Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/GotaUX3VOgZNO19NNK27k_XkYmI.roa
File: GotaUX3VOgZNO19NNK27k_XkYmI.roa (raw, json)
Hash identifier: ESiHjnCKJYn8014DdCjlAQqi/as7qeggIv4b6qGyOpo=
Subject key identifier: 1A:8B:5A:51:7D:D5:3A:06:4D:3B:5F:4D:34:AD:BB:93:F5:E4:62:62
Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Certificate serial: 20
Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/GotaUX3VOgZNO19NNK27k_XkYmI.roa
Signing time: Thu 17 Apr 2025 11:31:18 +0000
ROA not before: Thu 17 Apr 2025 11:31:18 +0000
ROA not after: Wed 15 Apr 2026 09:08:30 +0000
asID: 138968
IP address blocks: 103.118.220.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32 (0x20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Validity
Not Before: Apr 17 11:31:18 2025 GMT
Not After : Apr 15 09:08:30 2026 GMT
Subject: CN=1A8B5A517DD53A064D3B5F4D34ADBB93F5E46262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:46:c7:16:38:2b:14:f6:5c:1e:05:8d:c2:8f:
2a:25:a6:8e:02:7c:40:5b:ca:6b:5e:1a:4c:ea:33:
e4:47:4c:5f:ce:62:a4:f3:22:73:39:31:60:83:f9:
3c:26:8e:e4:80:bb:f7:8e:ba:8f:87:55:f5:d9:eb:
b5:02:cd:af:57:bc:f1:56:84:c0:31:98:48:35:62:
ea:88:bd:40:40:42:92:ed:ff:00:b3:09:f3:f1:34:
e5:ed:7c:32:d8:f6:14:13:68:eb:08:1b:ab:09:bd:
a2:a0:1b:0f:a1:20:52:de:a9:fc:86:b5:41:21:8b:
ca:1d:7e:a4:fa:2a:0a:e7:14:66:f5:a4:f6:5a:05:
50:68:c5:41:09:04:0f:c9:3b:0f:1b:35:0b:ca:5a:
bf:39:0a:f4:f1:c1:2b:26:59:0c:32:d1:2c:ac:5e:
4d:7d:69:bc:41:90:ac:1a:3d:42:ff:fd:39:b6:b7:
60:03:fe:cb:18:b7:f6:8f:d3:08:9d:40:91:7a:56:
fd:50:54:81:fb:2c:88:88:1c:22:4c:81:3a:22:d0:
bb:4a:21:6b:da:23:83:3b:20:03:14:65:91:d4:81:
2c:57:4c:17:49:26:12:9f:3f:fa:47:42:42:55:c9:
d0:c4:02:12:c3:d8:66:95:96:ea:30:57:9a:88:1a:
7c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:8B:5A:51:7D:D5:3A:06:4D:3B:5F:4D:34:AD:BB:93:F5:E4:62:62
X509v3 Authority Key Identifier:
keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/GotaUX3VOgZNO19NNK27k_XkYmI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.118.220.0/22
Signature Algorithm: sha256WithRSAEncryption
82:67:a4:83:30:39:b3:86:1a:ff:9a:1e:15:49:53:a5:c6:f8:
96:ba:eb:67:64:7d:91:a4:60:01:db:cc:92:f4:3c:bf:0e:a8:
c0:32:66:26:5a:b7:12:85:ef:fe:95:19:19:0b:ab:5a:68:43:
e7:b0:8c:2c:ac:10:46:d3:4f:24:02:82:54:b8:57:90:07:a8:
f6:1d:a6:8e:29:c7:f5:12:dc:a8:00:a7:1d:46:10:f2:c3:ef:
78:8e:cd:a2:26:79:5c:57:ae:42:3c:42:31:30:16:25:04:18:
3c:66:65:f4:c2:d6:7e:36:65:03:bb:ea:fe:de:3c:72:d3:e0:
6b:92:d4:61:b6:5e:a3:26:19:12:17:44:9b:74:da:a9:01:91:
71:79:31:d5:01:47:4c:a0:fc:3c:91:1d:94:c2:11:b9:87:24:
8b:d2:9b:af:74:45:83:1d:dd:53:dc:30:4e:dc:f9:4a:62:3d:
c4:58:99:02:17:7e:ed:78:db:68:cc:a6:57:df:fe:62:12:8a:
7f:f3:93:81:55:2b:4f:07:25:b6:9e:c7:74:55:21:1e:79:d5:
de:2f:6f:3e:52:62:65:c8:d4:48:79:1f:8a:fa:b2:e8:e0:62:
8d:e0:94:d8:0b:2f:a6:97:70:8a:34:d3:25:9e:82:a4:d9:8f:
6a:b5:1e:eb
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF
ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQxNzEx
MzExOFoXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoMUE4QjVBNTE3REQ1M0Ew
NjREM0I1RjREMzRBREJCOTNGNUU0NjI2MjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKtGxxY4KxT2XB4FjcKPKiWmjgJ8QFvKa14aTOoz5EdMX85ipPMi
czkxYIP5PCaO5IC79466j4dV9dnrtQLNr1e88VaEwDGYSDVi6oi9QEBCku3/ALMJ
8/E05e18Mtj2FBNo6wgbqwm9oqAbD6EgUt6p/Ia1QSGLyh1+pPoqCucUZvWk9loF
UGjFQQkED8k7Dxs1C8pavzkK9PHBKyZZDDLRLKxeTX1pvEGQrBo9Qv/9Oba3YAP+
yxi39o/TCJ1AkXpW/VBUgfssiIgcIkyBOiLQu0oha9ojgzsgAxRlkdSBLFdMF0km
Ep8/+kdCQlXJ0MQCEsPYZpWW6jBXmogafL8CAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBQai1pRfdU6Bk07X000rbuT9eRiYjAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj
QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2
L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi9Hb3RhVVgzVk9nWk5P
MTlOTksyN2tfWGtZbUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ3bcMA0GCSqGSIb3DQEBCwUAA4IBAQCCZ6SDMDmzhhr/mh4VSVOlxviWuutn
ZH2RpGAB28yS9Dy/DqjAMmYmWrcShe/+lRkZC6taaEPnsIwsrBBG008kAoJUuFeQ
B6j2HaaOKcf1EtyoAKcdRhDyw+94js2iJnlcV65CPEIxMBYlBBg8ZmX0wtZ+NmUD
u+r+3jxy0+BrktRhtl6jJhkSF0SbdNqpAZFxeTHVAUdMoPw8kR2UwhG5hySL0puv
dEWDHd1T3DBO3PlKYj3EWJkCF37teNtozKZX3/5iEop/85OBVStPByW2nsd0VSEe
edXeL28+UmJlyNRIeR+K+rLo4GKN4JTYCy+ml3CKNNMlnoKk2Y9qtR7r
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:19:05 2025 by rpki-client