Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/LybZbI5zyJ39JstrkEFIrhtylh8.roa
File: LybZbI5zyJ39JstrkEFIrhtylh8.roa (raw, json)
Hash identifier: z+mmcbUMAd//4i4kPYabxYduaYkJ6sfVgx+jU46dJGg=
Subject key identifier: 2F:26:D9:6C:8E:73:C8:9D:FD:26:CB:6B:90:41:48:AE:1B:72:96:1F
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1D01
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/LybZbI5zyJ39JstrkEFIrhtylh8.roa
Signing time: Fri 17 Jan 2025 01:26:44 +0000
ROA not before: Fri 17 Jan 2025 01:26:44 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4811
IP address blocks: 103.237.28.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7425 (0x1d01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Jan 17 01:26:44 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=2F26D96C8E73C89DFD26CB6B904148AE1B72961F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b8:34:16:c1:4f:df:58:34:de:26:24:33:7e:
55:50:77:64:e7:6d:c2:1f:24:e6:b6:35:a1:0c:77:
9f:0d:55:c8:3f:44:8b:0d:b4:0c:b7:19:6e:bd:dc:
39:e7:b6:f5:f9:c6:2c:77:85:c1:d7:48:90:b3:20:
3f:95:14:a1:af:20:f5:5c:b7:59:58:8e:f3:39:60:
48:5a:f0:1e:ff:ec:6d:40:37:15:ba:85:b1:d4:e4:
0e:fc:21:85:5d:74:7f:7e:ac:ad:41:81:a8:a7:2e:
12:31:af:38:8a:19:f6:f7:cd:b1:b1:1f:ad:33:07:
4f:88:b7:5c:09:39:d8:95:f2:79:39:25:a0:df:ba:
f9:20:fa:2d:70:4d:1e:fc:b4:9f:68:d4:57:4e:0b:
48:9e:6e:e6:89:0b:28:0e:03:b2:23:1e:da:32:6e:
01:21:7c:b9:16:36:6d:5b:61:dc:c4:b6:38:e3:00:
a3:be:c1:02:b7:b5:5e:b1:fd:06:24:d1:73:cb:bb:
cc:3f:f2:9c:1c:87:1f:66:3e:67:ec:f0:e3:88:99:
a8:9a:24:b0:12:83:6c:a3:0e:af:1f:f6:57:c3:18:
3b:23:55:ec:3a:47:51:72:8d:2e:9b:5a:29:19:1d:
18:1e:2e:be:e4:85:47:97:81:74:74:94:b6:d1:03:
13:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:26:D9:6C:8E:73:C8:9D:FD:26:CB:6B:90:41:48:AE:1B:72:96:1F
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/LybZbI5zyJ39JstrkEFIrhtylh8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.237.28.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:51:16:7d:d8:42:a5:84:24:c6:88:6d:5c:70:46:3c:69:a2:
39:2f:4c:94:77:8d:82:55:c1:05:8c:fa:3d:5b:4b:e7:e8:38:
76:63:9c:5b:f9:4d:84:eb:6c:38:40:ba:37:b6:93:a2:ab:da:
a1:b6:1b:df:31:dc:44:ce:54:35:b0:87:8d:c3:1c:1f:05:fe:
cc:d6:78:23:3d:ef:c1:65:c1:7d:6c:2a:ce:d4:40:57:4d:28:
e3:93:85:61:bd:ba:68:7f:35:6a:ed:0a:e0:15:dc:bc:fd:a8:
ca:4c:e4:59:e4:5b:1c:61:3b:1c:01:b5:f3:89:bd:a3:3e:9c:
c4:e6:24:db:40:b2:bc:ed:aa:b0:9e:80:54:95:08:ba:6f:db:
6f:c4:3a:1c:00:43:ae:c0:7f:c6:5b:3f:88:bf:7a:5d:03:3a:
c3:29:5d:a7:a7:d0:67:ec:73:3b:53:3a:1b:bd:ee:93:93:dd:
5f:85:35:fd:3b:f6:a3:b1:ff:c7:c7:f1:49:18:5e:4e:34:55:
d6:7d:32:ed:95:f8:85:bc:e8:c5:62:be:04:c0:99:ff:62:4f:
08:4f:a1:60:89:57:85:9a:a7:61:d6:84:1a:19:5e:90:88:e4:
e2:d9:20:09:86:f0:20:0b:ea:38:9f:c2:a3:bc:bf:cd:d9:c4:
a0:17:e8:bb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHQEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTAxMTcw
MTI2NDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDJGMjZEOTZDOEU3M0M4
OURGRDI2Q0I2QjkwNDE0OEFFMUI3Mjk2MUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAuDQWwU/fWDTeJiQzflVQd2TnbcIfJOa2NaEMd58NVcg/RIsN
tAy3GW693DnntvX5xix3hcHXSJCzID+VFKGvIPVct1lYjvM5YEha8B7/7G1ANxW6
hbHU5A78IYVddH9+rK1BgainLhIxrziKGfb3zbGxH60zB0+It1wJOdiV8nk5JaDf
uvkg+i1wTR78tJ9o1FdOC0iebuaJCygOA7IjHtoybgEhfLkWNm1bYdzEtjjjAKO+
wQK3tV6x/QYk0XPLu8w/8pwchx9mPmfs8OOImaiaJLASg2yjDq8f9lfDGDsjVew6
R1FyjS6bWikZHRgeLr7khUeXgXR0lLbRAxPZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQULybZbI5zyJ39JstrkEFIrhtylh8wHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0x5YlpiSTV6eUozOUpz
dHJrRUZJcmh0eWxoOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFn7RwwDQYJKoZIhvcNAQELBQADggEBAE9RFn3YQqWEJMaIbVxwRjxpojkvTJR3
jYJVwQWM+j1bS+foOHZjnFv5TYTrbDhAuje2k6Kr2qG2G98x3ETOVDWwh43DHB8F
/szWeCM978FlwX1sKs7UQFdNKOOThWG9umh/NWrtCuAV3Lz9qMpM5FnkWxxhOxwB
tfOJvaM+nMTmJNtAsrztqrCegFSVCLpv22/EOhwAQ67Af8ZbP4i/el0DOsMpXaen
0GfscztTOhu97pOT3V+FNf079qOx/8fH8UkYXk40VdZ9Mu2V+IW86MVivgTAmf9i
TwhPoWCJV4Wap2HWhBoZXpCI5OLZIAmG8CAL6jifwqO8v83ZxKAX6Ls=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:02 2025 by rpki-client