Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/X4JvVuGdcXsbxEDv2fu1SDsj7-o.roa
File: X4JvVuGdcXsbxEDv2fu1SDsj7-o.roa (raw, json)
Hash identifier: nS17ZYrG5GzmGNKneTnDmM0UG1AAyXiPtyrsoY0sJ8s=
Subject key identifier: 5F:82:6F:56:E1:9D:71:7B:1B:C4:40:EF:D9:FB:B5:48:3B:23:EF:EA
Certificate issuer: /CN=49449B46CAECE75D1C558061394DB402B6D009BE
Certificate serial: 1DAA
Authority key identifier: 49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/X4JvVuGdcXsbxEDv2fu1SDsj7-o.roa
Signing time: Wed 09 Apr 2025 06:48:19 +0000
ROA not before: Wed 09 Apr 2025 06:48:19 +0000
ROA not after: Thu 09 Apr 2026 06:41:08 +0000
asID: 63689
IP address blocks: 103.204.72.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7594 (0x1daa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49449B46CAECE75D1C558061394DB402B6D009BE
Validity
Not Before: Apr 9 06:48:19 2025 GMT
Not After : Apr 9 06:41:08 2026 GMT
Subject: CN=5F826F56E19D717B1BC440EFD9FBB5483B23EFEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4a:26:8c:ba:ee:fd:b4:01:35:54:9c:6c:26:
88:dc:89:80:14:e4:71:b3:f3:e3:72:51:db:02:7c:
d2:33:04:40:56:34:a3:47:d6:f8:e2:6d:7c:8a:e9:
a4:35:82:80:d4:47:d0:ad:91:13:f5:a4:cf:5b:13:
99:4f:29:a4:f6:5f:6e:47:b9:b5:22:fc:d9:2f:7e:
1c:61:11:17:ca:3d:43:c6:a4:9b:1e:c4:66:19:92:
b6:8c:ff:d9:7f:b7:cf:3d:d1:9a:d2:55:83:db:3c:
a5:5c:b4:c3:1b:7d:f3:e3:16:50:5f:48:cf:ee:c1:
ba:be:7e:13:ab:f1:fa:ac:c2:e6:bb:cd:e1:59:44:
c1:4c:52:f2:f2:51:09:ce:87:30:51:4c:5b:7c:88:
df:a1:73:1f:bb:8f:dc:47:07:14:a0:6e:9a:9e:dc:
64:6c:0d:7a:5c:0e:1a:7e:e8:c2:3c:d1:9f:58:a9:
79:e4:6a:09:7a:30:3f:a7:aa:7a:9f:4b:24:c9:b3:
03:72:44:58:fd:20:a0:c6:67:ae:2e:3e:0a:43:af:
b1:44:08:5f:3d:cc:a4:37:55:07:30:7a:38:91:6e:
2b:35:46:20:74:f7:43:1f:07:f1:a4:10:1c:d5:bc:
bd:55:b3:cb:d7:6e:d0:52:df:fe:cd:19:cb:e1:40:
2c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:82:6F:56:E1:9D:71:7B:1B:C4:40:EF:D9:FB:B5:48:3B:23:EF:EA
X509v3 Authority Key Identifier:
keyid:49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/X4JvVuGdcXsbxEDv2fu1SDsj7-o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.204.72.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:3b:0b:3d:f9:3d:4d:d8:bf:dd:15:f0:24:9f:97:3d:61:c3:
16:55:c7:98:a3:75:55:de:f5:bc:27:25:d2:54:6f:b9:55:03:
85:5b:9e:ff:e3:14:af:1b:16:e6:a3:f2:c6:cf:36:28:7c:6e:
80:9d:42:74:e5:9f:2b:a0:7e:f2:65:8d:cc:60:b1:6c:e9:39:
26:d4:4e:5f:7c:c9:5c:ba:5f:f0:26:b5:aa:ca:33:2c:79:1e:
fd:6e:ea:52:7f:dc:04:cf:71:86:41:6b:13:fa:69:49:cc:24:
ba:e7:00:7c:83:29:af:7b:c7:2a:58:1a:fc:fa:0f:96:72:fd:
46:38:94:99:93:c1:89:4f:e5:76:8b:0a:5d:ad:42:ce:5e:61:
8c:54:69:c1:6f:bf:95:a6:5a:e5:ab:0c:d0:ad:e8:76:1c:55:
5a:91:47:50:ad:d6:bc:d6:04:bc:90:13:52:88:35:ec:7e:64:
65:ee:07:45:0b:80:fb:19:0f:1b:ff:23:5b:70:5e:20:a0:b1:
9a:7f:ba:8e:e3:64:34:08:3a:06:cc:28:b2:34:3c:a2:9b:0a:
67:38:8b:6b:5d:53:a6:d0:20:4f:4a:fc:6b:ae:63:d1:40:03:
18:e8:01:e1:91:cf:2f:a2:eb:72:18:27:65:38:b7:06:19:3d:
c3:a9:9e:b7
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHaowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDk0
NDlCNDZDQUVDRTc1RDFDNTU4MDYxMzk0REI0MDJCNkQwMDlCRTAeFw0yNTA0MDkw
NjQ4MTlaFw0yNjA0MDkwNjQxMDhaMDMxMTAvBgNVBAMTKDVGODI2RjU2RTE5RDcx
N0IxQkM0NDBFRkQ5RkJCNTQ4M0IyM0VGRUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3SiaMuu79tAE1VJxsJojciYAU5HGz8+NyUdsCfNIzBEBWNKNH
1vjibXyK6aQ1goDUR9CtkRP1pM9bE5lPKaT2X25HubUi/NkvfhxhERfKPUPGpJse
xGYZkraM/9l/t8890ZrSVYPbPKVctMMbffPjFlBfSM/uwbq+fhOr8fqswua7zeFZ
RMFMUvLyUQnOhzBRTFt8iN+hcx+7j9xHBxSgbpqe3GRsDXpcDhp+6MI80Z9YqXnk
agl6MD+nqnqfSyTJswNyRFj9IKDGZ64uPgpDr7FECF89zKQ3VQcwejiRbis1RiB0
90MfB/GkEBzVvL1Vs8vXbtBS3/7NGcvhQCxdAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUX4JvVuGdcXsbxEDv2fu1SDsj7+owHwYDVR0jBBgwFoAUSUSbRsrs510cVYBh
OU20ArbQCb4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4
Ny9TVVNiUnNyczUxMGNWWUJoT1UyMEFyYlFDYjQuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NVU2JSc3JzNTEwY1ZZQmhPVTIwQXJiUUNiNC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvWDRKdlZ1R2RjWHNi
eEVEdjJmdTFTRHNqNy1vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmfMSDANBgkqhkiG9w0BAQsFAAOCAQEAXzsLPfk9Tdi/3RXwJJ+XPWHDFlXH
mKN1Vd71vCcl0lRvuVUDhVue/+MUrxsW5qPyxs82KHxugJ1CdOWfK6B+8mWNzGCx
bOk5JtROX3zJXLpf8Ca1qsozLHke/W7qUn/cBM9xhkFrE/ppScwkuucAfIMpr3vH
Klga/PoPlnL9RjiUmZPBiU/ldosKXa1Czl5hjFRpwW+/laZa5asM0K3odhxVWpFH
UK3WvNYEvJATUog17H5kZe4HRQuA+xkPG/8jW3BeIKCxmn+6juNkNAg6BswosjQ8
opsKZziLa11TptAgT0r8a65j0UADGOgB4ZHPL6LrchgnZTi3Bhk9w6metw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:56:50 2025 by rpki-client