Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/JGLVC4XzP6n9Cse-BrUivBt0pKA.roa
File: JGLVC4XzP6n9Cse-BrUivBt0pKA.roa (raw, json)
Hash identifier: cUCcalTTQ/avTVz8fQt2rahEv60GW/AWsaAJaWXrHgk=
Subject key identifier: 24:62:D5:0B:85:F3:3F:A9:FD:0A:C7:BE:06:B5:22:BC:1B:74:A4:A0
Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Certificate serial: 1C63
Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/JGLVC4XzP6n9Cse-BrUivBt0pKA.roa
Signing time: Wed 05 Feb 2025 02:41:10 +0000
ROA not before: Wed 05 Feb 2025 02:41:10 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59033
IP address blocks: 103.204.72.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7267 (0x1c63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Validity
Not Before: Feb 5 02:41:10 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=2462D50B85F33FA9FD0AC7BE06B522BC1B74A4A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1d:8d:14:53:e9:99:d4:25:80:64:78:76:f9:
9b:65:82:d7:98:f3:d5:02:89:36:84:d0:e2:7a:85:
6c:5b:27:7b:33:9d:6f:95:6d:53:18:58:d1:b5:d7:
d4:a6:30:3c:32:4f:24:bb:25:db:a1:1c:79:a2:c7:
7a:65:ad:20:11:f3:e1:29:cf:0d:2b:ba:67:35:08:
c8:5f:f5:04:51:c6:f1:24:34:23:10:b8:5a:9a:63:
92:f2:be:7e:92:b8:b0:cf:25:cb:8f:cd:b2:34:4d:
6b:8e:ac:6d:5a:0d:0d:2b:0c:3b:cf:73:aa:83:4b:
cd:22:8b:5f:54:c9:27:db:cc:0d:48:bd:fc:80:2a:
e4:9e:2e:6b:2a:67:70:0c:eb:52:7f:79:19:21:80:
56:50:d8:4a:5b:d4:2d:bc:48:34:f1:58:52:1d:7c:
77:46:90:6b:38:12:94:30:21:d5:0e:7a:68:e8:ce:
35:fc:0c:4c:8a:e5:03:b8:cc:8a:53:7e:aa:a2:06:
e2:6c:2e:43:b5:93:b5:3a:d8:a4:9a:5f:f2:60:c9:
fc:67:e0:d1:5c:39:65:27:38:b2:7d:53:5e:c3:95:
32:c8:b9:9b:38:f0:d5:cd:59:e0:b8:5d:7f:47:d5:
7e:a6:f2:95:46:10:4f:ac:09:86:09:c8:d0:23:4e:
e5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:62:D5:0B:85:F3:3F:A9:FD:0A:C7:BE:06:B5:22:BC:1B:74:A4:A0
X509v3 Authority Key Identifier:
keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/JGLVC4XzP6n9Cse-BrUivBt0pKA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.204.72.0/22
Signature Algorithm: sha256WithRSAEncryption
12:cb:e4:0c:b0:e0:84:13:91:e8:46:72:14:df:70:f4:95:65:
8b:c9:62:d7:1a:44:5b:8b:85:f1:50:d5:9c:f5:64:87:4b:82:
d0:70:e7:68:eb:a6:cb:a5:04:7f:d5:44:a2:eb:2c:5b:f6:ce:
53:07:3a:5d:26:e4:0c:5b:9c:8e:b8:7b:ba:5b:05:81:46:e2:
12:9d:2a:ec:f0:af:3d:11:a4:b0:ed:b3:89:15:4a:f9:6d:a3:
9c:cc:7f:ec:df:a5:28:e2:8d:3a:e9:f0:ac:86:68:f4:12:c8:
b3:40:ee:2c:20:cf:62:fb:14:e7:b8:dd:53:c9:e5:2d:78:d6:
0c:73:0e:a0:70:f2:70:98:86:cb:b5:0b:47:c3:19:46:14:23:
81:89:61:3d:e3:97:5f:16:9c:08:d5:b7:be:13:73:20:dc:06:
29:c9:54:40:bb:2f:59:cc:6d:43:47:1c:b6:b4:a4:b7:5c:5b:
96:b1:5c:36:7c:15:31:50:aa:34:c2:23:b4:f6:db:6d:92:f3:
b6:74:00:a7:c3:72:09:13:44:76:41:77:7e:bc:2a:f7:32:32:
2c:f5:fe:d0:05:a4:a8:fe:1a:27:b0:db:52:a1:05:b4:40:01:
6d:1b:e6:dc:bc:98:92:ee:68:88:33:d0:15:9c:44:5c:eb:0f:
6b:46:17:c5
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHGMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF
MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNTAyMDUw
MjQxMTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI0NjJENTBCODVGMzNG
QTlGRDBBQzdCRTA2QjUyMkJDMUI3NEE0QTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKHY0UU+mZ1CWAZHh2+ZtlgteY89UCiTaE0OJ6hWxbJ3sznW+V
bVMYWNG119SmMDwyTyS7JduhHHmix3plrSAR8+Epzw0rumc1CMhf9QRRxvEkNCMQ
uFqaY5Lyvn6SuLDPJcuPzbI0TWuOrG1aDQ0rDDvPc6qDS80ii19UySfbzA1IvfyA
KuSeLmsqZ3AM61J/eRkhgFZQ2Epb1C28SDTxWFIdfHdGkGs4EpQwIdUOemjozjX8
DEyK5QO4zIpTfqqiBuJsLkO1k7U62KSaX/Jgyfxn4NFcOWUnOLJ9U17DlTLIuZs4
8NXNWeC4XX9H1X6m8pVGEE+sCYYJyNAjTuVXAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUJGLVC4XzP6n9Cse+BrUivBt0pKAwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q
MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4
Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvSkdMVkM0WHpQNm45
Q3NlLUJyVWl2QnQwcEtBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmfMSDANBgkqhkiG9w0BAQsFAAOCAQEAEsvkDLDghBOR6EZyFN9w9JVli8li
1xpEW4uF8VDVnPVkh0uC0HDnaOumy6UEf9VEoussW/bOUwc6XSbkDFucjrh7ulsF
gUbiEp0q7PCvPRGksO2ziRVK+W2jnMx/7N+lKOKNOunwrIZo9BLIs0DuLCDPYvsU
57jdU8nlLXjWDHMOoHDycJiGy7ULR8MZRhQjgYlhPeOXXxacCNW3vhNzINwGKclU
QLsvWcxtQ0cctrSkt1xblrFcNnwVMVCqNMIjtPbbbZLztnQAp8NyCRNEdkF3frwq
9zIyLPX+0AWkqP4aJ7DbUqEFtEABbRvm3LyYku5oiDPQFZxEXOsPa0YXxQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:27:16 2025 by rpki-client