Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/JKrLfDLOkslTPdFxBF9-3xDOfGo.roa
File: JKrLfDLOkslTPdFxBF9-3xDOfGo.roa (raw, json)
Hash identifier: IMrWJq+Jk1nROU/AN7yx8JhWbvd2xGPrBLelDZBVemg=
Subject key identifier: 24:AA:CB:7C:32:CE:92:C9:53:3D:D1:71:04:5F:7E:DF:10:CE:7C:6A
Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Certificate serial: 1E
Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/JKrLfDLOkslTPdFxBF9-3xDOfGo.roa
Signing time: Thu 17 Apr 2025 11:31:18 +0000
ROA not before: Thu 17 Apr 2025 11:31:18 +0000
ROA not after: Wed 15 Apr 2026 09:08:30 +0000
asID: 138968
IP address blocks: 103.118.208.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30 (0x1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Validity
Not Before: Apr 17 11:31:18 2025 GMT
Not After : Apr 15 09:08:30 2026 GMT
Subject: CN=24AACB7C32CE92C9533DD171045F7EDF10CE7C6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:04:23:b5:a7:e9:c5:c1:a5:81:59:a3:e4:2a:
8e:2c:42:7b:81:9d:e3:63:12:97:57:57:bb:e6:8b:
40:e4:92:91:42:cc:19:2a:22:b0:b3:e6:fa:35:3a:
cb:13:26:f8:b5:eb:b5:b3:39:ae:d8:ea:63:1b:d2:
18:e2:ca:2a:43:35:ae:91:d1:82:2c:5c:2d:1d:f2:
44:3c:39:76:66:ff:40:ba:5f:7d:b0:5a:77:ca:10:
c5:18:ec:f0:eb:f7:ef:a8:50:85:e3:d4:53:ac:6b:
37:07:86:b3:a8:39:d9:9b:44:c0:f3:9d:05:82:93:
a5:d8:e8:f5:3a:3f:1f:1e:06:c2:32:d5:56:ac:8a:
3d:ea:7c:79:e5:ae:fb:99:ee:46:3f:fb:c8:7e:e0:
b0:1c:6b:71:73:df:89:d8:34:1a:19:df:d0:16:2d:
1e:ad:ec:3e:5e:0c:d4:cd:d0:58:e4:17:80:62:ec:
26:7d:e3:e6:a9:f5:c9:9d:5c:01:70:cd:b7:e5:76:
ee:11:f8:3c:aa:7f:e7:da:07:96:80:79:f6:44:f8:
5f:03:ef:e1:8d:31:92:ec:c8:c9:8b:90:67:26:12:
76:15:68:24:2e:4d:4c:d3:9f:a2:ef:ae:c8:c2:8b:
2d:9e:46:45:49:21:e8:d7:a5:b0:67:92:d9:69:62:
19:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:AA:CB:7C:32:CE:92:C9:53:3D:D1:71:04:5F:7E:DF:10:CE:7C:6A
X509v3 Authority Key Identifier:
keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/JKrLfDLOkslTPdFxBF9-3xDOfGo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.118.208.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:46:8e:60:ef:2d:b7:00:51:c5:fe:bb:74:b1:65:bd:c6:4f:
d9:e1:19:b7:aa:e7:b8:87:f8:ed:82:d6:4d:e1:f8:87:b6:f1:
d1:11:a3:79:28:53:04:7a:53:18:63:d1:b4:d8:56:69:d4:2b:
c0:0b:62:5d:cb:2c:ec:38:30:f1:26:6a:97:39:50:9d:46:db:
1f:8b:72:bc:9f:0a:5e:99:70:07:ac:e5:28:38:c5:92:f9:29:
77:79:71:e6:18:85:7e:f8:fd:a8:0f:6e:aa:03:4e:a2:27:e8:
6e:d5:74:c0:3c:24:65:95:05:a1:31:7f:ef:c3:a6:d5:23:fe:
f1:bf:da:fc:19:24:d8:f6:f4:ca:4b:e2:a9:b3:25:7c:57:10:
df:cb:40:27:ea:b8:67:c5:9f:72:a2:41:da:43:8a:74:18:49:
18:58:b5:5d:5f:46:5d:fc:7d:6b:7d:a5:27:de:41:c2:ed:4c:
8a:4d:32:b7:32:81:36:e9:4e:5b:67:33:e0:e1:6c:c8:70:47:
4a:0a:95:16:d7:60:bc:52:d9:71:cf:dd:a2:f3:f8:ed:93:1b:
f1:b9:ad:ad:cf:66:ca:59:d5:11:40:7c:32:71:6e:ad:94:72:
f5:f6:f3:6e:02:d8:28:ba:98:11:67:c8:59:a6:f9:9d:a1:84:
f5:51:93:77
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF
ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQxNzEx
MzExOFoXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoMjRBQUNCN0MzMkNFOTJD
OTUzM0REMTcxMDQ1RjdFREYxMENFN0M2QTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALkEI7Wn6cXBpYFZo+QqjixCe4Gd42MSl1dXu+aLQOSSkULMGSoi
sLPm+jU6yxMm+LXrtbM5rtjqYxvSGOLKKkM1rpHRgixcLR3yRDw5dmb/QLpffbBa
d8oQxRjs8Ov376hQhePUU6xrNweGs6g52ZtEwPOdBYKTpdjo9To/Hx4GwjLVVqyK
Pep8eeWu+5nuRj/7yH7gsBxrcXPfidg0Ghnf0BYtHq3sPl4M1M3QWOQXgGLsJn3j
5qn1yZ1cAXDNt+V27hH4PKp/59oHloB59kT4XwPv4Y0xkuzIyYuQZyYSdhVoJC5N
TNOfou+uyMKLLZ5GRUkh6NelsGeS2WliGUsCAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBQkqst8Ms6SyVM90XEEX37fEM58ajAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj
QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2
L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi9KS3JMZkRMT2tzbFRQ
ZEZ4QkY5LTN4RE9mR28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ3bQMA0GCSqGSIb3DQEBCwUAA4IBAQAvRo5g7y23AFHF/rt0sWW9xk/Z4Rm3
que4h/jtgtZN4fiHtvHREaN5KFMEelMYY9G02FZp1CvAC2JdyyzsODDxJmqXOVCd
Rtsfi3K8nwpemXAHrOUoOMWS+Sl3eXHmGIV++P2oD26qA06iJ+hu1XTAPCRllQWh
MX/vw6bVI/7xv9r8GSTY9vTKS+KpsyV8VxDfy0An6rhnxZ9yokHaQ4p0GEkYWLVd
X0Zd/H1rfaUn3kHC7UyKTTK3MoE26U5bZzPg4WzIcEdKCpUW12C8Utlxz92i8/jt
kxvxua2tz2bKWdURQHwycW6tlHL19vNuAtgoupgRZ8hZpvmdoYT1UZN3
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:18:46 2025 by rpki-client