Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/EdQ_eP8FVTyG8I31dVMSqipjYSM.roa
File: EdQ_eP8FVTyG8I31dVMSqipjYSM.roa (raw, json)
Hash identifier: +nnAN3SzmSIPV7/lM+mWhlk2sC0j8/o1RCavlBi+4sE=
Subject key identifier: 11:D4:3F:78:FF:05:55:3C:86:F0:8D:F5:75:53:12:AA:2A:63:61:23
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1850
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EdQ_eP8FVTyG8I31dVMSqipjYSM.roa
Signing time: Fri 17 Jan 2025 01:24:54 +0000
ROA not before: Fri 17 Jan 2025 01:24:54 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24373
IP address blocks: 103.221.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6224 (0x1850)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:54 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=11D43F78FF05553C86F08DF5755312AA2A636123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:08:c7:1c:9d:31:0a:02:24:d6:16:3e:f1:96:
31:ad:9d:4c:02:81:e0:5f:19:8a:4a:ae:6b:d3:cb:
89:d5:7e:47:a3:77:a5:b9:6b:f2:50:11:25:fa:57:
88:31:f7:85:ff:23:dc:0e:6b:a9:3b:70:81:12:26:
3b:31:1e:d9:50:dd:12:bb:bb:d7:eb:49:c9:50:2e:
3a:35:f6:01:38:a9:3d:ef:12:c6:ec:e6:c6:bf:09:
96:17:2d:0e:6e:88:1b:35:70:78:e5:fa:e7:43:a4:
43:45:e5:8a:ab:6e:fc:33:04:50:f9:14:13:7b:94:
77:cb:90:a3:14:bd:8f:df:81:ff:b9:24:2d:98:38:
04:00:77:fe:61:8c:d9:88:79:7c:6a:27:94:d5:fe:
92:b1:7a:ad:59:8d:b5:66:e7:d1:55:84:cd:f3:57:
df:a2:7c:da:9e:ef:59:8f:65:7e:d0:83:ab:07:61:
50:4d:15:70:ce:80:79:cd:57:31:56:e6:6c:aa:24:
32:21:25:f0:d7:f9:ee:0c:e4:59:aa:48:99:f2:4e:
eb:52:ad:79:55:a5:f5:dc:e3:e0:2b:3f:a1:10:7b:
a5:75:83:78:b6:c9:ad:8d:69:4b:9c:da:d8:9b:dc:
b7:b8:bf:d3:39:ab:60:60:e5:54:09:57:90:2e:47:
db:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D4:3F:78:FF:05:55:3C:86:F0:8D:F5:75:53:12:AA:2A:63:61:23
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EdQ_eP8FVTyG8I31dVMSqipjYSM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.20.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:1d:2c:af:92:3d:73:78:62:14:1f:6d:b5:54:82:3a:ff:c1:
08:67:dc:2c:a7:22:b2:df:37:42:5b:65:ba:31:3f:d3:23:20:
4c:5f:53:61:b1:bb:9b:a5:e2:5f:0b:f2:4a:eb:17:f0:42:f2:
ab:75:22:5b:8c:c1:63:cb:31:84:bf:08:d2:ac:26:26:7b:84:
f9:fd:6a:4f:26:53:18:6b:c7:6b:13:43:14:da:97:cf:d2:91:
05:50:9c:77:77:f1:99:0d:1e:41:11:d9:3e:cd:10:0d:19:9f:
f5:d2:19:01:1a:29:ae:07:5e:01:a4:68:f0:b4:f3:b2:a4:1f:
c0:ea:1e:f2:b3:cb:00:41:66:0c:02:d9:1c:ec:04:12:a3:e8:
c2:37:33:3e:8a:e7:c8:d3:c2:fe:49:0b:3a:6a:08:e7:8c:94:
a5:51:10:54:04:46:60:bb:35:1f:a2:b4:a4:df:5b:31:9b:19:
6e:58:d0:1f:64:00:fd:c3:6a:ab:90:9a:56:70:2f:c5:86:1a:
b0:8e:fc:c3:29:7a:0c:4f:a5:00:ec:08:16:fd:fc:f3:d9:1e:
1e:1b:2c:98:d6:be:30:20:44:ed:ae:72:4d:73:a8:f2:2a:72:
a5:46:2a:0f:73:a3:34:3b:d3:00:fc:6a:6f:73:0f:2f:1b:3d:
69:ec:c6:e3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGFAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0NTRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDExRDQzRjc4RkYwNTU1
M0M4NkYwOERGNTc1NTMxMkFBMkE2MzYxMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHCMccnTEKAiTWFj7xljGtnUwCgeBfGYpKrmvTy4nVfkejd6W5
a/JQESX6V4gx94X/I9wOa6k7cIESJjsxHtlQ3RK7u9frSclQLjo19gE4qT3vEsbs
5sa/CZYXLQ5uiBs1cHjl+udDpENF5YqrbvwzBFD5FBN7lHfLkKMUvY/fgf+5JC2Y
OAQAd/5hjNmIeXxqJ5TV/pKxeq1ZjbVm59FVhM3zV9+ifNqe71mPZX7Qg6sHYVBN
FXDOgHnNVzFW5myqJDIhJfDX+e4M5FmqSJnyTutSrXlVpfXc4+ArP6EQe6V1g3i2
ya2NaUuc2tib3Le4v9M5q2Bg5VQJV5AuR9uNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUEdQ/eP8FVTyG8I31dVMSqipjYSMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0VkUV9lUDhGVlR5RzhJ
MzFkVk1TcWlwallTTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3RQwDQYJKoZIhvcNAQELBQADggEBALodLK+SPXN4YhQfbbVUgjr/wQhn3Cyn
IrLfN0JbZboxP9MjIExfU2Gxu5ul4l8L8krrF/BC8qt1IluMwWPLMYS/CNKsJiZ7
hPn9ak8mUxhrx2sTQxTal8/SkQVQnHd38ZkNHkER2T7NEA0Zn/XSGQEaKa4HXgGk
aPC087KkH8DqHvKzywBBZgwC2RzsBBKj6MI3Mz6K58jTwv5JCzpqCOeMlKVREFQE
RmC7NR+itKTfWzGbGW5Y0B9kAP3DaquQmlZwL8WGGrCO/MMpegxPpQDsCBb9/PPZ
Hh4bLJjWvjAgRO2uck1zqPIqcqVGKg9zozQ70wD8am9zDy8bPWnsxuM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:22:40 2025 by rpki-client