Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2075/qhqQ6XGpQKke9iH_XzcMeWU6yJs.roa
File: qhqQ6XGpQKke9iH_XzcMeWU6yJs.roa (raw, json)
Hash identifier: SYubhtFtKwSFcNFEuS+OIUJ6kBhpjBEexfpRrZUfZr8=
Subject key identifier: AA:1A:90:E9:71:A9:40:A9:1E:F6:21:FF:5F:37:0C:79:65:3A:C8:9B
Certificate issuer: /CN=E98A5958665F34A26A3DCAF94C63B33A07059A53
Certificate serial: 4D1F
Authority key identifier: E9:8A:59:58:66:5F:34:A2:6A:3D:CA:F9:4C:63:B3:3A:07:05:9A:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6YpZWGZfNKJqPcr5TGOzOgcFmlM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/qhqQ6XGpQKke9iH_XzcMeWU6yJs.roa
Signing time: Fri 17 Jan 2025 01:26:31 +0000
ROA not before: Fri 17 Jan 2025 01:26:31 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 398704
IP address blocks: 103.72.120.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19743 (0x4d1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E98A5958665F34A26A3DCAF94C63B33A07059A53
Validity
Not Before: Jan 17 01:26:31 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=AA1A90E971A940A91EF621FF5F370C79653AC89B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a5:3a:da:00:e7:1b:de:ac:e8:69:55:5e:5c:
61:c6:1d:34:06:a8:14:b3:2f:06:4d:5c:74:bc:58:
6d:e2:79:e0:73:cc:f3:91:0e:8b:7a:8b:8b:d5:a1:
b2:4e:89:22:5c:9a:f1:09:ff:e1:44:58:91:ec:c3:
6e:78:66:02:b7:19:7a:a2:6e:b8:26:f3:de:62:85:
3c:7e:f9:6f:f8:84:06:a7:d1:ec:f9:d8:ac:4b:fb:
61:7d:4d:84:a4:a5:c1:93:42:bc:82:3d:42:3b:56:
80:54:43:7f:3f:03:c3:81:82:5a:5a:35:96:8d:1c:
aa:29:ca:e3:08:3e:a8:75:69:de:cf:e0:8e:cd:6f:
0f:0c:5e:fd:23:df:dc:90:ba:dc:72:c4:96:4c:a9:
90:d0:25:a0:02:98:93:ca:c2:b5:67:2f:28:a0:80:
9c:cf:6a:b1:ee:fb:77:06:34:06:97:a0:93:e1:9b:
57:59:18:1a:10:d0:a1:da:39:e6:71:c4:2a:5b:57:
72:8f:08:cf:e8:48:b5:c2:f6:e3:99:e2:7b:79:b1:
c6:3c:3b:9a:ff:63:a3:41:9b:d1:66:36:23:09:3d:
77:56:77:d8:6b:3b:e4:08:53:76:5b:12:e6:68:9e:
c6:5b:93:23:cf:76:9d:de:3d:28:65:73:48:60:03:
87:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1A:90:E9:71:A9:40:A9:1E:F6:21:FF:5F:37:0C:79:65:3A:C8:9B
X509v3 Authority Key Identifier:
keyid:E9:8A:59:58:66:5F:34:A2:6A:3D:CA:F9:4C:63:B3:3A:07:05:9A:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/6YpZWGZfNKJqPcr5TGOzOgcFmlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6YpZWGZfNKJqPcr5TGOzOgcFmlM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/qhqQ6XGpQKke9iH_XzcMeWU6yJs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.120.0/22
