Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/5F3_qJsNzbOE3KUQvB7FGRoJIoQ.roa
File: 5F3_qJsNzbOE3KUQvB7FGRoJIoQ.roa (raw, json)
Hash identifier: LbGiFQ0hOo7l49oL65K6ks14edGk5uaNeR7V1Fy9pBc=
Subject key identifier: E4:5D:FF:A8:9B:0D:CD:B3:84:DC:A5:10:BC:1E:C5:19:1A:09:22:84
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1704
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/5F3_qJsNzbOE3KUQvB7FGRoJIoQ.roa
Signing time: Wed 13 Mar 2024 01:21:53 +0000
ROA not before: Wed 13 Mar 2024 01:21:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 17621
IP address blocks: 106.75.208.0/20 maxlen: 20
106.75.224.0/20 maxlen: 20
106.75.240.0/20 maxlen: 20
113.31.96.0/20 maxlen: 20
113.31.112.0/20 maxlen: 20
113.31.144.0/20 maxlen: 20
113.31.160.0/20 maxlen: 20
113.31.176.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5892 (0x1704)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Mar 13 01:21:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E45DFFA89B0DCDB384DCA510BC1EC5191A092284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:06:23:9e:6b:0d:f6:1d:43:8d:c6:21:ad:a1:
9c:ef:d8:2e:22:3d:23:64:c1:db:29:c1:8c:a5:7e:
82:c3:65:ea:99:83:4b:ed:8f:c2:44:89:9e:8b:f5:
f2:b0:07:c2:f2:e3:90:a3:e6:ea:9b:62:c0:11:1a:
e2:c5:f1:d9:e3:18:46:97:9a:59:4f:ec:fa:43:09:
ff:21:08:15:8c:41:6c:b5:28:8b:56:8b:29:12:5e:
4f:f8:05:5b:78:20:20:ac:4f:6a:99:1d:31:52:2d:
54:cd:1a:9d:89:d0:43:ae:b9:10:cf:81:a1:2f:fd:
0b:80:61:16:a5:19:42:e5:ac:c7:70:48:5f:6c:96:
3c:68:87:19:ad:f2:87:b8:ea:e9:c0:29:97:32:58:
06:eb:d5:e4:8e:36:3b:46:60:f9:86:22:f1:51:eb:
ca:eb:ae:1a:ad:fb:39:e6:6d:2b:cb:4a:d9:12:eb:
67:1e:14:07:eb:69:ea:38:bf:a2:b3:c2:89:6b:0b:
23:55:3f:12:9f:f1:47:8a:36:0f:3b:a2:22:76:ca:
bc:d0:44:63:02:57:cb:10:c1:e1:f8:16:14:f2:6c:
3b:d6:4f:2e:c6:7e:88:14:58:62:d6:27:59:d8:cf:
69:02:46:30:d4:9c:23:6d:24:15:7a:dc:bc:e3:98:
ba:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:5D:FF:A8:9B:0D:CD:B3:84:DC:A5:10:BC:1E:C5:19:1A:09:22:84
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/5F3_qJsNzbOE3KUQvB7FGRoJIoQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.75.208.0-106.75.255.255
113.31.96.0/19
113.31.144.0-113.31.191.255
Signature Algorithm: sha256WithRSAEncryption
6f:69:85:b2:7b:51:bf:3e:8f:95:d6:08:77:43:0d:47:a6:5b:
bc:b3:af:91:dd:5e:2b:23:c8:e2:e3:20:cd:5a:ea:fb:9f:ed:
eb:92:49:7e:a3:a3:c0:04:b1:3c:39:f1:4a:88:88:09:3e:78:
7f:7f:3f:5e:f1:f8:2d:8b:71:6d:a9:c7:45:22:69:79:28:3c:
c9:94:77:17:f4:ec:85:c3:8c:e8:1d:7b:09:c0:b0:39:bd:7d:
da:14:c0:57:20:df:15:0b:fd:cf:d2:c8:10:c9:9d:78:39:68:
b5:b3:d3:e3:96:9f:f8:9c:45:08:48:a6:e6:ef:03:76:04:08:
30:b0:2b:af:01:5a:80:b3:7f:d6:df:56:39:78:c6:c2:d7:72:
62:f8:33:2f:fb:90:32:26:35:13:8a:ad:65:46:b4:78:14:0b:
52:e1:73:5f:35:be:dc:84:8e:df:e3:ab:69:35:3f:3a:8d:d0:
61:e9:19:e5:a6:a3:2b:e8:07:0c:b5:2c:90:6f:c2:34:1f:f2:
e9:0d:2a:b8:3d:4b:9c:bb:28:54:ea:5a:80:3b:19:66:21:66:
59:f3:b4:9e:24:60:3b:95:8e:0b:fc:d4:fa:88:87:f8:ec:8f:
cc:f0:6a:6e:c6:a9:2e:a5:4d:25:b3:03:f5:cc:91:b7:de:8f:
21:68:46:15
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICFwQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNDAzMTMw
MTIxNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU0NURGRkE4OUIwRENE
QjM4NERDQTUxMEJDMUVDNTE5MUEwOTIyODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWBiOeaw32HUONxiGtoZzv2C4iPSNkwdspwYylfoLDZeqZg0vt
j8JEiZ6L9fKwB8Ly45Cj5uqbYsARGuLF8dnjGEaXmllP7PpDCf8hCBWMQWy1KItW
iykSXk/4BVt4ICCsT2qZHTFSLVTNGp2J0EOuuRDPgaEv/QuAYRalGULlrMdwSF9s
ljxohxmt8oe46unAKZcyWAbr1eSONjtGYPmGIvFR68rrrhqt+znmbSvLStkS62ce
FAfraeo4v6KzwolrCyNVPxKf8UeKNg87oiJ2yrzQRGMCV8sQweH4FhTybDvWTy7G
fogUWGLWJ1nYz2kCRjDUnCNtJBV63LzjmLrjAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQU5F3/qJsNzbOE3KUQvB7FGRoJIoQwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3LzVGM19xSnNOemJPRTNL
VVF2QjdGR1JvSklvUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwOgYIKwYBBQUHAQcBAf8EKzApMCcEAgABMCEw
CwMEBGpL0AMDAmpIAwQFcR9gMAwDBARxH5ADBAZxH4AwDQYJKoZIhvcNAQELBQAD
ggEBAG9phbJ7Ub8+j5XWCHdDDUemW7yzr5HdXisjyOLjIM1a6vuf7euSSX6jo8AE
sTw58UqIiAk+eH9/P17x+C2LcW2px0UiaXkoPMmUdxf07IXDjOgdewnAsDm9fdoU
wFcg3xUL/c/SyBDJnXg5aLWz0+OWn/icRQhIpubvA3YECDCwK68BWoCzf9bfVjl4
xsLXcmL4My/7kDImNROKrWVGtHgUC1Lhc181vtyEjt/jq2k1PzqN0GHpGeWmoyvo
Bwy1LJBvwjQf8ukNKrg9S5y7KFTqWoA7GWYhZlnztJ4kYDuVjgv81PqIh/jsj8zw
am7GqS6lTSWzA/XMkbfejyFoRhU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:26 2025 by rpki-client