Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/BQ_lXyqSy_GV2zTItwbIpwa0SVQ.roa
File: BQ_lXyqSy_GV2zTItwbIpwa0SVQ.roa (raw, json)
Hash identifier: c+wezViEvIi7I3ZaIuJsnFhV0MaGDGk/cFyRffqmqLw=
Subject key identifier: 05:0F:E5:5F:2A:92:CB:F1:95:DB:34:C8:B7:06:C8:A7:06:B4:49:54
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 185A
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/BQ_lXyqSy_GV2zTItwbIpwa0SVQ.roa
Signing time: Fri 17 Jan 2025 01:24:57 +0000
ROA not before: Fri 17 Jan 2025 01:24:57 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 103.221.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6234 (0x185a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:57 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=050FE55F2A92CBF195DB34C8B706C8A706B44954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:26:c3:b4:e5:67:82:27:3c:01:0b:cb:dc:4c:
2f:b2:8c:8b:71:c9:9e:77:1d:6d:27:24:3b:f9:8d:
61:8f:1f:ce:28:04:94:91:76:f1:5d:f9:6a:e7:b0:
10:c5:f6:27:5f:8b:43:b3:08:ac:61:ab:45:ba:61:
32:63:06:4c:09:77:55:ae:00:fd:6f:08:ab:78:80:
90:33:20:ec:e9:7e:c8:a6:9a:7e:f8:7d:59:3f:f1:
f0:3a:97:b2:f8:5e:3b:18:d3:83:e2:a5:d4:35:62:
4d:04:30:8a:50:05:61:33:b0:5b:6c:b8:38:fb:b9:
bb:5c:24:d2:5d:06:3e:26:7c:bc:b4:0d:e0:91:84:
7b:eb:2d:ff:1c:46:aa:06:e9:73:93:51:db:dc:99:
c9:d4:f2:21:77:df:16:ef:14:4a:ca:89:33:53:95:
57:51:9e:c4:6e:47:1b:8a:a6:13:a4:19:11:7b:7b:
93:0b:bf:df:fc:74:c9:53:2f:4f:2c:2e:0b:0c:73:
23:ed:ce:ed:14:2b:c3:7b:cb:a6:34:61:b3:50:fd:
19:d6:46:6f:60:87:5b:00:d1:b0:b2:88:91:f7:f9:
77:97:0f:79:f6:6e:1e:fe:d0:ad:8a:6a:ec:e2:8b:
cc:61:1a:96:fa:99:87:4b:b3:1f:2e:28:b8:d5:27:
44:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:0F:E5:5F:2A:92:CB:F1:95:DB:34:C8:B7:06:C8:A7:06:B4:49:54
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/BQ_lXyqSy_GV2zTItwbIpwa0SVQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.20.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:0a:ef:66:c7:a9:14:cf:7a:64:6c:c7:42:53:e7:6b:99:25:
8b:24:69:f8:42:17:b7:44:43:e7:ad:d1:33:09:4a:f9:59:e2:
46:39:09:e0:d3:7d:fd:ba:cf:39:69:ad:52:f2:d8:77:cb:0d:
63:fa:b2:32:f5:6c:76:0e:5c:df:a2:70:36:26:bb:4d:90:76:
37:ea:d9:8c:8f:bc:0c:86:50:8c:37:1c:65:9f:1d:33:3a:ae:
53:aa:3a:d2:40:c7:5b:93:3c:69:5e:a7:8e:ed:8f:26:60:e6:
a8:1c:6a:f8:e1:b8:25:7e:47:33:82:b2:80:b9:45:cb:57:6c:
87:27:ae:13:dc:b5:ce:3e:84:ab:05:3c:45:f1:83:b2:8d:e2:
af:3b:fd:3b:61:5f:b9:94:70:1c:ff:e8:4e:c5:bc:0f:05:4d:
20:12:a5:71:5d:3d:c3:fb:14:c5:c0:18:19:99:f1:a2:ce:ed:
c0:f1:55:07:ce:f5:bd:6e:0a:04:a2:6f:3f:14:72:70:b6:8d:
11:d3:8d:4a:ab:eb:56:00:c9:9c:a9:e4:29:4c:18:73:2f:15:
9f:1c:b3:9a:8f:a1:a1:3a:ba:f7:7f:2c:1f:1d:db:dd:74:73:
5d:5a:9a:77:9f:5a:18:b6:fc:fa:7e:8e:7f:36:59:77:5a:13:
16:ca:0b:47
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0NTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDA1MEZFNTVGMkE5MkNC
RjE5NURCMzRDOEI3MDZDOEE3MDZCNDQ5NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5JsO05WeCJzwBC8vcTC+yjItxyZ53HW0nJDv5jWGPH84oBJSR
dvFd+WrnsBDF9idfi0OzCKxhq0W6YTJjBkwJd1WuAP1vCKt4gJAzIOzpfsimmn74
fVk/8fA6l7L4XjsY04PipdQ1Yk0EMIpQBWEzsFtsuDj7ubtcJNJdBj4mfLy0DeCR
hHvrLf8cRqoG6XOTUdvcmcnU8iF33xbvFErKiTNTlVdRnsRuRxuKphOkGRF7e5ML
v9/8dMlTL08sLgsMcyPtzu0UK8N7y6Y0YbNQ/RnWRm9gh1sA0bCyiJH3+XeXD3n2
bh7+0K2Kauzii8xhGpb6mYdLsx8uKLjVJ0TLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBQ/lXyqSy/GV2zTItwbIpwa0SVQwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0JRX2xYeXFTeV9HVjJ6
VEl0d2JJcHdhMFNWUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RQwDQYJKoZIhvcNAQELBQADggEBAE8K72bHqRTPemRsx0JT52uZJYskafhC
F7dEQ+et0TMJSvlZ4kY5CeDTff26zzlprVLy2HfLDWP6sjL1bHYOXN+icDYmu02Q
djfq2YyPvAyGUIw3HGWfHTM6rlOqOtJAx1uTPGlep47tjyZg5qgcavjhuCV+RzOC
soC5RctXbIcnrhPctc4+hKsFPEXxg7KN4q87/TthX7mUcBz/6E7FvA8FTSASpXFd
PcP7FMXAGBmZ8aLO7cDxVQfO9b1uCgSibz8UcnC2jRHTjUqr61YAyZyp5ClMGHMv
FZ8cs5qPoaE6uvd/LB8d2910c11amnefWhi2/Pp+jn82WXdaExbKC0c=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:25 2025 by rpki-client