Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/313/7g0fU3xP2uqmrbUYyVuNhBjLyRQ.roa
File: 7g0fU3xP2uqmrbUYyVuNhBjLyRQ.roa (raw, json)
Hash identifier: 3ZocFjyPBsMlg7aWOeOicGLiXT9D+mIhvW7YUYScKbc=
Subject key identifier: EE:0D:1F:53:7C:4F:DA:EA:A6:AD:B5:18:C9:5B:8D:84:18:CB:C9:14
Certificate issuer: /CN=F5EB8FCA98FE5332275BA94D85E69397956CBE47
Certificate serial: 1DAF
Authority key identifier: F5:EB:8F:CA:98:FE:53:32:27:5B:A9:4D:85:E6:93:97:95:6C:BE:47
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9euPypj-UzInW6lNheaTl5Vsvkc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/313/7g0fU3xP2uqmrbUYyVuNhBjLyRQ.roa
Signing time: Sat 26 Apr 2025 04:18:32 +0000
ROA not before: Sat 26 Apr 2025 04:18:32 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 38365
IP address blocks: 101.247.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7599 (0x1daf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F5EB8FCA98FE5332275BA94D85E69397956CBE47
Validity
Not Before: Apr 26 04:18:32 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=EE0D1F537C4FDAEAA6ADB518C95B8D8418CBC914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:73:ae:98:2d:4f:e3:56:fd:c0:b7:58:44:60:
3e:9d:38:52:94:62:5b:7a:1a:b8:03:7b:4b:0c:15:
a3:64:71:7c:02:d0:66:97:39:6f:bc:dc:d3:02:b1:
ab:0d:88:53:74:d2:c4:d1:7f:44:54:f1:eb:e1:0a:
89:2b:b2:ed:87:0e:96:25:51:c3:ea:d8:13:e8:6a:
ec:81:d8:05:16:2d:a3:39:60:d7:1c:bf:ea:94:59:
18:58:88:ea:39:db:c1:52:1d:aa:d7:be:a4:c2:28:
2c:1e:fa:ef:f0:af:a5:92:4e:99:70:df:0e:86:ac:
ba:19:be:b0:c7:ba:da:74:8b:58:9d:bf:15:b4:8d:
58:3c:7a:56:5b:74:6d:13:7b:a8:c4:86:d9:72:36:
e5:c8:58:b4:b1:70:e8:44:99:11:87:80:c6:1c:a7:
54:b5:44:34:b1:95:f7:05:87:14:a9:c8:10:b0:77:
85:e5:70:21:cd:55:d5:de:e6:db:dc:e0:9e:e1:d5:
8a:df:ce:33:71:ce:bb:df:cb:f4:09:6d:17:67:28:
20:0a:75:84:be:f8:71:fc:f4:33:4f:e5:da:57:e5:
bc:ed:03:b8:8d:d3:93:4f:a8:d1:63:56:d0:07:0b:
26:55:ff:20:be:1b:66:b4:dd:43:ae:75:7d:98:32:
da:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:0D:1F:53:7C:4F:DA:EA:A6:AD:B5:18:C9:5B:8D:84:18:CB:C9:14
X509v3 Authority Key Identifier:
keyid:F5:EB:8F:CA:98:FE:53:32:27:5B:A9:4D:85:E6:93:97:95:6C:BE:47
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/313/9euPypj-UzInW6lNheaTl5Vsvkc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9euPypj-UzInW6lNheaTl5Vsvkc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/313/7g0fU3xP2uqmrbUYyVuNhBjLyRQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.247.0.0/17
