Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/_nvmeXPbSzL7-Y-DR-1TBImsJBs.roa
File: _nvmeXPbSzL7-Y-DR-1TBImsJBs.roa (raw, json)
Hash identifier: mrWV6Vs8RrVBH5vgGrWSkBEJjtA9y7bPBKUQHqKeRLg=
Subject key identifier: FE:7B:E6:79:73:DB:4B:32:FB:F9:8F:83:47:ED:53:04:89:AC:24:1B
Certificate issuer: /CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF
Certificate serial: 0845
Authority key identifier: FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/_nvmeXPbSzL7-Y-DR-1TBImsJBs.roa
Signing time: Tue 27 May 2025 00:35:14 +0000
ROA not before: Tue 27 May 2025 00:35:14 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 211392
IP address blocks: 157.66.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2117 (0x845)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF
Validity
Not Before: May 27 00:35:14 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=FE7BE67973DB4B32FBF98F8347ED530489AC241B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1d:7d:28:f7:e8:8d:7a:cb:50:2f:0a:84:3c:
d6:94:84:f8:42:84:33:b4:12:e9:0f:5c:fe:76:a0:
55:22:90:9c:1c:8c:99:01:2a:6f:2f:82:8d:18:10:
9b:2d:05:a2:97:da:ee:a7:0d:f3:8c:9a:0a:47:68:
01:02:7c:50:92:0f:9f:15:8b:3e:c7:70:a4:41:a2:
da:fc:01:25:a9:02:fb:4e:4a:de:e6:30:bf:29:6e:
ce:ce:54:19:8f:33:62:b3:85:61:24:49:22:70:0b:
b6:9e:4f:bf:f5:6f:1f:6c:a5:aa:11:eb:92:30:56:
2c:44:bc:54:9b:17:9a:4d:9d:7d:bd:1a:d6:f0:26:
21:bb:a3:3f:a9:e6:c3:db:83:b1:91:4c:77:38:a2:
9d:c0:4b:87:0b:75:d9:51:1a:75:19:0a:e8:23:b1:
80:b4:0e:96:bd:fe:e1:18:89:cc:c1:9e:74:7c:69:
34:36:33:6e:b4:ae:ea:1d:8d:b2:bb:f6:74:29:4a:
ad:ec:64:38:62:30:36:d5:0d:e6:c6:04:e0:e6:46:
99:84:49:9b:2e:72:02:c4:d2:d5:79:5d:19:d2:6a:
ce:5b:34:4b:76:f9:db:34:8b:b0:f8:32:9b:22:c5:
f7:60:f8:29:fe:a6:53:f9:1d:c5:96:79:94:b6:14:
e3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:7B:E6:79:73:DB:4B:32:FB:F9:8F:83:47:ED:53:04:89:AC:24:1B
X509v3 Authority Key Identifier:
keyid:FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/_TQehBwYN3f4-R30_NoLue-gYb8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/_nvmeXPbSzL7-Y-DR-1TBImsJBs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.42.0/24
Signature Algorithm: sha256WithRSAEncryption
17:9e:13:09:c3:f2:44:9f:c2:e8:4b:bb:c8:bb:e2:03:be:b5:
f1:c8:0f:2d:b3:5b:92:9c:11:6f:03:76:44:11:c6:89:10:52:
42:12:d8:43:a7:cc:6e:1f:47:71:7c:a9:bf:2b:bc:16:30:d1:
89:bd:de:49:6c:7d:45:48:b7:41:7f:c6:80:72:0a:bf:f8:43:
d1:c5:dd:d0:c9:1a:dc:60:8c:2c:19:2d:eb:14:6f:97:c0:f6:
8f:09:38:f3:45:37:f4:b8:22:0c:06:b4:8d:4d:ad:59:d1:ef:
3b:98:09:7d:06:32:ba:d3:da:97:dc:77:d5:0c:67:90:a0:5c:
1d:0a:81:d7:1f:86:78:e1:b6:a4:a4:0f:0d:4c:a8:0c:77:e9:
99:10:d5:dd:e3:8f:40:a5:e4:75:d4:da:5f:4c:1d:2e:99:c6:
0e:15:b6:93:b9:f1:4c:5e:3d:48:d6:83:9e:a6:6c:93:fd:14:
0b:46:a3:27:fd:c5:60:fd:09:47:bc:43:90:13:3d:dc:aa:fc:
19:fd:55:f7:9e:61:64:ea:83:c8:68:cb:77:72:f5:64:f2:5e:
cd:7c:d2:71:9d:bd:b9:f9:55:b5:ee:eb:5b:e4:55:11:c7:4b:
a0:7f:83:8f:e9:ce:f8:9b:2f:7c:3b:30:51:79:ac:94:90:66:
2e:be:1d:af
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCEUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkQz
NDFFODQxQzE4Mzc3N0Y4RjkxREY0RkNEQTBCQjlFRkEwNjFCRjAeFw0yNTA1Mjcw
MDM1MTRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEZFN0JFNjc5NzNEQjRC
MzJGQkY5OEY4MzQ3RUQ1MzA0ODlBQzI0MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYHX0o9+iNestQLwqEPNaUhPhChDO0EukPXP52oFUikJwcjJkB
Km8vgo0YEJstBaKX2u6nDfOMmgpHaAECfFCSD58Viz7HcKRBotr8ASWpAvtOSt7m
ML8pbs7OVBmPM2KzhWEkSSJwC7aeT7/1bx9spaoR65IwVixEvFSbF5pNnX29Gtbw
JiG7oz+p5sPbg7GRTHc4op3AS4cLddlRGnUZCugjsYC0Dpa9/uEYiczBnnR8aTQ2
M260ruodjbK79nQpSq3sZDhiMDbVDebGBODmRpmESZsucgLE0tV5XRnSas5bNEt2
+ds0i7D4Mpsixfdg+Cn+plP5HcWWeZS2FOPxAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU/nvmeXPbSzL7+Y+DR+1TBImsJBswHwYDVR0jBBgwFoAU/TQehBwYN3f4+R30
/NoLue+gYb8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3
Mi9fVFFlaEJ3WU4zZjQtUjMwX05vTHVlLWdZYjguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL19UUWVoQndZTjNmNC1SMzBfTm9MdWUtZ1liOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzIvX252bWVYUGJTekw3
LVktRFItMVRCSW1zSkJzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJ1CKjANBgkqhkiG9w0BAQsFAAOCAQEAF54TCcPyRJ/C6Eu7yLviA7618cgP
LbNbkpwRbwN2RBHGiRBSQhLYQ6fMbh9HcXypvyu8FjDRib3eSWx9RUi3QX/GgHIK
v/hD0cXd0Mka3GCMLBkt6xRvl8D2jwk480U39LgiDAa0jU2tWdHvO5gJfQYyutPa
l9x31QxnkKBcHQqB1x+GeOG2pKQPDUyoDHfpmRDV3eOPQKXkddTaX0wdLpnGDhW2
k7nxTF49SNaDnqZsk/0UC0ajJ/3FYP0JR7xDkBM93Kr8Gf1V955hZOqDyGjLd3L1
ZPJezXzScZ29uflVte7rW+RVEcdLoH+Dj+nO+JsvfDswUXmslJBmLr4drw==
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:03:53 2025 by rpki-client