Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2785/QlX0Qe4DdohtqirpnZMCyXUYCYU.roa
File: QlX0Qe4DdohtqirpnZMCyXUYCYU.roa (raw, json)
Hash identifier: QmgBKKzhRdZAG52nvxB1EjM7VCUZyWvm5Q4gTXmNkNI=
Subject key identifier: 42:55:F4:41:EE:03:76:88:6D:AA:2A:E9:9D:93:02:C9:75:18:09:85
Certificate issuer: /CN=4EA97FDC6AC13514A080A4821033156E2260D00B
Certificate serial: 1D74
Authority key identifier: 4E:A9:7F:DC:6A:C1:35:14:A0:80:A4:82:10:33:15:6E:22:60:D0:0B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Tql_3GrBNRSggKSCEDMVbiJg0As.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2785/QlX0Qe4DdohtqirpnZMCyXUYCYU.roa
Signing time: Tue 15 Apr 2025 20:06:08 +0000
ROA not before: Tue 15 Apr 2025 20:06:08 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 137720
IP address blocks: 103.120.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7540 (0x1d74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4EA97FDC6AC13514A080A4821033156E2260D00B
Validity
Not Before: Apr 15 20:06:08 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=4255F441EE0376886DAA2AE99D9302C975180985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:c4:a7:cf:eb:71:e6:3a:e6:63:fb:71:93:0a:
bb:f4:39:d0:61:6f:7e:e5:b0:68:ad:0f:4f:f0:ed:
ca:48:ca:f6:f2:d3:3a:af:9a:21:d4:41:1f:c5:36:
12:c2:b9:80:4a:ac:f1:63:0e:45:af:f3:e7:1b:f8:
d3:cd:1b:14:79:4f:17:b0:37:71:78:33:30:23:54:
26:1e:94:44:1d:a1:cc:ed:9b:64:4c:0f:ad:02:50:
23:58:46:1a:6c:08:ae:cd:99:58:39:30:e7:d6:66:
31:b6:88:81:1c:52:e8:cf:8a:c6:c4:3b:7f:91:48:
b7:54:98:a3:a2:d0:35:8a:22:b8:f2:bd:0d:96:ef:
64:46:c7:eb:74:be:76:d8:30:e4:32:e4:ba:30:b9:
c7:fa:59:7b:c0:e8:e1:fe:a3:72:48:7a:08:d4:af:
9e:97:0c:0f:e0:e5:44:ed:88:c1:46:65:93:a9:b5:
d2:6e:45:0d:46:01:a1:bd:3d:ef:37:d9:87:2e:57:
d6:be:2c:48:e7:5c:ec:4a:cd:0e:ad:37:8c:22:98:
39:e9:c1:dc:49:67:e6:79:a4:4e:f6:d1:94:0d:5d:
aa:2b:e2:9b:3d:69:0f:08:b3:58:0e:58:4f:1b:f4:
69:21:5c:b1:ba:1e:35:a0:26:e0:64:9a:49:a6:83:
f8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:55:F4:41:EE:03:76:88:6D:AA:2A:E9:9D:93:02:C9:75:18:09:85
X509v3 Authority Key Identifier:
keyid:4E:A9:7F:DC:6A:C1:35:14:A0:80:A4:82:10:33:15:6E:22:60:D0:0B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2785/Tql_3GrBNRSggKSCEDMVbiJg0As.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Tql_3GrBNRSggKSCEDMVbiJg0As.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2785/QlX0Qe4DdohtqirpnZMCyXUYCYU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.96.0/24
