Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3252/_Xmm2o9RXIBNA_OyjGlOMyMD8hk.roa
File: _Xmm2o9RXIBNA_OyjGlOMyMD8hk.roa (raw, json)
Hash identifier: weADjc5+Q1PoKZs9Ej09N2RAckFmeQh9Uk0nuS7oL7A=
Subject key identifier: FD:79:A6:DA:8F:51:5C:80:4D:03:F3:B2:8C:69:4E:33:23:03:F2:19
Certificate issuer: /CN=E6CF46C8583654CB69E2DFC3AE83DDC145E4932A
Certificate serial: 06C8
Authority key identifier: E6:CF:46:C8:58:36:54:CB:69:E2:DF:C3:AE:83:DD:C1:45:E4:93:2A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5s9GyFg2VMtp4t_DroPdwUXkkyo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/_Xmm2o9RXIBNA_OyjGlOMyMD8hk.roa
Signing time: Wed 18 Dec 2024 02:22:57 +0000
ROA not before: Wed 18 Dec 2024 02:22:57 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 63538
IP address blocks: 157.10.34.0/23 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1736 (0x6c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E6CF46C8583654CB69E2DFC3AE83DDC145E4932A
Validity
Not Before: Dec 18 02:22:57 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=FD79A6DA8F515C804D03F3B28C694E332303F219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b3:37:df:8f:40:4d:8f:ef:d1:2b:4f:3c:ad:
f4:37:27:25:c6:c4:ed:0b:9b:84:9d:e9:4e:1b:c4:
22:4b:ea:10:b6:78:2b:3a:5b:17:70:bc:cc:3e:e5:
64:a2:d6:cc:3b:d2:9a:9f:39:5d:b4:4e:ca:5b:7a:
94:b0:c8:1e:a6:47:ca:1e:80:64:44:fd:58:83:30:
a5:e0:8e:6a:bb:c6:fc:8a:e4:f2:73:7c:83:a2:75:
39:6c:9f:1b:67:1d:e3:9c:71:c0:14:2a:60:72:4e:
6b:4a:f9:7e:19:61:9f:cb:04:52:b7:c7:38:ac:df:
9c:f4:3a:39:26:5c:e3:93:a2:cc:b9:6d:d3:51:a2:
7a:ca:eb:3c:4e:da:a6:3e:83:4d:21:20:dd:72:df:
32:d0:e4:1b:1f:ac:20:38:74:35:0f:06:01:fb:2c:
f8:33:01:eb:ea:07:d5:bb:7f:b7:77:a8:55:71:c0:
b8:66:27:f3:62:94:4b:22:2e:92:3a:c0:e0:63:d9:
44:06:05:2f:46:fc:29:d7:3c:50:59:5a:7f:87:bc:
ca:cb:d3:fa:af:0e:a5:7e:d3:87:7e:9b:87:c6:2b:
14:a8:4e:ec:1a:a1:cc:ed:c1:86:e1:05:7d:32:73:
8d:f0:43:36:37:35:cd:9d:91:bd:38:eb:38:16:6a:
51:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:79:A6:DA:8F:51:5C:80:4D:03:F3:B2:8C:69:4E:33:23:03:F2:19
X509v3 Authority Key Identifier:
keyid:E6:CF:46:C8:58:36:54:CB:69:E2:DF:C3:AE:83:DD:C1:45:E4:93:2A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/5s9GyFg2VMtp4t_DroPdwUXkkyo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5s9GyFg2VMtp4t_DroPdwUXkkyo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/_Xmm2o9RXIBNA_OyjGlOMyMD8hk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.34.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:6c:fd:ae:62:50:e8:af:cc:57:6a:97:f6:b3:23:01:9c:dc:
