Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3146/5ZhYonZWF6UpfWYWQVUXPqifwQI.roa
File: 5ZhYonZWF6UpfWYWQVUXPqifwQI.roa (raw, json)
Hash identifier: bmZ6Rph2bMW9NufuEE/7yqvrLx3PWEO6FMdcW1JmeyE=
Subject key identifier: E5:98:58:A2:76:56:17:A5:29:7D:66:16:41:55:17:3E:A8:9F:C1:02
Certificate issuer: /CN=C1DE29DF9ECB8BDACBFBE1FDDB86DF296B6908EB
Certificate serial: 3031
Authority key identifier: C1:DE:29:DF:9E:CB:8B:DA:CB:FB:E1:FD:DB:86:DF:29:6B:69:08:EB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wd4p357Li9rL--H924bfKWtpCOs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3146/5ZhYonZWF6UpfWYWQVUXPqifwQI.roa
Signing time: Wed 09 Apr 2025 20:06:35 +0000
ROA not before: Wed 09 Apr 2025 20:06:35 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 151492
IP address blocks: 103.186.136.0/24 maxlen: 24
103.186.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12337 (0x3031)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C1DE29DF9ECB8BDACBFBE1FDDB86DF296B6908EB
Validity
Not Before: Apr 9 20:06:35 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E59858A2765617A5297D66164155173EA89FC102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:92:76:0c:39:87:36:de:21:1f:d1:c3:04:ea:
fb:ac:e9:21:04:35:ee:09:0b:2e:6e:fd:ba:f8:11:
46:78:a7:2b:6e:66:65:9b:d0:2f:f1:9f:61:c6:f0:
23:37:55:d6:bf:00:95:cf:29:17:47:d3:66:0a:82:
36:f6:93:78:8f:31:8a:bc:c1:02:57:e8:51:a8:73:
ec:0f:e5:bb:0c:20:05:f8:57:25:50:ae:60:cc:93:
f2:ad:37:aa:e8:7c:6c:aa:c0:2f:fb:52:ee:31:74:
74:14:d3:f0:ba:2a:28:a5:33:b8:a5:e9:4a:43:c1:
04:41:01:16:55:73:2d:7e:d3:76:ff:d6:fd:5b:fe:
46:a9:6f:d6:d7:9d:99:3a:3a:45:80:30:6e:42:a6:
1f:51:59:d5:53:7e:e7:7e:98:67:a7:8e:e7:23:3a:
27:22:0a:37:ee:68:89:29:d5:29:1e:d2:b3:b3:dc:
33:bd:0b:ee:69:b6:4e:3f:c3:18:39:a3:f4:47:45:
53:45:22:fe:e7:85:e0:fc:9b:68:8c:e5:4c:8e:83:
06:5b:6f:54:f8:08:df:9b:d8:57:1a:96:f7:4c:c8:
a2:a1:d1:61:41:79:9b:7c:db:c1:54:97:76:30:9d:
f7:85:42:0c:08:01:88:22:f9:61:0a:f3:07:d5:23:
82:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:98:58:A2:76:56:17:A5:29:7D:66:16:41:55:17:3E:A8:9F:C1:02
X509v3 Authority Key Identifier:
keyid:C1:DE:29:DF:9E:CB:8B:DA:CB:FB:E1:FD:DB:86:DF:29:6B:69:08:EB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3146/wd4p357Li9rL--H924bfKWtpCOs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wd4p357Li9rL--H924bfKWtpCOs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3146/5ZhYonZWF6UpfWYWQVUXPqifwQI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.136.0/23
