Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3146/sI25Zs0z7Ndjpzv9qrpMbpXHlog.roa
File: sI25Zs0z7Ndjpzv9qrpMbpXHlog.roa (raw, json)
Hash identifier: 6xA/jY7M43amAodbNzilwmehG0BZSp29tcdW5JEvOPI=
Subject key identifier: B0:8D:B9:66:CD:33:EC:D7:63:A7:3B:FD:AA:BA:4C:6E:95:C7:96:88
Certificate issuer: /CN=5F478F43F0AF8FEACCB81EDC7A9C76143180C9AB
Certificate serial: 0A0F
Authority key identifier: 5F:47:8F:43:F0:AF:8F:EA:CC:B8:1E:DC:7A:9C:76:14:31:80:C9:AB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/X0ePQ_Cvj-rMuB7cepx2FDGAyas.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3146/sI25Zs0z7Ndjpzv9qrpMbpXHlog.roa
Signing time: Wed 20 Sep 2023 06:51:17 +0000
ROA not before: Wed 20 Sep 2023 06:51:17 +0000
ROA not after: Sat 06 Jan 2024 08:35:17 +0000
asID: 151492
IP address blocks: 103.186.136.0/24 maxlen: 24
103.186.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2575 (0xa0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5F478F43F0AF8FEACCB81EDC7A9C76143180C9AB
Validity
Not Before: Sep 20 06:51:17 2023 GMT
Not After : Jan 6 08:35:17 2024 GMT
Subject: CN=B08DB966CD33ECD763A73BFDAABA4C6E95C79688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:50:6e:65:a3:f1:7d:bc:54:1d:2b:ca:cb:92:
51:f6:1a:0b:55:a0:04:bb:fa:cd:e6:a7:f8:ba:0f:
02:fa:cc:54:97:da:b5:fb:04:6b:57:42:e3:76:8e:
e4:26:e9:ac:fc:0b:ec:f1:7c:81:da:64:50:f6:79:
ca:15:b4:81:ef:43:7d:52:a7:2b:ef:3d:80:0c:9b:
a1:e7:de:3c:18:df:b1:02:b4:6d:a9:7b:3d:24:a1:
71:c8:32:e8:44:f0:9a:b2:e2:27:bd:70:2a:5b:7c:
b3:2d:71:7f:8c:f5:3f:5e:27:ab:5a:6d:cf:8d:c8:
98:40:6d:12:4e:09:18:41:9f:ee:75:e8:c9:1f:93:
72:ef:12:50:10:d9:0c:ff:d9:4b:ba:7d:a5:4c:8e:
e2:c4:1d:44:51:56:41:12:e8:61:a3:5b:d6:f0:09:
02:63:30:8c:5b:33:55:e5:04:e9:5b:72:ad:92:78:
fe:45:c2:a5:b6:65:17:ee:12:c5:cb:30:0b:36:95:
f4:ad:05:e9:5f:a7:c0:dd:d8:7c:b6:b3:e7:38:19:
6f:33:5e:f3:a3:02:2b:4a:38:40:34:9d:97:58:2c:
9e:d2:d1:fb:37:11:06:18:96:23:ef:d2:55:49:ec:
16:eb:f7:3e:8d:8a:9f:15:03:f6:a0:de:ea:7c:bb:
99:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:8D:B9:66:CD:33:EC:D7:63:A7:3B:FD:AA:BA:4C:6E:95:C7:96:88
X509v3 Authority Key Identifier:
keyid:5F:47:8F:43:F0:AF:8F:EA:CC:B8:1E:DC:7A:9C:76:14:31:80:C9:AB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3146/X0ePQ_Cvj-rMuB7cepx2FDGAyas.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/X0ePQ_Cvj-rMuB7cepx2FDGAyas.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3146/sI25Zs0z7Ndjpzv9qrpMbpXHlog.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.186.136.0/23