Signature Algorithm: sha256WithRSAEncryption
39:42:0d:37:d6:86:ca:29:b4:df:0b:68:01:91:9c:f0:db:8e:
45:c5:79:5b:f2:9d:7b:7f:37:c6:cd:17:6c:fa:e4:78:08:10:
fd:6e:af:44:6f:60:78:aa:7f:fd:a8:84:a5:7c:10:66:6f:7d:
16:49:f8:ef:3d:c8:1d:3b:13:91:ad:aa:58:c8:f4:96:66:96:
14:3e:23:10:80:44:47:a7:94:e0:8b:09:f0:a5:bf:39:3a:9d:
8d:92:ae:78:42:5a:21:5d:55:82:b1:f9:f4:db:d4:93:3f:5c:
56:b2:71:79:19:af:81:82:12:8d:22:68:80:73:7e:c9:0a:e3:
bf:d5:4d:4e:48:6c:e7:68:de:69:2f:19:96:18:bd:d9:0e:c5:
4c:1c:8c:f0:b9:02:68:2d:cf:e0:86:52:b6:91:a5:60:27:6b:
39:e6:bc:50:a2:ba:52:56:e0:a6:cf:dd:86:22:81:74:cc:2d:
bc:e1:6a:4f:92:62:18:21:02:0a:87:0a:9c:73:c0:47:fe:c2:
98:47:94:38:f9:8c:11:06:10:23:aa:d3:9d:9c:79:c8:af:67:
b7:3b:30:c7:98:ce:fa:5c:ed:9e:39:4b:a5:38:b1:6a:91:76:
93:a8:12:21:45:d2:26:af:6b:86:90:e4:d5:69:47:c3:d1:3b:
e5:1a:f5:35
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHa8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjVF
QjhGQ0E5OEZFNTMzMjI3NUJBOTREODVFNjkzOTc5NTZDQkU0NzAeFw0yNTA0MjYw
NDE4MzJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEVFMEQxRjUzN0M0RkRB
RUFBNkFEQjUxOEM5NUI4RDg0MThDQkM5MTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDac66YLU/jVv3At1hEYD6dOFKUYlt6GrgDe0sMFaNkcXwC0GaX
OW+83NMCsasNiFN00sTRf0RU8evhCokrsu2HDpYlUcPq2BPoauyB2AUWLaM5YNcc
v+qUWRhYiOo528FSHarXvqTCKCwe+u/wr6WSTplw3w6GrLoZvrDHutp0i1idvxW0
jVg8elZbdG0Te6jEhtlyNuXIWLSxcOhEmRGHgMYcp1S1RDSxlfcFhxSpyBCwd4Xl
cCHNVdXe5tvc4J7h1YrfzjNxzrvfy/QJbRdnKCAKdYS++HH89DNP5dpX5bztA7iN
05NPqNFjVtAHCyZV/yC+G2a03UOudX2YMtoZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU7g0fU3xP2uqmrbUYyVuNhBjLyRQwHwYDVR0jBBgwFoAU9euPypj+UzInW6lN
heaTl5VsvkcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
LzlldVB5cGotVXpJblc2bE5oZWFUbDVWc3ZrYy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvOWV1UHlwai1VekluVzZsTmhlYVRsNVZzdmtjLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEzLzdnMGZVM3hQMnVxbXJi
VVl5VnVOaEJqTHlSUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAdl9wAwDQYJKoZIhvcNAQELBQADggEBADlCDTfWhsoptN8LaAGRnPDbjkXFeVvy
nXt/N8bNF2z65HgIEP1ur0RvYHiqf/2ohKV8EGZvfRZJ+O89yB07E5GtqljI9JZm
lhQ+IxCAREenlOCLCfClvzk6nY2SrnhCWiFdVYKx+fTb1JM/XFaycXkZr4GCEo0i
aIBzfskK47/VTU5IbOdo3mkvGZYYvdkOxUwcjPC5Amgtz+CGUraRpWAnaznmvFCi
ulJW4KbP3YYigXTMLbzhak+SYhghAgqHCpxzwEf+wphHlDj5jBEGECOq052ceciv
Z7c7MMeYzvpc7Z45S6U4sWqRdpOoEiFF0iava4aQ5NVpR8PRO+Ua9TU=
-----END CERTIFICATE-----
Generated at Mon Apr 28 23:08:43 2025 by rpki-client on console.sobornost.net