e:25:c9:61:6e:ca:1e:96:6a:a7:77:
08:f0:88:4c:9f:bd:a5:c9:f4:74:29:9b:2c:a2:8c:c9:1f:ab:
00:d8:52:c6:38:44:39:0a:d2:d4:23:22:e5:e4:c9:aa:18:8a:
25:58:1c:25:ff:2d:b1:d8:6a:67:1a:88:88:43:50:24:cb:dd:
b2:0c:46:cb:fb:63:88:71:3f:a0:4e:be:21:c4:e1:b5:bf:cb:
e9:11:a7:79
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHZgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4
M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNTAyMjgw
NTUzMjlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDVEQUE1RTQ1Qzg5NEI4
RkVGMEMwODJFNzQ0NjI4NkE0ODkyM0IzNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnknkkz0dk8OWy/N6JWh8Jur8TcDO7/kGsdzvD6LduRi1XPbzn
JG6myUEeTxe5BfC6XNgGJbe5fYQepel3J3VTvIVSJHjqRP4KtPbpPaTJDw2H6XzC
9QdcBPhRVTzczkhSLNf/eKE4L+kWkFnR6jntT/U13o8oiDTYCMn7OKaKrz46D5PO
VDb/EVByuOvS6pyJwSCHyiJYI9GmhpXbvzmNgKfTHg5VUkMI1+W9Cl8DTeZDcX14
WYvk46pYCHP1pqgQeH6ZlMYbSvlH1Kx59eQUJjHQNrutB9vcTDrvi2eo2dw1vexu
draDpWa3xU99ckUhraWNW1DFcSzfstwgTQrTAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUXapeRciUuP7wwILnRGKGpIkjs2YwHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt
eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz
L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL1hhcGVSY2lVdVA3d3dJ
TG5SR0tHcElranMyWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJny2QwDQYJKoZIhvcNAQELBQADggEBAEmGbqHmuWL13D4zfXF83eFOw1tT0Mhv
CCCKuYu6g9icB+1Ean9p3CtKY+9HyMPV8aRG9lRJ5Vh0KHRhCo6nu/J92mvY7sEM
YMM5r2RRXQkibOnWnJRvRmNJ3ULeNjQ2gUv43GZhPnqXw8odeuC3LA1sLZQfWNcX
MtG/pw7aYF+ouBQvb3jEk1EwmmoomTYyzxts60DvmAmcDaPXfqyDBYucSmtYU6q8
QMZuJclhbsoelmqndwjwiEyfvaXJ9HQpmyyijMkfqwDYUsY4RDkK0tQjIuXkyaoY
iiVYHCX/LbHYamcaiIhDUCTL3bIMRsv7Y4hxP6BOviHE4bW/y+kRp3k=
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:59:12 2025 by rpki-client