Signature Algorithm: sha256WithRSAEncryption
96:97:b8:d1:19:65:b0:1f:49:a1:21:20:30:e9:64:cc:2d:4f:
f4:32:ea:ba:38:3c:be:7b:42:0c:ec:7d:0e:fe:7f:81:1b:55:
e6:d3:aa:71:fe:9e:fd:a5:dd:b3:a2:a2:08:ca:3e:04:44:dc:
ec:44:29:a8:64:2c:de:ef:a2:56:9f:c8:4b:5f:9e:c6:1f:5c:
67:8c:ba:10:53:5f:6e:9c:5a:0b:ae:6a:c9:7f:ef:5f:47:7d:
73:db:d0:4f:01:2b:9c:8c:2e:bc:b6:e3:47:ea:ca:55:43:d4:
b0:22:5f:75:8d:bb:78:00:31:4d:b6:a3:77:2c:f5:6c:8b:37:
18:bf:88:5c:7f:d6:a4:cb:83:60:76:f3:86:d1:ef:61:88:15:
cf:d9:3b:a0:58:82:d8:ae:a3:99:70:cd:37:5d:67:97:7b:75:
60:9b:8a:bf:f6:85:f8:0f:16:d6:bb:6a:0b:3e:c8:74:92:99:
95:38:51:00:e7:47:fe:31:5e:4b:79:52:48:52:24:a2:81:21:
ec:6a:3c:f1:e0:53:af:3a:14:2a:d9:62:73:2e:9a:ee:db:2f:
a4:58:cd:f1:0c:88:37:39:cc:81:59:1b:de:2b:ec:07:c1:4b:
33:76:59:f1:99:17:59:ec:01:14:99:c4:38:82:fc:47:62:15:
59:bb:47:f3
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHXQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEVB
OTdGREM2QUMxMzUxNEEwODBBNDgyMTAzMzE1NkUyMjYwRDAwQjAeFw0yNTA0MTUy
MDA2MDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQyNTVGNDQxRUUwMzc2
ODg2REFBMkFFOTlEOTMwMkM5NzUxODA5ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwxKfP63HmOuZj+3GTCrv0OdBhb37lsGitD0/w7cpIyvby0zqv
miHUQR/FNhLCuYBKrPFjDkWv8+cb+NPNGxR5TxewN3F4MzAjVCYelEQdocztm2RM
D60CUCNYRhpsCK7NmVg5MOfWZjG2iIEcUujPisbEO3+RSLdUmKOi0DWKIrjyvQ2W
72RGx+t0vnbYMOQy5Lowucf6WXvA6OH+o3JIegjUr56XDA/g5UTtiMFGZZOptdJu
RQ1GAaG9Pe832YcuV9a+LEjnXOxKzQ6tN4wimDnpwdxJZ+Z5pE720ZQNXaor4ps9
aQ8Is1gOWE8b9GkhXLG6HjWgJuBkmkmmg/h1AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUQlX0Qe4DdohtqirpnZMCyXUYCYUwHwYDVR0jBBgwFoAUTql/3GrBNRSggKSC
EDMVbiJg0AswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc4
NS9UcWxfM0dyQk5SU2dnS1NDRURNVmJpSmcwQXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1RxbF8zR3JCTlJTZ2dLU0NFRE1WYmlKZzBBcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3ODUvUWxYMFFlNERkb2h0
cWlycG5aTUN5WFVZQ1lVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGd4YDANBgkqhkiG9w0BAQsFAAOCAQEAlpe40RllsB9JoSEgMOlkzC1P9DLq
ujg8vntCDOx9Dv5/gRtV5tOqcf6e/aXds6KiCMo+BETc7EQpqGQs3u+iVp/IS1+e
xh9cZ4y6EFNfbpxaC65qyX/vX0d9c9vQTwErnIwuvLbjR+rKVUPUsCJfdY27eAAx
Tbajdyz1bIs3GL+IXH/WpMuDYHbzhtHvYYgVz9k7oFiC2K6jmXDNN11nl3t1YJuK
v/aF+A8W1rtqCz7IdJKZlThRAOdH/jFeS3lSSFIkooEh7Go88eBTrzoUKtlicy6a
7tsvpFjN8QyINznMgVkb3ivsB8FLM3ZZ8ZkXWewBFJnEOIL8R2IVWbtH8w==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:29:52 2025 by rpki-client