Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/Wl-YPP0_Bw6OnuMhBeS8nGaKeIU.roa
File: Wl-YPP0_Bw6OnuMhBeS8nGaKeIU.roa (raw, json)
Hash identifier: ZMbrEcwRnQbyC/aTKGpWgS8bd4QkE0TQvzREVna/w1Y=
Subject key identifier: 5A:5F:98:3C:FD:3F:07:0E:8E:9E:E3:21:05:E4:BC:9C:66:8A:78:85
Certificate issuer: /CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF
Certificate serial: 06EF
Authority key identifier: FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/Wl-YPP0_Bw6OnuMhBeS8nGaKeIU.roa
Signing time: Fri 21 Mar 2025 03:28:20 +0000
ROA not before: Fri 21 Mar 2025 03:28:20 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 211392
IP address blocks: 157.66.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1775 (0x6ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF
Validity
Not Before: Mar 21 03:28:20 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=5A5F983CFD3F070E8E9EE32105E4BC9C668A7885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:42:a2:b8:14:db:cc:42:28:22:db:2d:75:5a:
25:fc:5f:1d:fc:14:bc:75:ce:36:20:6d:0d:12:1d:
98:92:66:57:1e:d9:dc:3b:61:f4:24:6f:61:aa:40:
d2:35:99:a7:c0:67:bd:32:5f:8c:ba:24:f4:21:0e:
dd:bb:da:da:1a:7a:12:d6:1e:56:cf:0a:36:cd:68:
f7:35:c0:d9:7d:c9:7c:2c:97:09:f9:44:b7:f9:f7:
72:68:f2:48:9f:a0:ac:f1:c3:41:6d:e8:03:f2:8c:
88:f3:37:fa:03:d3:98:ec:78:a4:60:cd:c6:76:b1:
68:b5:f3:a7:8e:90:16:cf:9b:d5:8f:d2:37:34:43:
01:71:66:b7:fe:1e:9f:c2:61:6f:97:f6:d6:0d:39:
9e:a2:48:54:76:42:0c:46:3e:b8:0d:c0:c1:34:65:
da:b8:0f:87:0a:df:b0:f9:75:7c:f0:78:e7:23:d1:
4f:70:2c:5c:40:26:a9:fc:32:5e:c7:7c:d1:f6:95:
2f:be:db:96:79:ac:fd:36:98:58:1a:f5:a9:51:b7:
35:15:c2:87:5c:1f:92:f2:59:d0:1d:85:f6:a7:1a:
35:ab:91:13:ff:01:4b:cb:d0:eb:ee:3b:86:a7:09:
19:53:23:cc:38:18:d2:fe:51:d3:9d:0c:3e:c5:f4:
f5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:5F:98:3C:FD:3F:07:0E:8E:9E:E3:21:05:E4:BC:9C:66:8A:78:85
X509v3 Authority Key Identifier:
keyid:FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/_TQehBwYN3f4-R30_NoLue-gYb8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/Wl-YPP0_Bw6OnuMhBeS8nGaKeIU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.42.0/24
Signature Algorithm: sha256WithRSAEncryption
08:5e:cc:bc:36:65:b5:07:14:64:73:69:52:64:78:c4:50:16:
ed:de:58:43:45:7f:29:a7:2c:ce:3c:2a:ea:11:d0:07:80:f8:
d7:9e:7f:08:15:8f:37:d0:ce:55:6e:03:67:f6:df:b4:e2:51:
dc:92:24:94:6e:c1:63:1b:66:fa:a6:76:d5:64:4a:d3:5f:2f:
d1:4b:b5:8b:9a:34:65:db:36:67:1a:43:49:ac:5e:d6:4f:f0:
a4:14:c7:24:bf:83:5a:3a:4c:6b:c5:1a:1b:c0:1b:14:85:22:
42:fa:66:4c:92:65:76:02:52:34:7b:f1:30:12:21:ae:43:ba:
0e:64:31:ea:19:08:d1:1b:e9:c7:fd:04:ec:ba:dc:03:43:1d:
c2:24:8c:94:a7:68:84:be:7c:e3:53:28:19:29:2f:ed:50:1e:
d9:38:d9:6a:9f:f8:e0:fb:67:1d:c8:8d:b8:ad:40:43:e5:cb:
82:3c:67:ea:a8:b5:9d:92:61:55:c1:e6:74:ca:31:1c:2a:f4:
e3:5d:a0:29:77:4f:0c:21:8e:47:e4:ce:36:38:49:39:55:2e:
a8:f3:50:6e:ae:e9:f7:b6:14:b3:af:74:89:96:1c:96:5b:3b:
77:c8:69:69:c3:90:fc:a7:24:e5:a2:9b:ad:11:e3:da:83:d7:
8d:b3:a6:d2
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICBu8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkQz
NDFFODQxQzE4Mzc3N0Y4RjkxREY0RkNEQTBCQjlFRkEwNjFCRjAeFw0yNTAzMjEw
MzI4MjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDVBNUY5ODNDRkQzRjA3
MEU4RTlFRTMyMTA1RTRCQzlDNjY4QTc4ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjQqK4FNvMQigi2y11WiX8Xx38FLx1zjYgbQ0SHZiSZlce2dw7
YfQkb2GqQNI1mafAZ70yX4y6JPQhDt272toaehLWHlbPCjbNaPc1wNl9yXwslwn5
RLf593Jo8kifoKzxw0Ft6APyjIjzN/oD05jseKRgzcZ2sWi186eOkBbPm9WP0jc0
QwFxZrf+Hp/CYW+X9tYNOZ6iSFR2QgxGPrgNwME0Zdq4D4cK37D5dXzweOcj0U9w
LFxAJqn8Ml7HfNH2lS++25Z5rP02mFga9alRtzUVwodcH5LyWdAdhfanGjWrkRP/
AUvL0OvuO4anCRlTI8w4GNL+UdOdDD7F9PU5AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUWl+YPP0/Bw6OnuMhBeS8nGaKeIUwHwYDVR0jBBgwFoAU/TQehBwYN3f4+R30
/NoLue+gYb8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3
Mi9fVFFlaEJ3WU4zZjQtUjMwX05vTHVlLWdZYjguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL19UUWVoQndZTjNmNC1SMzBfTm9MdWUtZ1liOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzIvV2wtWVBQMF9CdzZP
bnVNaEJlUzhuR2FLZUlVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJ1CKjANBgkqhkiG9w0BAQsFAAOCAQEACF7MvDZltQcUZHNpUmR4xFAW7d5Y
Q0V/Kacszjwq6hHQB4D4155/CBWPN9DOVW4DZ/bftOJR3JIklG7BYxtm+qZ21WRK
018v0Uu1i5o0Zds2ZxpDSaxe1k/wpBTHJL+DWjpMa8UaG8AbFIUiQvpmTJJldgJS
NHvxMBIhrkO6DmQx6hkI0Rvpx/0E7LrcA0MdwiSMlKdohL5841MoGSkv7VAe2TjZ
ap/44PtnHciNuK1AQ+XLgjxn6qi1nZJhVcHmdMoxHCr0412gKXdPDCGOR+TONjhJ
OVUuqPNQbq7p97YUs690iZYclls7d8hpacOQ/Kck5aKbrRHj2oPXjbOm0g==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:50 2025 by rpki-client