Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/hgUkPaTf7AJa9TrpOmBXCfGzeZ8.roa
File: hgUkPaTf7AJa9TrpOmBXCfGzeZ8.roa (raw, json)
Hash identifier: 89L4j1I6IApmu74aQKyWEvabP5RLHdBOorMrPQAZtuo=
Subject key identifier: 86:05:24:3D:A4:DF:EC:02:5A:F5:3A:E9:3A:60:57:09:F1:B3:79:9F
Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Certificate serial: 45
Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/hgUkPaTf7AJa9TrpOmBXCfGzeZ8.roa
Signing time: Thu 17 Apr 2025 11:45:22 +0000
ROA not before: Thu 17 Apr 2025 11:45:22 +0000
ROA not after: Wed 15 Apr 2026 09:08:30 +0000
asID: 138968
IP address blocks: 103.114.72.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69 (0x45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Validity
Not Before: Apr 17 11:45:22 2025 GMT
Not After : Apr 15 09:08:30 2026 GMT
Subject: CN=8605243DA4DFEC025AF53AE93A605709F1B3799F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:74:10:65:00:cb:ed:a9:b7:c0:54:a8:40:cb:
16:3a:70:9b:1a:5e:6b:71:60:ca:0f:2e:84:8c:ef:
da:99:b7:6a:4b:7c:81:04:91:56:ea:4a:be:5b:53:
08:1d:52:3e:45:c3:f9:05:7d:3d:44:f7:87:8f:ec:
18:97:44:5b:a1:fc:d3:88:ea:82:41:8e:a6:13:d7:
7d:1a:0c:25:b0:8a:e3:96:33:90:24:3b:4e:d6:c3:
4b:b7:12:42:98:ef:df:3a:66:bf:90:e8:39:27:47:
64:d3:2f:17:59:11:c6:5a:99:97:65:9e:6e:cc:eb:
e6:a0:df:37:e9:3e:0b:63:a4:df:01:83:cc:bd:cd:
44:1f:f5:06:4b:f4:e8:d1:48:7b:ec:c8:54:0c:e1:
b6:e8:eb:5d:9e:dc:ff:b7:89:70:b6:26:17:65:f0:
35:58:8d:98:bd:de:5e:81:bf:84:86:4a:aa:6d:ae:
f8:aa:69:fe:b0:05:45:5a:88:9d:b4:b8:1e:32:c4:
20:98:3f:71:7e:00:96:e3:0c:74:2b:08:4e:c7:c7:
15:a6:3e:7e:91:87:31:74:43:16:60:20:c7:4c:8e:
eb:c5:43:4d:f5:b5:40:c8:80:29:75:28:e3:b0:63:
8d:96:cc:e6:80:7e:54:58:68:4c:0a:56:ae:13:45:
fb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:05:24:3D:A4:DF:EC:02:5A:F5:3A:E9:3A:60:57:09:F1:B3:79:9F
X509v3 Authority Key Identifier:
keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/hgUkPaTf7AJa9TrpOmBXCfGzeZ8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.114.72.0/22
Signature Algorithm: sha256WithRSAEncryption
52:dd:69:a7:74:44:19:d5:82:8b:e4:b9:65:b2:73:f6:cd:21:
4d:6a:64:0b:c5:98:19:c3:c5:e8:a0:30:94:a4:44:1e:9d:31:
86:09:64:df:d4:e1:63:6d:da:7f:e4:72:db:23:5b:17:f0:22:
91:dd:c1:3f:61:62:b5:3d:f3:c3:a1:64:6a:2c:86:b1:0d:09:
0a:d3:5a:de:d4:fe:d3:ea:2d:61:1b:6b:4e:92:95:22:40:2d:
b6:3c:6e:36:53:05:03:55:6f:1f:56:3a:d4:ea:0b:38:86:40:
8e:5e:36:4a:9e:2a:66:d9:83:f3:91:5c:f0:8d:52:4c:11:d7:
f0:da:65:5f:1a:8a:c9:b8:f8:99:ed:66:70:bd:f9:af:43:64:
8f:4b:c3:7f:5a:c3:b9:b9:75:7f:c3:8d:7f:a0:f9:fa:86:04:
01:ef:76:c9:19:a9:1b:1e:1e:85:50:5b:c2:48:fb:47:a6:87:
4a:33:1e:fc:de:15:04:d5:cf:fb:c2:d4:56:bf:93:d0:9b:59:
40:89:b7:79:f2:af:ae:45:1b:3e:12:dc:c0:52:47:3e:5d:f0:
40:7d:09:6b:2f:25:97:e7:a1:9f:d9:3c:cf:73:08:71:30:82:
5d:5a:fb:26:1f:32:c9:c2:bc:59:d1:c9:29:2a:c6:f5:aa:cb:
15:3c:a4:82
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzOUVF
ODUyRkUxMzhDREVEQzVCNDJEMTFBMzQyOTVEMTA5QUQ0OTI1MB4XDTI1MDQxNzEx
NDUyMloXDTI2MDQxNTA5MDgzMFowMzExMC8GA1UEAxMoODYwNTI0M0RBNERGRUMw
MjVBRjUzQUU5M0E2MDU3MDlGMUIzNzk5RjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMp0EGUAy+2pt8BUqEDLFjpwmxpea3Fgyg8uhIzv2pm3akt8gQSR
VupKvltTCB1SPkXD+QV9PUT3h4/sGJdEW6H804jqgkGOphPXfRoMJbCK45YzkCQ7
TtbDS7cSQpjv3zpmv5DoOSdHZNMvF1kRxlqZl2Webszr5qDfN+k+C2Ok3wGDzL3N
RB/1Bkv06NFIe+zIVAzhtujrXZ7c/7eJcLYmF2XwNViNmL3eXoG/hIZKqm2u+Kpp
/rAFRVqInbS4HjLEIJg/cX4AluMMdCsITsfHFaY+fpGHMXRDFmAgx0yO68VDTfW1
QMiAKXUo47BjjZbM5oB+VFhoTApWrhNF+08CAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBSGBSQ9pN/sAlr1Ouk6YFcJ8bN5nzAfBgNVHSMEGDAWgBQ57oUv4TjN7cW0LRGj
QpXRCa1JJTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNzE2
L09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvT2U2RkwtRTR6ZTNGdEMwUm8wS1YwUW10U1NVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcxNi9oZ1VrUGFUZjdBSmE5
VHJwT21CWENmR3plWjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ3JIMA0GCSqGSIb3DQEBCwUAA4IBAQBS3WmndEQZ1YKL5LllsnP2zSFNamQL
xZgZw8XooDCUpEQenTGGCWTf1OFjbdp/5HLbI1sX8CKR3cE/YWK1PfPDoWRqLIax
DQkK01re1P7T6i1hG2tOkpUiQC22PG42UwUDVW8fVjrU6gs4hkCOXjZKnipm2YPz
kVzwjVJMEdfw2mVfGorJuPiZ7WZwvfmvQ2SPS8N/WsO5uXV/w41/oPn6hgQB73bJ
GakbHh6FUFvCSPtHpodKMx783hUE1c/7wtRWv5PQm1lAibd58q+uRRs+EtzAUkc+
XfBAfQlrLyWX56Gf2TzPcwhxMIJdWvsmHzLJwrxZ0ckpKsb1qssVPKSC
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:06:59 2025 by rpki-client