Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/WVqsFeBKy0Yv8SI4Ybk8zCVMrBI.roa
File: WVqsFeBKy0Yv8SI4Ybk8zCVMrBI.roa (raw, json)
Hash identifier: r3nASdQhtvLP06NA+vjgR3lMgbAsrN43UGNDykeKiY0=
Subject key identifier: 59:5A:AC:15:E0:4A:CB:46:2F:F1:22:38:61:B9:3C:CC:25:4C:AC:12
Certificate issuer: /CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Certificate serial: 08AD
Authority key identifier: 0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/WVqsFeBKy0Yv8SI4Ybk8zCVMrBI.roa
Signing time: Tue 17 Dec 2024 06:30:20 +0000
ROA not before: Tue 17 Dec 2024 06:30:20 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4837
IP address blocks: 103.205.252.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2221 (0x8ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Validity
Not Before: Dec 17 06:30:20 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=595AAC15E04ACB462FF1223861B93CCC254CAC12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:15:35:b8:be:d2:17:dd:dd:72:38:09:e8:05:
e7:76:38:bb:56:86:65:0c:f9:2d:c3:b9:cb:1c:75:
7d:b7:10:27:7b:16:d2:60:0a:f9:ea:8b:cd:71:e4:
3f:18:13:75:6d:47:e3:1f:df:b1:01:4f:e2:4c:ef:
08:f1:fd:c4:b2:c5:1d:d2:35:eb:b6:2b:eb:ed:0a:
f1:50:a4:6c:c0:7b:a6:ad:60:01:83:33:d6:b0:6b:
43:c0:b6:f8:bd:d5:7b:31:72:d9:76:cd:7b:33:90:
b6:7f:8d:4f:e0:a6:0b:ec:27:85:9e:2b:38:37:dd:
6b:e1:b1:44:ea:9b:49:c7:aa:65:a9:a8:fa:07:c4:
03:f7:3a:63:31:3a:1e:49:5d:53:f0:54:79:14:c6:
30:98:c2:16:b3:e7:96:a3:24:f2:c0:d7:20:d8:95:
07:7a:d9:ca:46:ab:2c:f1:57:ac:fe:66:57:7e:a8:
61:84:c8:45:99:bb:92:f5:1c:ff:d2:66:26:ee:55:
ca:23:0f:b2:46:0b:9f:81:15:dd:95:e2:fc:6a:0d:
aa:36:aa:d3:28:5e:be:1d:88:d5:53:24:fd:b6:a4:
5a:e6:54:af:63:d6:b2:52:07:f3:d1:4d:72:9c:43:
9e:91:ef:66:0c:bb:3b:02:f5:79:b7:2f:a7:f1:10:
db:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:5A:AC:15:E0:4A:CB:46:2F:F1:22:38:61:B9:3C:CC:25:4C:AC:12
X509v3 Authority Key Identifier:
keyid:0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/DuhjrFcK7qH5ML6l52qufdVTgE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/WVqsFeBKy0Yv8SI4Ybk8zCVMrBI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.205.252.0/22
Signature Algorithm: sha256WithRSAEncryption
21:14:2b:bc:6b:4d:e3:cc:2e:a0:d5:64:63:52:4e:5f:03:b1:
32:78:e3:44:f8:a3:98:ce:0c:11:bb:70:02:c7:98:9c:82:2a:
d8:cf:cd:18:59:ec:58:5f:cf:a7:06:3e:1f:3d:5a:43:46:47:
d3:13:5d:1a:66:3c:3c:f3:4a:09:e9:06:4c:76:cf:9c:6e:65:
ce:a0:bb:35:96:ac:67:6f:65:24:35:c1:78:fd:60:50:f4:5c:
e1:35:0f:cf:5b:95:6d:8e:af:d2:ac:77:e1:e3:ab:5d:a0:02:
d5:6e:d8:83:12:9a:14:b2:84:7a:0c:8b:f2:38:72:91:0e:d3:
75:5d:3a:d0:99:21:e3:16:b8:02:ef:e1:50:66:91:46:28:43:
8e:03:47:76:5a:1b:89:ab:5b:1c:23:c0:fe:49:d4:fb:56:74:
be:5d:59:11:24:66:cb:32:5d:1c:d0:19:ef:5e:06:81:35:49:
5f:f5:e4:5b:f9:27:11:b1:fe:7c:c5:e4:f3:97:03:d9:c4:d3:
86:16:db:a1:0c:1c:4d:f8:7e:66:ba:a6:fb:0b:a6:af:91:f2:
63:8e:c2:75:be:c2:6d:9c:a4:ee:50:19:41:c2:89:c9:13:8d:
d5:02:09:9d:45:14:d9:cb:f7:98:62:5f:bc:6b:28:4b:2d:09:
79:f2:5c:48
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICCK0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVF
ODYzQUM1NzBBRUVBMUY5MzBCRUE1RTc2QUFFN0RENTUzODA0RTAeFw0yNDEyMTcw
NjMwMjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDU5NUFBQzE1RTA0QUNC
NDYyRkYxMjIzODYxQjkzQ0NDMjU0Q0FDMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnFTW4vtIX3d1yOAnoBed2OLtWhmUM+S3DucscdX23ECd7FtJg
Cvnqi81x5D8YE3VtR+Mf37EBT+JM7wjx/cSyxR3SNeu2K+vtCvFQpGzAe6atYAGD
M9awa0PAtvi91Xsxctl2zXszkLZ/jU/gpgvsJ4WeKzg33WvhsUTqm0nHqmWpqPoH
xAP3OmMxOh5JXVPwVHkUxjCYwhaz55ajJPLA1yDYlQd62cpGqyzxV6z+Zld+qGGE
yEWZu5L1HP/SZibuVcojD7JGC5+BFd2V4vxqDao2qtMoXr4diNVTJP22pFrmVK9j
1rJSB/PRTXKcQ56R72YMuzsC9Xm3L6fxENtrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUWVqsFeBKy0Yv8SI4Ybk8zCVMrBIwHwYDVR0jBBgwFoAUDuhjrFcK7qH5ML6l
52qufdVTgE4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
L0R1aGpyRmNLN3FINU1MNmw1MnF1ZmRWVGdFNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvRHVoanJGY0s3cUg1TUw2bDUycXVmZFZUZ0U0LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL1dWcXNGZUJLeTBZdjhT
STRZYms4ekNWTXJCSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJnzfwwDQYJKoZIhvcNAQELBQADggEBACEUK7xrTePMLqDVZGNSTl8DsTJ440T4
o5jODBG7cALHmJyCKtjPzRhZ7Fhfz6cGPh89WkNGR9MTXRpmPDzzSgnpBkx2z5xu
Zc6guzWWrGdvZSQ1wXj9YFD0XOE1D89blW2Or9Ksd+Hjq12gAtVu2IMSmhSyhHoM
i/I4cpEO03VdOtCZIeMWuALv4VBmkUYoQ44DR3ZaG4mrWxwjwP5J1PtWdL5dWREk
ZssyXRzQGe9eBoE1SV/15Fv5JxGx/nzF5POXA9nE04YW26EMHE34fma6pvsLpq+R
8mOOwnW+wm2cpO5QGUHCickTjdUCCZ1FFNnL95hiX7xrKEstCXnyXEg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:35 2025 by rpki-client