Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1826/L8mlWuT5Oirs_67BnixYQYhtQjU.roa
File: L8mlWuT5Oirs_67BnixYQYhtQjU.roa (raw, json)
Hash identifier: WAiFkUe3CyNLvHA0AV3WlyYG2Ppuo0qYajkZDdq0e4U=
Subject key identifier: 2F:C9:A5:5A:E4:F9:3A:2A:EC:FF:AE:C1:9E:2C:58:41:88:6D:42:35
Certificate issuer: /CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F
Certificate serial: 14C5
Authority key identifier: 75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/L8mlWuT5Oirs_67BnixYQYhtQjU.roa
Signing time: Sun 27 Apr 2025 09:29:38 +0000
ROA not before: Sun 27 Apr 2025 09:29:38 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 152320
IP address blocks: 103.223.120.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5317 (0x14c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F
Validity
Not Before: Apr 27 09:29:38 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=2FC9A55AE4F93A2AECFFAEC19E2C5841886D4235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0e:a0:40:9e:fa:e5:df:c3:00:86:35:25:0c:
6e:a7:46:b7:65:23:92:5d:aa:e7:6c:08:66:3e:07:
cf:8e:08:54:fa:80:2e:66:d6:ee:fd:a2:c4:dd:33:
50:16:b4:6c:28:aa:77:13:40:06:28:4a:42:5e:83:
21:7d:ea:7e:5b:e0:f8:0e:2b:4c:7a:91:95:10:a6:
4d:74:6c:47:1a:86:9c:0a:42:6c:35:e4:ed:bf:be:
ce:54:40:39:80:27:3a:6b:59:8c:e8:ef:91:9c:52:
47:5a:dd:d5:8c:fa:64:56:5d:7d:95:bd:06:90:8f:
32:11:25:79:84:77:51:29:15:9a:bc:c8:c5:0f:d9:
03:d1:71:26:36:17:e1:04:2e:64:ad:9d:80:b8:4b:
88:dc:4b:f2:da:e0:a5:ea:21:c0:8e:11:52:22:76:
24:a7:ec:e8:79:d5:48:63:74:28:14:4e:27:c5:1a:
bc:a6:47:ef:70:ad:67:d8:00:5d:e1:35:b9:84:4e:
27:77:98:18:2f:9f:f1:bb:b0:a2:4b:37:51:6e:c4:
cb:7a:ad:dd:a9:9b:f8:4e:d8:61:fe:8e:d6:b0:c9:
02:2e:5c:dc:5e:a1:80:ee:89:a4:21:2b:df:6a:e4:
81:a3:0b:6b:d7:9f:97:ce:4b:d4:8d:9b:32:20:5f:
c8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C9:A5:5A:E4:F9:3A:2A:EC:FF:AE:C1:9E:2C:58:41:88:6D:42:35
X509v3 Authority Key Identifier:
keyid:75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/L8mlWuT5Oirs_67BnixYQYhtQjU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.223.120.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:53:87:d3:55:50:92:8a:a2:40:ec:70:14:86:8c:92:04:6f:
3c:7c:30:7d:2b:84:29:0b:d3:ef:ef:a1:dc:be:7e:79:b8:85:
ce:78:54:1d:b3:f8:54:71:f6:54:73:6a:2f:07:9a:71:88:37:
bd:ec:60:47:ce:95:3f:e8:9b:02:19:d7:7c:a4:6c:8d:34:60:
b6:e0:5f:1f:b9:0c:3a:c6:5e:9c:95:31:fb:eb:12:33:97:3c:
60:1a:36:4b:61:d2:ad:71:10:03:c0:54:98:a0:74:93:cb:8e:
4e:a0:26:5d:5c:5f:b0:9d:7a:17:f4:fd:2a:c3:26:4d:d2:e5:
89:ad:24:76:ca:a4:76:67:07:22:83:75:66:f2:f8:e8:db:57:
ed:1a:7f:f9:d8:e6:cd:25:bf:5d:24:7b:f3:74:f4:5f:6c:4e:
f2:ed:54:07:ce:83:da:d2:09:f6:25:69:ca:85:26:39:d4:99:
6e:d8:cb:38:bf:b5:93:c8:3b:e6:9d:2f:c2:e1:99:79:8b:2d:
a7:b8:b6:32:e5:15:13:43:8c:76:73:d3:08:25:4f:88:5b:d4:
57:2b:26:a6:7e:db:8f:de:5f:e7:6a:be:e7:bc:2b:82:1e:46:
48:1b:11:62:b0:de:f9:7c:be:5b:66:6d:8b:9f:f2:45:26:a8:
ea:9c:cb:77
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzUz
MjREM0I4RjFENUVCQTU3NzBFNjYxRUUxNkFGMjRBNzUwNTU0RjAeFw0yNTA0Mjcw
OTI5MzhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDJGQzlBNTVBRTRGOTNB
MkFFQ0ZGQUVDMTlFMkM1ODQxODg2RDQyMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5DqBAnvrl38MAhjUlDG6nRrdlI5JdqudsCGY+B8+OCFT6gC5m
1u79osTdM1AWtGwoqncTQAYoSkJegyF96n5b4PgOK0x6kZUQpk10bEcahpwKQmw1
5O2/vs5UQDmAJzprWYzo75GcUkda3dWM+mRWXX2VvQaQjzIRJXmEd1EpFZq8yMUP
2QPRcSY2F+EELmStnYC4S4jcS/La4KXqIcCOEVIidiSn7Oh51UhjdCgUTifFGrym
R+9wrWfYAF3hNbmETid3mBgvn/G7sKJLN1FuxMt6rd2pm/hO2GH+jtawyQIuXNxe
oYDuiaQhK99q5IGjC2vXn5fOS9SNmzIgX8h9AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUL8mlWuT5Oirs/67BnixYQYhtQjUwHwYDVR0jBBgwFoAUdTJNO48dXrpXcOZh
7havJKdQVU8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgy
Ni9kVEpOTzQ4ZFhycFhjT1poN2hhdkpLZFFWVTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2RUSk5PNDhkWHJwWGNPWmg3aGF2SktkUVZVOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4MjYvTDhtbFd1VDVPaXJz
XzY3Qm5peFlRWWh0UWpVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmffeDANBgkqhkiG9w0BAQsFAAOCAQEAS1OH01VQkoqiQOxwFIaMkgRvPHww
fSuEKQvT7++h3L5+ebiFznhUHbP4VHH2VHNqLweacYg3vexgR86VP+ibAhnXfKRs
jTRgtuBfH7kMOsZenJUx++sSM5c8YBo2S2HSrXEQA8BUmKB0k8uOTqAmXVxfsJ16
F/T9KsMmTdLlia0kdsqkdmcHIoN1ZvL46NtX7Rp/+djmzSW/XSR783T0X2xO8u1U
B86D2tIJ9iVpyoUmOdSZbtjLOL+1k8g75p0vwuGZeYstp7i2MuUVE0OMdnPTCCVP
iFvUVysmpn7bj95f52q+57wrgh5GSBsRYrDe+Xy+W2Zti5/yRSao6pzLdw==
-----END CERTIFICATE-----
Generated at Mon Apr 28 23:08:31 2025 by rpki-client on console.sobornost.net