Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2391/XGxZfLuTPdP4GezArBe-W0QI-NY.roa
File: XGxZfLuTPdP4GezArBe-W0QI-NY.roa (raw, json)
Hash identifier: 5dIKdi7kLNgCZzAFbgXt84wBodmN0soN09dx1Ydm1E0=
Subject key identifier: 5C:6C:59:7C:BB:93:3D:D3:F8:19:EC:C0:AC:17:BE:5B:44:08:F8:D6
Certificate issuer: /CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Certificate serial: 06F9
Authority key identifier: 07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/XGxZfLuTPdP4GezArBe-W0QI-NY.roa
Signing time: Mon 22 May 2023 02:40:42 +0000
ROA not before: Mon 22 May 2023 02:40:42 +0000
ROA not after: Sat 17 Feb 2024 02:46:59 +0000
asID: 58879
IP address blocks: 103.41.232.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1785 (0x6f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Validity
Not Before: May 22 02:40:42 2023 GMT
Not After : Feb 17 02:46:59 2024 GMT
Subject: CN=5C6C597CBB933DD3F819ECC0AC17BE5B4408F8D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8b:e2:c2:8a:1f:79:75:5d:6e:2d:27:06:b2:
26:cb:a7:f0:65:6a:a6:0b:5e:fb:a4:e2:a6:2d:14:
77:8c:fa:f7:67:11:5a:e0:66:7d:01:c5:26:eb:a8:
4d:8c:b8:bb:bf:18:7d:38:8c:fa:e1:65:6c:ed:84:
9b:b0:23:4c:83:71:de:37:fc:bd:93:d1:d7:a0:b4:
3b:61:0b:ee:64:e9:5a:57:48:5c:56:f7:05:99:bb:
b1:af:51:59:83:a0:11:5e:9a:dd:13:54:1e:32:c2:
27:1d:90:14:37:f6:f1:ad:b8:aa:26:2f:af:a2:19:
51:89:8e:ba:b2:17:17:c5:02:1a:4a:ae:a7:b4:d9:
e5:c2:88:5b:14:b1:af:1e:c1:9d:f2:a7:00:17:9a:
e9:42:d3:ec:17:00:db:d2:57:bf:6a:b2:2e:76:2e:
af:e1:cb:c9:c2:fe:66:58:79:95:02:7b:20:47:ce:
62:35:80:1e:c6:01:db:b3:4e:4b:82:8e:4d:12:46:
df:aa:e0:78:24:cd:bd:a1:41:83:88:56:07:63:13:
ec:dd:bd:9f:0f:e5:c4:f5:19:77:77:21:24:37:c8:
45:a5:f2:a4:30:d1:3a:ce:a0:17:41:f8:bc:30:87:
be:7e:91:b9:a2:ad:2e:e3:fe:60:54:ed:f0:57:dd:
ce:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:6C:59:7C:BB:93:3D:D3:F8:19:EC:C0:AC:17:BE:5B:44:08:F8:D6
X509v3 Authority Key Identifier:
keyid:07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/B6YIQJslG8sabAMKHCG6Qc28v1Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/XGxZfLuTPdP4GezArBe-W0QI-NY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.41.232.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:30:e0:42:1b:42:1e:80:e7:9b:a4:ed:d7:74:a5:c3:10:b1:
3a:74:1d:f6:65:d7:ee:dc:3c:92:d9:02:39:c0:52:e3:62:75:
93:34:c2:1b:a9:97:ff:0c:56:d3:d5:ce:d7:bd:6a:77:f5:05:
c9:d2:ee:9f:cd:95:63:2f:ae:7b:de:99:a8:7b:30:a6:c8:1f:
f4:f1:bf:88:10:25:60:c5:67:64:b2:5f:bd:7c:f6:db:ca:bb:
ac:30:aa:63:65:30:03:b7:b4:40:94:21:ef:38:fd:a9:01:d3:
ea:f8:f4:a6:b1:8c:1f:db:69:94:be:88:81:06:aa:94:77:f7:
ce:15:b4:d7:28:0c:ed:69:3d:f2:19:92:8b:13:32:be:46:7b:
01:75:76:99:78:14:ef:b8:46:b4:b1:e5:36:da:91:e9:cc:c8:
bb:0d:5d:bf:d7:49:dd:e4:30:2a:b8:2e:9f:c2:b0:4f:07:4d:
ba:b9:ab:9e:c7:c3:65:dd:e0:08:49:48:83:e3:b4:e1:b2:f2:
1c:b6:6a:a4:b0:c0:a1:4f:ec:6d:9f:7a:86:c2:8f:8e:b2:b9:
02:e5:ed:70:1a:71:bf:94:f2:6a:d0:91:95:6f:14:2f:7d:33:
11:27:74:64:4f:40:31:62:3f:11:1c:55:c3:9b:8f:55:86:0b:
c5:0f:0a:13
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICBvkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdB
NjA4NDA5QjI1MUJDQjFBNkMwMzBBMUMyMUJBNDFDREJDQkY1NjAeFw0yMzA1MjIw
MjQwNDJaFw0yNDAyMTcwMjQ2NTlaMDMxMTAvBgNVBAMTKDVDNkM1OTdDQkI5MzNE
RDNGODE5RUNDMEFDMTdCRTVCNDQwOEY4RDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLi+LCih95dV1uLScGsibLp/BlaqYLXvuk4qYtFHeM+vdnEVrg
Zn0BxSbrqE2MuLu/GH04jPrhZWzthJuwI0yDcd43/L2T0degtDthC+5k6VpXSFxW
9wWZu7GvUVmDoBFemt0TVB4ywicdkBQ39vGtuKomL6+iGVGJjrqyFxfFAhpKrqe0
2eXCiFsUsa8ewZ3ypwAXmulC0+wXANvSV79qsi52Lq/hy8nC/mZYeZUCeyBHzmI1
gB7GAduzTkuCjk0SRt+q4Hgkzb2hQYOIVgdjE+zdvZ8P5cT1GXd3ISQ3yEWl8qQw
0TrOoBdB+Lwwh75+kbmirS7j/mBU7fBX3c4xAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUXGxZfLuTPdP4GezArBe+W0QI+NYwHwYDVR0jBBgwFoAUB6YIQJslG8sabAMK
HCG6Qc28v1YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjM5
MS9CNllJUUpzbEc4c2FiQU1LSENHNlFjMjh2MVkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0I2WUlRSnNsRzhzYWJBTUtIQ0c2UWMyOHYxWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzOTEvWEd4WmZMdVRQZFA0
R2V6QXJCZS1XMFFJLU5ZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmcp6DANBgkqhkiG9w0BAQsFAAOCAQEAszDgQhtCHoDnm6Tt13SlwxCxOnQd
9mXX7tw8ktkCOcBS42J1kzTCG6mX/wxW09XO171qd/UFydLun82VYy+ue96ZqHsw
psgf9PG/iBAlYMVnZLJfvXz228q7rDCqY2UwA7e0QJQh7zj9qQHT6vj0prGMH9tp
lL6IgQaqlHf3zhW01ygM7Wk98hmSixMyvkZ7AXV2mXgU77hGtLHlNtqR6czIuw1d
v9dJ3eQwKrgun8KwTwdNurmrnsfDZd3gCElIg+O04bLyHLZqpLDAoU/sbZ96hsKP
jrK5AuXtcBpxv5TyatCRlW8UL30zESd0ZE9AMWI/ERxVw5uPVYYLxQ8KEw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:37:18 2025 by rpki-client