Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/Nig2C6-ESEH5jw9YAeAxZL3zYCA.roa
File: Nig2C6-ESEH5jw9YAeAxZL3zYCA.roa (raw, json)
Hash identifier: a7hhK1BTx+vEDK72oQNWJB1xDPTxPPEQP/OjXQVnnUw=
Subject key identifier: 36:28:36:0B:AF:84:48:41:F9:8F:0F:58:01:E0:31:64:BD:F3:60:20
Certificate issuer: /CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF
Certificate serial: 06F1
Authority key identifier: FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/Nig2C6-ESEH5jw9YAeAxZL3zYCA.roa
Signing time: Fri 21 Mar 2025 03:28:21 +0000
ROA not before: Fri 21 Mar 2025 03:28:21 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 146806
IP address blocks: 157.66.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1777 (0x6f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF
Validity
Not Before: Mar 21 03:28:21 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=3628360BAF844841F98F0F5801E03164BDF36020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b8:aa:7e:67:3d:45:62:98:b6:06:68:00:f0:
9a:96:00:72:81:f0:c1:17:48:0d:64:7b:51:1d:c8:
a5:a4:3e:b5:86:fb:8d:10:a9:e0:b5:0e:d5:21:f7:
97:28:18:e9:f8:0c:b0:13:44:5c:fc:9f:30:59:08:
da:21:8c:9b:37:ad:29:50:ce:0b:2c:b3:b4:9e:7d:
80:e3:3a:20:b2:8d:0a:53:2c:61:d9:22:d0:60:f9:
93:ec:49:73:54:c1:ab:71:c3:fc:57:67:e1:bf:4c:
e2:3c:47:7a:29:dc:c4:45:e6:a6:e1:b1:6a:88:f2:
69:8a:be:02:8b:1d:6a:28:aa:9c:41:55:1e:80:45:
b5:15:95:46:de:01:c6:18:e8:85:f6:6c:d0:a1:e2:
f7:9e:2d:60:b8:73:bb:ee:31:74:47:35:7e:1f:17:
5f:4e:fd:97:ed:c5:ae:48:35:ed:5a:1d:d1:6d:78:
6e:42:03:5e:50:4f:ac:ab:d6:cc:fa:c0:c6:ca:f3:
cc:df:33:34:60:db:9e:73:92:91:b2:11:19:1f:06:
04:ae:1a:89:85:cb:67:dc:65:7f:80:23:5b:4e:e6:
d7:7a:e5:eb:38:30:82:de:a4:a2:ee:f9:8c:be:c4:
db:8a:27:80:1e:1c:b1:a3:58:b5:c1:23:a5:79:c3:
f0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:28:36:0B:AF:84:48:41:F9:8F:0F:58:01:E0:31:64:BD:F3:60:20
X509v3 Authority Key Identifier:
keyid:FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/_TQehBwYN3f4-R30_NoLue-gYb8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/Nig2C6-ESEH5jw9YAeAxZL3zYCA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.42.0/24
Signature Algorithm: sha256WithRSAEncryption
21:84:6c:19:64:7e:6d:f7:11:1d:55:84:55:23:26:0d:31:4f:
97:fa:2e:25:9c:75:38:90:28:e1:be:20:45:98:ee:bd:a7:98:
57:e6:d3:47:4d:75:e3:a1:74:49:4f:b4:1b:87:94:3b:21:fd:
74:ce:cb:dc:da:27:ae:4a:f2:23:d9:fb:be:6a:18:bc:89:08:
cb:a6:87:bb:68:7d:eb:c4:ba:85:c5:de:d4:f9:36:c4:fb:aa:
58:2b:b5:85:c6:b3:b0:11:80:4c:3e:8b:4b:5f:58:23:24:f7:
5b:63:13:55:28:43:13:d7:36:59:8a:12:af:bc:0d:a3:a1:e1:
1c:79:b9:e9:a2:7f:3b:be:b1:9c:07:46:de:0b:ad:4b:35:53:
75:81:22:cd:38:b7:95:de:61:fd:2d:17:89:01:04:98:ee:c4:
e8:a7:ca:0d:09:4e:e1:9b:39:e8:99:bf:1b:50:2d:bb:8a:6a:
54:ce:39:1a:6b:52:62:d9:a5:15:a8:c4:1a:da:fb:71:94:8b:
41:59:55:2e:97:47:80:0c:8d:72:72:11:14:28:be:73:6b:0c:
18:97:73:f3:45:5e:d1:a5:9f:88:0d:99:17:cb:81:2d:9a:46:
8e:66:9d:b1:57:a7:ed:9f:0d:5d:fb:4a:b0:37:35:ea:ae:4f:
9f:88:7c:83
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICBvEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkQz
NDFFODQxQzE4Mzc3N0Y4RjkxREY0RkNEQTBCQjlFRkEwNjFCRjAeFw0yNTAzMjEw
MzI4MjFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM2MjgzNjBCQUY4NDQ4
NDFGOThGMEY1ODAxRTAzMTY0QkRGMzYwMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXuKp+Zz1FYpi2BmgA8JqWAHKB8MEXSA1ke1EdyKWkPrWG+40Q
qeC1DtUh95coGOn4DLATRFz8nzBZCNohjJs3rSlQzgsss7SefYDjOiCyjQpTLGHZ
ItBg+ZPsSXNUwatxw/xXZ+G/TOI8R3op3MRF5qbhsWqI8mmKvgKLHWooqpxBVR6A
RbUVlUbeAcYY6IX2bNCh4veeLWC4c7vuMXRHNX4fF19O/Zftxa5INe1aHdFteG5C
A15QT6yr1sz6wMbK88zfMzRg255zkpGyERkfBgSuGomFy2fcZX+AI1tO5td65es4
MILepKLu+Yy+xNuKJ4AeHLGjWLXBI6V5w/C3AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUNig2C6+ESEH5jw9YAeAxZL3zYCAwHwYDVR0jBBgwFoAU/TQehBwYN3f4+R30
/NoLue+gYb8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3
Mi9fVFFlaEJ3WU4zZjQtUjMwX05vTHVlLWdZYjguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL19UUWVoQndZTjNmNC1SMzBfTm9MdWUtZ1liOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzIvTmlnMkM2LUVTRUg1
anc5WUFlQXhaTDN6WUNBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJ1CKjANBgkqhkiG9w0BAQsFAAOCAQEAIYRsGWR+bfcRHVWEVSMmDTFPl/ou
JZx1OJAo4b4gRZjuvaeYV+bTR01146F0SU+0G4eUOyH9dM7L3NonrkryI9n7vmoY
vIkIy6aHu2h968S6hcXe1Pk2xPuqWCu1hcazsBGATD6LS19YIyT3W2MTVShDE9c2
WYoSr7wNo6HhHHm56aJ/O76xnAdG3gutSzVTdYEizTi3ld5h/S0XiQEEmO7E6KfK
DQlO4Zs56Jm/G1Atu4pqVM45GmtSYtmlFajEGtr7cZSLQVlVLpdHgAyNcnIRFCi+
c2sMGJdz80Ve0aWfiA2ZF8uBLZpGjmadsVen7Z8NXftKsDc16q5Pn4h8gw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:54 2025 by rpki-client