Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2075/JQh0YI1zlwjxJib2fxbt31XPM30.roa
File: JQh0YI1zlwjxJib2fxbt31XPM30.roa (raw, json)
Hash identifier: FhQhq4wFLmGrLGvzg9ibXbdanVTTSgBvjiIGrXPQfR8=
Subject key identifier: 25:08:74:60:8D:73:97:08:F1:26:26:F6:7F:16:ED:DF:55:CF:33:7D
Certificate issuer: /CN=E98A5958665F34A26A3DCAF94C63B33A07059A53
Certificate serial: 48F3
Authority key identifier: E9:8A:59:58:66:5F:34:A2:6A:3D:CA:F9:4C:63:B3:3A:07:05:9A:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6YpZWGZfNKJqPcr5TGOzOgcFmlM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/JQh0YI1zlwjxJib2fxbt31XPM30.roa
Signing time: Sat 15 Jun 2024 19:55:55 +0000
ROA not before: Sat 15 Jun 2024 19:55:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 131482
IP address blocks: 103.72.120.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18675 (0x48f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E98A5958665F34A26A3DCAF94C63B33A07059A53
Validity
Not Before: Jun 15 19:55:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=250874608D739708F12626F67F16EDDF55CF337D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:aa:c9:7c:05:8d:be:f0:78:c8:4b:a9:9f:1a:
7e:23:6d:46:0c:3e:6b:87:c0:f7:cf:e9:0b:6b:d1:
69:da:aa:cf:b2:57:bf:c2:6a:41:00:7a:da:68:08:
7e:9f:19:70:93:c1:d7:db:ba:b9:08:07:97:75:b6:
9b:58:86:3c:a3:0e:c6:b3:db:be:2f:e8:22:7c:28:
5c:ac:70:5e:37:b9:c8:49:24:8b:0a:c1:41:77:a5:
7f:b4:20:24:41:3f:2e:c0:d6:a3:e7:fc:8d:13:14:
ae:b3:9f:8f:68:be:e8:97:18:44:51:b8:da:01:2c:
42:8e:66:1c:6e:0f:0c:23:9e:7d:36:5f:eb:86:1b:
d9:9b:60:fb:f6:4a:51:7e:5a:3f:af:7b:a3:bc:70:
bd:ef:1a:fc:93:ba:be:56:35:da:e4:a5:d3:4d:7d:
0a:53:87:31:77:08:f6:17:5d:ff:8a:fe:48:fa:47:
28:0a:8a:c5:d9:8c:40:a3:6c:5e:79:68:f1:c9:e7:
db:cc:87:11:60:ee:aa:b8:2f:61:6d:a8:4b:d0:b0:
8d:5f:7d:e9:9f:8a:f8:8c:7c:5e:68:99:99:d5:2c:
81:ec:4d:08:af:89:bc:43:1b:7e:a6:66:67:55:8a:
c1:9e:01:fd:4b:36:0e:7d:9d:af:b9:3f:5d:5e:85:
b5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:08:74:60:8D:73:97:08:F1:26:26:F6:7F:16:ED:DF:55:CF:33:7D
X509v3 Authority Key Identifier:
keyid:E9:8A:59:58:66:5F:34:A2:6A:3D:CA:F9:4C:63:B3:3A:07:05:9A:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/6YpZWGZfNKJqPcr5TGOzOgcFmlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6YpZWGZfNKJqPcr5TGOzOgcFmlM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/JQh0YI1zlwjxJib2fxbt31XPM30.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.120.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:d9:1a:4a:c1:51:94:50:f5:e3:5b:3a:e8:6d:55:8b:a7:18:
a3:5c:85:c2:f8:2d:68:0f:a8:8e:e9:cf:a0:08:ba:87:88:b0:
c7:5c:db:3b:90:fa:b9:b8:f1:d5:97:4a:80:b9:8f:2c:e3:71:
29:6b:95:c8:eb:0f:1f:45:0c:d8:1e:c1:f1:79:c2:30:b1:10:
a8:8b:c1:5f:59:0f:6b:d4:dc:a8:b8:8d:e8:b8:1d:ee:8f:c0:
36:34:3b:90:5a:73:ea:fd:47:49:e2:96:ad:d6:b5:bc:f9:47:
c0:d6:05:75:c8:9f:32:0f:0b:01:45:17:20:b1:15:e1:3c:3e:
6f:e2:9b:dc:a0:c8:8a:51:b9:7c:4f:fd:52:23:38:fc:12:d7:
35:df:31:05:c3:61:b1:2d:cd:ad:fc:c3:f5:f2:ed:02:16:01:
fd:a5:36:c3:05:3b:48:c6:24:14:6f:18:b3:0f:27:4e:d1:55:
78:75:2b:e6:a5:20:04:cf:0e:2b:29:1c:f6:c5:72:b8:5e:e1:
b9:96:c3:4b:d5:d1:8a:6d:7a:7a:03:23:64:d1:57:87:2c:2b:
7b:d3:ce:13:8e:37:64:fc:5e:42:23:b9:aa:76:37:50:0d:15:
e3:69:13:b2:2f:e2:3f:bc:06:95:ef:40:c8:78:af:b4:aa:4a:
f4:71:c0:b4
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICSPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTk4
QTU5NTg2NjVGMzRBMjZBM0RDQUY5NEM2M0IzM0EwNzA1OUE1MzAeFw0yNDA2MTUx
OTU1NTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI1MDg3NDYwOEQ3Mzk3
MDhGMTI2MjZGNjdGMTZFRERGNTVDRjMzN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+qsl8BY2+8HjIS6mfGn4jbUYMPmuHwPfP6Qtr0Wnaqs+yV7/C
akEAetpoCH6fGXCTwdfburkIB5d1tptYhjyjDsaz274v6CJ8KFyscF43uchJJIsK
wUF3pX+0ICRBPy7A1qPn/I0TFK6zn49ovuiXGERRuNoBLEKOZhxuDwwjnn02X+uG
G9mbYPv2SlF+Wj+ve6O8cL3vGvyTur5WNdrkpdNNfQpThzF3CPYXXf+K/kj6RygK
isXZjECjbF55aPHJ59vMhxFg7qq4L2FtqEvQsI1ffemfiviMfF5omZnVLIHsTQiv
ibxDG36mZmdVisGeAf1LNg59na+5P11ehbUpAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUJQh0YI1zlwjxJib2fxbt31XPM30wHwYDVR0jBBgwFoAU6YpZWGZfNKJqPcr5
TGOzOgcFmlMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA3
NS82WXBaV0daZk5LSnFQY3I1VEdPek9nY0ZtbE0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzZZcFpXR1pmTktKcVBjcjVUR096T2djRm1sTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNzUvSlFoMFlJMXpsd2p4
SmliMmZ4YnQzMVhQTTMwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdIeDANBgkqhkiG9w0BAQsFAAOCAQEAq9kaSsFRlFD141s66G1Vi6cYo1yF
wvgtaA+ojunPoAi6h4iwx1zbO5D6ubjx1ZdKgLmPLONxKWuVyOsPH0UM2B7B8XnC
MLEQqIvBX1kPa9TcqLiN6Lgd7o/ANjQ7kFpz6v1HSeKWrda1vPlHwNYFdcifMg8L
AUUXILEV4Tw+b+Kb3KDIilG5fE/9UiM4/BLXNd8xBcNhsS3NrfzD9fLtAhYB/aU2
wwU7SMYkFG8Ysw8nTtFVeHUr5qUgBM8OKykc9sVyuF7huZbDS9XRim16egMjZNFX
hywre9POE443ZPxeQiO5qnY3UA0V42kTsi/iP7wGle9AyHivtKpK9HHAtA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:03 2025 by rpki-client