04:88:1d:58:db:cc:fe:55:93:ce:65:42:fb:53:e5:72:06:81:
12:d0:ef:a8:c4:95:22:81:59:6f:d4:cd:fb:69:b0:47:b7:2e:
72:b7:ce:b3:98:59:61:20:bf:06:fb:7b:16:65:6e:de:58:f2:
56:9a:ba:6d:0c:6f:23:44:cd:dc:50:bf:88:e6:3f:2c:e5:1f:
8c:a0:41:91:93:e9:77:f1:e4:39:31:07:b9:9f:18:72:81:0b:
32:73:7d:b0:2d:2f:3a:70:b4:18:1d:36:da:e6:5e:86:3b:6d:
2c:f7:02:8b:c4:aa:85:70:3d:0c:37:fa:71:53:0c:7c:4b:c3:
f9:f2:72:c8:84:61:40:9e:f0:8a:f1:34:3f:8e:10:89:eb:87:
dc:79:9d:52:32:f0:77:b0:c3:03:54:06:58:b3:f4:d2:5c:29:
b4:b9:ed:37:7f:42:84:23:c5:8c:d6:30:50:09:15:94:10:66:
e7:b8:f7:85:3e:23:2f:e2:91:63:e9:66:d7:50:fb:16:4b:ff:
5b:69:43:24:b7:cd:b0:de:a4:38:dd:8c:53:3a:d0:b7:5e:71:
2c:d2:df:1d:16:a3:b0:96:df:53:66:cb:85:f3:13:81:9a:41:
79:7f:54:61
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICBsgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTZD
RjQ2Qzg1ODM2NTRDQjY5RTJERkMzQUU4M0REQzE0NUU0OTMyQTAeFw0yNDEyMTgw
MjIyNTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEZENzlBNkRBOEY1MTVD
ODA0RDAzRjNCMjhDNjk0RTMzMjMwM0YyMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjszffj0BNj+/RK088rfQ3JyXGxO0Lm4Sd6U4bxCJL6hC2eCs6
WxdwvMw+5WSi1sw70pqfOV20TspbepSwyB6mR8oegGRE/ViDMKXgjmq7xvyK5PJz
fIOidTlsnxtnHeOcccAUKmByTmtK+X4ZYZ/LBFK3xzis35z0OjkmXOOTosy5bdNR
onrK6zxO2qY+g00hIN1y3zLQ5BsfrCA4dDUPBgH7LPgzAevqB9W7f7d3qFVxwLhm
J/NilEsiLpI6wOBj2UQGBS9G/CnXPFBZWn+HvMrL0/qvDqV+04d+m4fGKxSoTuwa
ocztwYbhBX0yc43wQzY3Nc2dkb046zgWalE3AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU/Xmm2o9RXIBNA/OyjGlOMyMD8hkwHwYDVR0jBBgwFoAU5s9GyFg2VMtp4t/D
roPdwUXkkyowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1
Mi81czlHeUZnMlZNdHA0dF9Ecm9QZHdVWGtreW8uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzVzOUd5RmcyVk10cDR0X0Ryb1Bkd1VYa2t5by5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTIvX1htbTJvOVJYSUJO
QV9PeWpHbE9NeU1EOGhrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAZ0KIjANBgkqhkiG9w0BAQsFAAOCAQEAfWz9rmJQ6K/MV2qX9rMjAZzcBIgd
WNvM/lWTzmVC+1PlcgaBEtDvqMSVIoFZb9TN+2mwR7cucrfOs5hZYSC/Bvt7FmVu
3ljyVpq6bQxvI0TN3FC/iOY/LOUfjKBBkZPpd/HkOTEHuZ8YcoELMnN9sC0vOnC0
GB022uZehjttLPcCi8SqhXA9DDf6cVMMfEvD+fJyyIRhQJ7wivE0P44QieuH3Hmd
UjLwd7DDA1QGWLP00lwptLntN39ChCPFjNYwUAkVlBBm57j3hT4jL+KRY+lm11D7
Fkv/W2lDJLfNsN6kON2MUzrQt15xLNLfHRajsJbfU2bLhfMTgZpBeX9UYQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:06 2025 by rpki-client