Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/NsbCEa64x9q_6tQPZtvj5yJj3pk.roa
File: NsbCEa64x9q_6tQPZtvj5yJj3pk.roa (raw, json)
Hash identifier: OgIqbmTXB7uKzK3DD1gCM5JX/Sbxwqebf83YF00QKWQ=
Subject key identifier: 36:C6:C2:11:AE:B8:C7:DA:BF:EA:D4:0F:66:DB:E3:E7:22:63:DE:99
Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Certificate serial: 59
Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/NsbCEa64x9q_6tQPZtvj5yJj3pk.roa
Signing time: Fri 18 Apr 2025 01:19:35 +0000
ROA not before: Fri 18 Apr 2025 01:19:35 +0000
ROA not after: Wed 15 Apr 2026 09:08:30 +0000
asID: 134823
IP address blocks: 103.216.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89 (0x59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Validity
Not Before: Apr 18 01:19:35 2025 GMT
Not After : Apr 15 09:08:30 2026 GMT
Subject: CN=36C6C211AEB8C7DABFEAD40F66DBE3E72263DE99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c4:f0:f6:18:ea:ec:b4:97:5a:df:55:38:bc:
39:7c:f0:ff:9e:36:3d:5b:18:71:75:57:dc:e0:52:
33:4d:8d:60:b9:3f:a4:71:a3:63:12:8d:a6:a1:af:
6b:3c:c9:5a:c5:e3:1e:ef:cb:93:29:69:0c:ee:15:
9a:da:e2:9f:05:4c:f8:59:2c:9b:6a:41:35:b9:aa:
db:76:7c:fc:55:ac:cb:3d:bd:9a:fe:05:56:6f:0f:
a6:36:3f:c1:74:cb:28:34:40:0f:4e:af:ed:e5:82:
13:cb:2d:cf:80:66:41:43:98:13:39:f0:30:7e:db:
62:af:2b:f4:9c:49:e3:69:01:6d:d9:c3:f8:b4:d7:
f0:87:6c:2c:60:f9:5c:d2:85:6c:1d:c0:30:09:d9:
ea:56:64:68:80:ad:1c:85:9e:da:1c:79:7e:b9:cb:
14:fa:cc:39:e6:c8:4c:96:6f:f6:a1:30:83:09:27:
75:b8:62:fb:93:ae:a6:b5:31:c8:21:c9:b1:a9:50:
bd:5a:00:5e:b5:de:27:f8:cc:63:a0:7c:ad:5f:ed:
01:ba:90:6b:d2:a4:3d:7e:d9:fe:30:d7:64:7b:ac:
e3:29:ac:21:b6:52:36:58:0c:12:1e:ee:fa:05:75:
d6:da:98:25:b1:87:02:aa:3e:47:48:2e:80:f4:e1:
13:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:C6:C2:11:AE:B8:C7:DA:BF:EA:D4:0F:66:DB:E3:E7:22:63:DE:99
X509v3 Authority Key Identifier:
keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/NsbCEa64x9q_6tQPZtvj5yJj3pk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.216.228.0/22
Signature Algorithm: sha256WithRSAEncryption
67:31:9b:2a:76:52:2a:da:74:82:d6:46:89:3d:7b:9a:8e:1e:
69:e3:22:b3:6f:08:b4:a9:71:56:69:69:4b:a4:da:9c:8d:a8:
6a:72:cf:fb:4a:be:59:1a:b6:6b:52:18:eb:01:22:ec:63:29:
2b:d5:34:8f:f4:f6:e4:e4:3d:c3:68:fd:4e:0f:63:d5:6d:be:
ca:8b:09:90:d8:a3:72:a4:3d:ed:7a:85:d9:7f:6e:f8:79:87:
8f:4b:29:1a:20:e2:99:a1:fd:10:12:19:4d:a9:6a:0e:6e:88:
42:3d:50:66:b4:6a:55:c3:b2:97:d1:dc:f1:e9:67:48:dd:9e:
95:0b:f1:6c:f7:71:f3:b0:f5:08:33:40:9e:f4:ff:c3:25:0d:
95:21:b3:2b:b9:a7:f4:5a:43:f7:0b:31:da:96:a4:f7:ca:ca:
3c:1f:78:45:f9:17:46:e6:a1:76:4f:03:fd:da:69:07:2f:66:
e2:9e:90:e5:5e:64:43:61:e6:a6:6e:b7:c5:4e:ac:16:e2:b2:
20:52:dd:39:70:b0:49:8d:41:bf:1e:ed:b5:87:ca:16:b3:6c:
24:1c:1e:58:db:47:4b:a7:ac:69:84:90:17:9f:d7:cd:9b:bd:
91:5f:af:ed:c3:88:88:46:87:ec:2e:97:55:2a:0b:7d:f8:9b:
21:3f:76:be
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF
ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQxODAx
MTkzNVoXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoMzZDNkMyMTFBRUI4QzdE
QUJGRUFENDBGNjZEQkUzRTcyMjYzREU5OTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMLE8PYY6uy0l1rfVTi8OXzw/542PVsYcXVX3OBSM02NYLk/pHGj
YxKNpqGvazzJWsXjHu/LkylpDO4VmtrinwVM+Fksm2pBNbmq23Z8/FWsyz29mv4F
Vm8PpjY/wXTLKDRAD06v7eWCE8stz4BmQUOYEznwMH7bYq8r9JxJ42kBbdnD+LTX
8IdsLGD5XNKFbB3AMAnZ6lZkaICtHIWe2hx5frnLFPrMOebITJZv9qEwgwkndbhi
+5OuprUxyCHJsalQvVoAXrXeJ/jMY6B8rV/tAbqQa9KkPX7Z/jDXZHus4ymsIbZS
NlgMEh7u+gV11tqYJbGHAqo+R0gugPThE4sCAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBQ2xsIRrrjH2r/q1A9m2+PnImPemTAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj
QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2
L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi9Oc2JDRWE2NHg5cV82
dFFQWnR2ajV5SmozcGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ9jkMA0GCSqGSIb3DQEBCwUAA4IBAQBnMZsqdlIq2nSC1kaJPXuajh5p4yKz
bwi0qXFWaWlLpNqcjahqcs/7Sr5ZGrZrUhjrASLsYykr1TSP9Pbk5D3DaP1OD2PV
bb7KiwmQ2KNypD3teoXZf274eYePSykaIOKZof0QEhlNqWoObohCPVBmtGpVw7KX
0dzx6WdI3Z6VC/Fs93HzsPUIM0Ce9P/DJQ2VIbMruaf0WkP3CzHalqT3yso8H3hF
+RdG5qF2TwP92mkHL2binpDlXmRDYeambrfFTqwW4rIgUt05cLBJjUG/Hu21h8oW
s2wkHB5Y20dLp6xphJAXn9fNm72RX6/tw4iIRofsLpdVKgt9+JshP3a+
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:08:19 2025 by rpki-client