Signature Algorithm: sha256WithRSAEncryption
29:28:f5:0b:43:d1:36:fd:12:a4:1a:cc:d1:d6:95:1d:b7:db:
0f:c1:fb:b0:74:f4:ef:52:77:2b:96:00:44:29:de:65:d4:5e:
ee:a2:cd:40:45:ed:5a:5e:95:70:e4:df:3b:1e:54:2a:f8:27:
84:22:f1:38:b9:af:61:88:8c:3a:33:c8:f2:c8:8c:99:08:93:
f6:3d:72:68:53:48:14:02:f7:f7:79:c0:3f:11:91:13:7f:07:
b7:1f:f5:67:1e:6c:cd:13:73:49:ad:e8:87:e7:54:a1:98:b8:
47:ef:6e:fa:d8:68:e3:6c:ed:06:3b:ca:1f:ec:f8:87:33:79:
c3:c2:f2:8d:a0:64:6a:b8:da:2e:eb:02:d8:24:29:63:ca:37:
3e:cb:16:c7:02:b8:18:b6:f8:40:26:93:cc:54:9d:57:4f:b4:
35:38:d8:0f:48:90:c8:56:37:44:90:ab:35:d8:29:01:26:48:
67:46:fd:ae:f5:95:e0:7c:35:bf:cb:1d:d0:95:4e:f4:e4:88:
1c:de:b3:a6:64:d3:91:7d:25:0b:7d:e5:23:4e:41:b1:0c:6e:
7f:d8:ba:85:f4:96:2b:c0:e2:3f:c3:2b:95:dd:1c:c9:21:12:
07:3f:32:ce:6b:ba:23:fb:30:ee:92:34:0f:95:53:4a:2a:2a:
7b:8d:31:7c
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCg8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUY0
NzhGNDNGMEFGOEZFQUNDQjgxRURDN0E5Qzc2MTQzMTgwQzlBQjAeFw0yMzA5MjAw
NjUxMTdaFw0yNDAxMDYwODM1MTdaMDMxMTAvBgNVBAMTKEIwOERCOTY2Q0QzM0VD
RDc2M0E3M0JGREFBQkE0QzZFOTVDNzk2ODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMUG5lo/F9vFQdK8rLklH2GgtVoAS7+s3mp/i6DwL6zFSX2rX7
BGtXQuN2juQm6az8C+zxfIHaZFD2ecoVtIHvQ31SpyvvPYAMm6Hn3jwY37ECtG2p
ez0koXHIMuhE8Jqy4ie9cCpbfLMtcX+M9T9eJ6tabc+NyJhAbRJOCRhBn+516Mkf
k3LvElAQ2Qz/2Uu6faVMjuLEHURRVkES6GGjW9bwCQJjMIxbM1XlBOlbcq2SeP5F
wqW2ZRfuEsXLMAs2lfStBelfp8Dd2Hy2s+c4GW8zXvOjAitKOEA0nZdYLJ7S0fs3
EQYYliPv0lVJ7Bbr9z6Nip8VA/ag3up8u5kHAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUsI25Zs0z7Ndjpzv9qrpMbpXHlogwHwYDVR0jBBgwFoAUX0ePQ/Cvj+rMuB7c
epx2FDGAyaswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE0
Ni9YMGVQUV9Ddmotck11QjdjZXB4MkZER0F5YXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1gwZVBRX0N2ai1yTXVCN2NlcHgyRkRHQXlhcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNDYvc0kyNVpzMHo3TmRq
cHp2OXFycE1icFhIbG9nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWe6iDANBgkqhkiG9w0BAQsFAAOCAQEAKSj1C0PRNv0SpBrM0daVHbfbD8H7
sHT071J3K5YARCneZdRe7qLNQEXtWl6VcOTfOx5UKvgnhCLxOLmvYYiMOjPI8siM
mQiT9j1yaFNIFAL393nAPxGRE38Htx/1Zx5szRNzSa3oh+dUoZi4R+9u+tho42zt
BjvKH+z4hzN5w8LyjaBkarjaLusC2CQpY8o3PssWxwK4GLb4QCaTzFSdV0+0NTjY
D0iQyFY3RJCrNdgpASZIZ0b9rvWV4Hw1v8sd0JVO9OSIHN6zpmTTkX0lC33lI05B
sQxuf9i6hfSWK8DiP8Mrld0cySESBz8yzmu6I/sw7pI0D5VTSioqe40xfA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:41:46 2025 by rpki-client