Signature Algorithm: sha256WithRSAEncryption
17:46:fc:c0:92:df:5d:19:d7:15:72:9c:04:8f:e5:24:93:39:
d8:a0:25:53:dc:87:6b:fc:d3:1e:f4:2d:ec:22:65:44:d9:2e:
35:92:9e:4c:b0:a7:ef:3d:32:3f:b9:95:d6:bf:16:dc:61:e8:
a1:75:f3:99:e3:2f:50:b0:17:07:19:0a:25:22:4c:0d:7f:a3:
4d:4d:9a:8f:d5:a0:30:dc:98:6e:f9:d1:a4:a1:af:60:2b:97:
9f:eb:b6:d7:c4:49:f1:cf:1a:83:8c:4f:19:30:6b:c8:69:65:
ce:21:d2:33:94:ab:30:eb:a3:46:c8:8f:c6:ef:60:d3:ca:b8:
21:6c:25:a1:90:bf:6b:23:57:55:a7:27:5e:ab:d3:40:62:c1:
7e:30:bb:5c:04:82:c5:36:0b:da:b5:39:bb:95:9a:d3:4e:c1:
58:2b:20:c0:5f:6e:36:73:9a:bc:57:11:4a:5c:ef:a0:6a:b0:
22:94:80:bd:b5:8f:9b:dd:da:e8:f1:dc:5e:a3:d1:68:32:4a:
5c:6e:f3:6e:96:e6:f1:3f:f0:f7:f3:6c:1a:92:b1:35:a8:4e:
1c:2f:33:ff:3f:e6:e2:8a:cc:5e:f7:5c:3e:63:51:29:98:c1:
70:74:ec:8a:cc:4f:90:9c:20:3e:65:61:cc:ab:df:5c:3b:20:
67:90:e5:87
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICTR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTk4
QTU5NTg2NjVGMzRBMjZBM0RDQUY5NEM2M0IzM0EwNzA1OUE1MzAeFw0yNTAxMTcw
MTI2MzFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEFBMUE5MEU5NzFBOTQw
QTkxRUY2MjFGRjVGMzcwQzc5NjUzQUM4OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCpTraAOcb3qzoaVVeXGHGHTQGqBSzLwZNXHS8WG3ieeBzzPOR
Dot6i4vVobJOiSJcmvEJ/+FEWJHsw254ZgK3GXqibrgm895ihTx++W/4hAan0ez5
2KxL+2F9TYSkpcGTQryCPUI7VoBUQ38/A8OBglpaNZaNHKopyuMIPqh1ad7P4I7N
bw8MXv0j39yQutxyxJZMqZDQJaACmJPKwrVnLyiggJzParHu+3cGNAaXoJPhm1dZ
GBoQ0KHaOeZxxCpbV3KPCM/oSLXC9uOZ4nt5scY8O5r/Y6NBm9FmNiMJPXdWd9hr
O+QIU3ZbEuZonsZbkyPPdp3ePShlc0hgA4dtAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUqhqQ6XGpQKke9iH/XzcMeWU6yJswHwYDVR0jBBgwFoAU6YpZWGZfNKJqPcr5
TGOzOgcFmlMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA3
NS82WXBaV0daZk5LSnFQY3I1VEdPek9nY0ZtbE0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzZZcFpXR1pmTktKcVBjcjVUR096T2djRm1sTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNzUvcWhxUTZYR3BRS2tl
OWlIX1h6Y01lV1U2eUpzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdIeDANBgkqhkiG9w0BAQsFAAOCAQEAF0b8wJLfXRnXFXKcBI/lJJM52KAl
U9yHa/zTHvQt7CJlRNkuNZKeTLCn7z0yP7mV1r8W3GHooXXzmeMvULAXBxkKJSJM
DX+jTU2aj9WgMNyYbvnRpKGvYCuXn+u218RJ8c8ag4xPGTBryGllziHSM5SrMOuj
RsiPxu9g08q4IWwloZC/ayNXVacnXqvTQGLBfjC7XASCxTYL2rU5u5Wa007BWCsg
wF9uNnOavFcRSlzvoGqwIpSAvbWPm93a6PHcXqPRaDJKXG7zbpbm8T/w9/NsGpKx
NahOHC8z/z/m4orMXvdcPmNRKZjBcHTsisxPkJwgPmVhzKvfXDsgZ5Dlhw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:00:54 2025 by rpki-client