Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3258/z6ifoglfIbV3a7GG25WG9QkRLRI.roa
File: z6ifoglfIbV3a7GG25WG9QkRLRI.roa (raw, json)
Hash identifier: UItSWcv7JaCw3uv0J4HiXaRiuGKlxQXa1/jFqFMYxJI=
Subject key identifier: CF:A8:9F:A2:09:5F:21:B5:77:6B:B1:86:DB:95:86:F5:09:11:2D:12
Certificate issuer: /CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3
Certificate serial: 0132
Authority key identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/z6ifoglfIbV3a7GG25WG9QkRLRI.roa
Signing time: Tue 19 Mar 2024 02:32:42 +0000
ROA not before: Tue 19 Mar 2024 02:32:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 21859
IP address blocks: 157.10.220.0/24 maxlen: 32
157.10.221.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 306 (0x132)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3
Validity
Not Before: Mar 19 02:32:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CFA89FA2095F21B5776BB186DB9586F509112D12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4e:2f:95:8c:67:7b:c8:09:c6:24:c4:b8:9f:
25:99:47:03:e1:af:01:ce:4c:15:08:57:34:cc:0f:
4b:ff:6a:44:57:8b:f5:6e:f3:eb:d9:bb:0f:e6:b0:
60:2f:4c:b7:02:54:c5:3f:02:17:58:99:db:7b:3f:
ac:35:07:fa:12:1a:b2:35:d0:5f:f1:58:29:8d:95:
c4:83:28:f8:fd:11:2c:28:3e:27:5b:71:85:cf:cc:
c2:68:58:40:8a:03:e2:02:c5:da:cd:f8:56:0d:37:
ff:59:f5:6c:02:e2:1f:22:7f:cd:a9:e7:f1:17:d8:
ae:b1:c3:ee:e4:7d:3b:2f:54:19:78:e1:e1:dd:1f:
bf:e8:10:b2:15:43:d0:2d:b6:dd:1f:36:47:aa:74:
dd:6d:42:19:26:17:ea:32:ca:50:a4:a9:76:4b:ab:
ae:a2:15:62:a5:b2:8b:d5:a4:03:5e:8f:16:43:5f:
9a:5c:3a:18:9d:7d:d3:2d:4a:fc:3b:00:5b:7c:1b:
4a:e3:6c:de:f5:5d:39:3f:c9:5a:1d:48:1e:bf:72:
1f:54:14:c3:2c:f3:65:73:c4:4a:64:d6:7e:79:3e:
11:f5:88:f5:d8:34:fa:30:79:a0:91:0b:1b:71:0c:
e3:0a:9f:93:a5:72:41:f2:30:de:a1:a8:ce:ee:d4:
b9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A8:9F:A2:09:5F:21:B5:77:6B:B1:86:DB:95:86:F5:09:11:2D:12
X509v3 Authority Key Identifier:
keyid:90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/z6ifoglfIbV3a7GG25WG9QkRLRI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.220.0/23
Signature Algorithm: sha256WithRSAEncryption
28:a6:3f:7e:0a:34:a3:90:0c:92:1e:13:55:e3:23:f9:8a:4f:
71:f1:1d:cf:28:c3:af:dd:f0:07:5b:65:35:01:c3:41:ae:30:
d6:09:40:74:e1:5b:40:06:cf:8e:d4:39:cd:f5:5c:63:d8:01:
49:cd:a9:64:14:b4:95:a7:16:78:23:b8:c8:9b:6f:4d:34:c0:
0c:3c:a5:e6:f3:f4:d2:28:17:fa:81:4a:47:3e:a3:d6:c4:eb:
70:14:1a:a9:98:6a:c4:bd:05:59:ac:64:a0:d1:4f:6b:3f:48:
bc:6b:a3:90:c0:55:4e:73:97:1a:c5:02:d5:5f:e7:2e:cc:44:
b3:81:56:34:98:a6:21:50:d3:d7:95:a2:39:07:b8:e4:2c:9b:
1c:18:14:db:45:7f:9c:71:1f:6e:01:43:f0:6a:1f:60:9b:65:
c9:ad:97:a7:0d:77:f3:3d:1a:d8:cd:52:96:2a:84:a3:46:c4:
7a:30:e3:c3:ac:d3:22:a8:e9:bd:3f:70:a6:c6:b4:94:b3:9d:
1f:60:8d:f0:38:be:f9:0b:1c:1e:ca:ba:69:c5:d8:a3:7f:9f:
a6:a6:67:7e:d8:f5:4c:3a:1e:8c:c3:77:65:48:99:dc:97:9e:
a3:55:f6:88:67:e1:89:3f:80:54:cc:42:cc:9b:98:93:c2:73:
e9:84:18:15
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICATIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBG
MzBFMURGMzI3RDEwMzkwN0YxQkUwOEVEM0VBNjRCRkI3NzhFMzAeFw0yNDAzMTkw
MjMyNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENGQTg5RkEyMDk1RjIx
QjU3NzZCQjE4NkRCOTU4NkY1MDkxMTJEMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTTi+VjGd7yAnGJMS4nyWZRwPhrwHOTBUIVzTMD0v/akRXi/Vu
8+vZuw/msGAvTLcCVMU/AhdYmdt7P6w1B/oSGrI10F/xWCmNlcSDKPj9ESwoPidb
cYXPzMJoWECKA+ICxdrN+FYNN/9Z9WwC4h8if82p5/EX2K6xw+7kfTsvVBl44eHd
H7/oELIVQ9Attt0fNkeqdN1tQhkmF+oyylCkqXZLq66iFWKlsovVpANejxZDX5pc
OhidfdMtSvw7AFt8G0rjbN71XTk/yVodSB6/ch9UFMMs82VzxEpk1n55PhH1iPXY
NPoweaCRCxtxDOMKn5OlckHyMN6hqM7u1LmTAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUz6ifoglfIbV3a7GG25WG9QkRLRIwHwYDVR0jBBgwFoAUkPMOHfMn0QOQfxvg
jtPqZL+3eOMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1
OC9rUE1PSGZNbjBRT1FmeHZnanRQcVpMLTNlT00uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2tQTU9IZk1uMFFPUWZ4dmdqdFBxWkwtM2VPTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTgvejZpZm9nbGZJYlYz
YTdHRzI1V0c5UWtSTFJJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAZ0K3DANBgkqhkiG9w0BAQsFAAOCAQEAKKY/fgo0o5AMkh4TVeMj+YpPcfEd
zyjDr93wB1tlNQHDQa4w1glAdOFbQAbPjtQ5zfVcY9gBSc2pZBS0lacWeCO4yJtv
TTTADDyl5vP00igX+oFKRz6j1sTrcBQaqZhqxL0FWaxkoNFPaz9IvGujkMBVTnOX
GsUC1V/nLsxEs4FWNJimIVDT15WiOQe45CybHBgU20V/nHEfbgFD8GofYJtlya2X
pw138z0a2M1SliqEo0bEejDjw6zTIqjpvT9wpsa0lLOdH2CN8Di++QscHsq6acXY
o3+fpqZnftj1TDoejMN3ZUiZ3Jeeo1X2iGfhiT+AVMxCzJuYk8Jz6YQYFQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:37 2025 by rpki-client