Signature Algorithm: sha256WithRSAEncryption
84:d1:2b:99:3a:89:51:9b:a3:23:1d:10:16:89:c1:e9:76:43:
71:8d:84:42:bb:58:4a:ba:41:03:b3:4d:01:73:ca:6f:31:b5:
95:2e:ea:f0:f8:e4:e5:d5:58:0e:49:14:c8:a3:f7:e3:4f:1a:
5f:94:8e:1e:b4:3a:28:94:cc:23:6f:e8:ca:63:58:a3:60:e9:
d2:d6:48:f0:82:45:71:4e:be:cf:dd:78:cd:7a:ec:0b:2d:3e:
dd:69:06:01:aa:8b:50:5c:25:2a:bf:e9:5a:83:43:df:fe:8e:
dd:66:03:c6:fa:e8:31:92:5f:49:f3:87:30:a5:54:22:9c:b7:
2a:5a:ae:73:48:42:60:61:f9:cd:f8:de:99:27:0d:5d:38:c5:
0a:23:a1:4f:67:9e:f8:af:a8:ee:50:df:26:84:66:17:9f:63:
b7:8b:02:74:d3:1a:91:03:ef:86:d4:b2:75:4f:91:1e:69:83:
43:35:fc:21:8b:2d:2c:ff:cd:83:a3:c4:45:a3:ce:2a:98:0b:
7e:d4:6f:60:11:82:24:68:a4:99:71:02:ad:f1:05:56:3d:a4:
4b:7e:aa:b6:0a:c0:ae:53:ef:b9:d3:2e:58:4c:2d:ec:83:ea:
fc:f8:e2:22:ca:0e:9a:b5:ea:36:89:9d:d5:b7:db:46:00:8e:
9b:5a:c8:dc
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICMDEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzFE
RTI5REY5RUNCOEJEQUNCRkJFMUZEREI4NkRGMjk2QjY5MDhFQjAeFw0yNTA0MDky
MDA2MzVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU1OTg1OEEyNzY1NjE3
QTUyOTdENjYxNjQxNTUxNzNFQTg5RkMxMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJknYMOYc23iEf0cME6vus6SEENe4JCy5u/br4EUZ4pytuZmWb
0C/xn2HG8CM3Vda/AJXPKRdH02YKgjb2k3iPMYq8wQJX6FGoc+wP5bsMIAX4VyVQ
rmDMk/KtN6rofGyqwC/7Uu4xdHQU0/C6KiilM7il6UpDwQRBARZVcy1+03b/1v1b
/kapb9bXnZk6OkWAMG5Cph9RWdVTfud+mGenjucjOiciCjfuaIkp1Ske0rOz3DO9
C+5ptk4/wxg5o/RHRVNFIv7nheD8m2iM5UyOgwZbb1T4CN+b2FcalvdMyKKh0WFB
eZt828FUl3YwnfeFQgwIAYgi+WEK8wfVI4IZAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU5ZhYonZWF6UpfWYWQVUXPqifwQIwHwYDVR0jBBgwFoAUwd4p357Li9rL++H9
24bfKWtpCOswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE0
Ni93ZDRwMzU3TGk5ckwtLUg5MjRiZktXdHBDT3MuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3dkNHAzNTdMaTlyTC0tSDkyNGJmS1d0cENPcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNDYvNVpoWW9uWldGNlVw
ZldZV1FWVVhQcWlmd1FJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWe6iDANBgkqhkiG9w0BAQsFAAOCAQEAhNErmTqJUZujIx0QFonB6XZDcY2E
QrtYSrpBA7NNAXPKbzG1lS7q8Pjk5dVYDkkUyKP3408aX5SOHrQ6KJTMI2/oymNY
o2Dp0tZI8IJFcU6+z914zXrsCy0+3WkGAaqLUFwlKr/pWoND3/6O3WYDxvroMZJf
SfOHMKVUIpy3Klquc0hCYGH5zfjemScNXTjFCiOhT2ee+K+o7lDfJoRmF59jt4sC
dNMakQPvhtSydU+RHmmDQzX8IYstLP/Ng6PERaPOKpgLftRvYBGCJGikmXECrfEF
Vj2kS36qtgrArlPvudMuWEwt7IPq/PjiIsoOmrXqNomd1bfbRgCOm1rI3A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:19:19 2025 by rpki-client