Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/utBxSla5Y9Lm4eJRpxCBsS2c1JQ.roa
File: utBxSla5Y9Lm4eJRpxCBsS2c1JQ.roa (raw, json)
Hash identifier: 0GKjm4b6pMwIffdCFC1KrIdfY7BZxhXnDJ/P+r++YIQ=
Subject key identifier: BA:D0:71:4A:56:B9:63:D2:E6:E1:E2:51:A7:10:81:B1:2D:9C:D4:94
Certificate issuer: /CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A
Certificate serial: 0445
Authority key identifier: B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/utBxSla5Y9Lm4eJRpxCBsS2c1JQ.roa
Signing time: Tue 05 Nov 2024 07:32:50 +0000
ROA not before: Tue 05 Nov 2024 07:32:50 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 211392
IP address blocks: 157.66.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1093 (0x445)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A
Validity
Not Before: Nov 5 07:32:50 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=BAD0714A56B963D2E6E1E251A71081B12D9CD494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7f:ff:05:74:f5:7a:06:73:5a:cb:95:06:cc:
14:b7:19:fa:4e:e0:7e:4e:d4:a2:06:78:61:c5:48:
47:2f:da:a0:48:b2:f4:0e:11:0e:30:28:fe:4b:63:
01:4a:95:e9:69:b3:25:9e:bc:60:a3:db:3f:d7:0d:
a6:d6:e7:a4:04:f6:58:42:69:c2:e5:53:12:e7:02:
2a:28:2c:22:54:66:82:ed:af:b9:7c:ed:77:10:0e:
7d:58:fc:09:13:6b:b0:15:31:50:47:c9:a0:91:c5:
75:d3:2f:1f:25:51:3b:0d:54:5b:76:ec:42:75:56:
74:c3:7d:a7:00:ea:bb:8f:b0:b4:4b:a4:02:52:c3:
66:f3:88:ab:44:c9:f7:46:4e:90:9a:d4:12:49:76:
17:9d:1b:e5:14:c0:d0:7e:4d:83:0b:2f:df:48:7d:
2d:01:f2:60:1d:fe:89:44:59:35:05:b4:43:7d:7f:
4d:95:18:1f:53:8f:7f:90:c0:6b:63:7f:6a:d7:0a:
7f:ba:44:46:d7:dd:e6:20:bb:c7:f4:a7:d2:21:58:
df:48:60:ce:3a:30:82:f0:1c:9b:d2:da:cd:7f:76:
11:bf:c9:15:93:ea:53:3e:98:e4:b4:66:22:f1:88:
ec:23:38:f8:fa:32:8d:7b:4a:9b:cf:3b:ce:f1:14:
b4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:D0:71:4A:56:B9:63:D2:E6:E1:E2:51:A7:10:81:B1:2D:9C:D4:94
X509v3 Authority Key Identifier:
keyid:B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/utBxSla5Y9Lm4eJRpxCBsS2c1JQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.43.0/24
Signature Algorithm: sha256WithRSAEncryption
81:05:95:f5:0d:92:ec:fa:34:b8:9d:7d:fd:4b:e6:c8:8c:5a:
de:6c:b9:ff:6a:09:1a:f2:78:a2:6f:44:27:89:9a:e6:4c:77:
eb:9b:60:b6:36:05:2e:04:c0:06:44:5a:cc:93:57:24:9e:a6:
ca:69:90:7a:6c:11:8b:08:59:38:c6:49:2c:fd:01:7d:c7:b5:
1b:7c:b7:35:c2:4d:d2:8a:76:2b:92:8b:80:78:25:d8:ba:6b:
89:95:46:77:96:72:bf:8b:c2:6c:7e:cf:a5:b3:a7:78:fd:04:
34:d2:81:d1:a6:cd:40:7d:1c:d6:b2:23:31:85:1e:39:cf:10:
54:84:4b:3a:79:d4:6c:e9:84:53:e9:df:43:7d:9f:8a:a9:d0:
e5:06:c0:e4:7c:24:c0:e4:17:e1:24:03:2a:90:17:63:4c:39:
f2:70:f2:e5:f5:b6:8d:0f:51:c3:58:fc:92:b2:2d:29:5d:f9:
c6:7d:95:09:6e:ee:be:a1:1f:f3:f9:0a:74:00:e1:0d:f0:17:
ce:8f:91:b7:a4:82:a3:3c:f9:14:32:ac:4b:c5:95:eb:31:8f:
1e:d6:81:b8:2d:55:fa:d8:6a:9d:33:f3:5e:6d:0f:67:4f:e5:
42:a1:4b:ef:f1:01:8e:cf:aa:9b:2c:10:27:4d:38:5d:c1:a6:
f9:bb:42:28
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICBEUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjUy
RjBGM0ZGNzM3MUZGMUNFOUQ4MjNFOTU0OUZDMTE1OEIxNkEyQTAeFw0yNDExMDUw
NzMyNTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJBRDA3MTRBNTZCOTYz
RDJFNkUxRTI1MUE3MTA4MUIxMkQ5Q0Q0OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpf/8FdPV6BnNay5UGzBS3GfpO4H5O1KIGeGHFSEcv2qBIsvQO
EQ4wKP5LYwFKlelpsyWevGCj2z/XDabW56QE9lhCacLlUxLnAiooLCJUZoLtr7l8
7XcQDn1Y/AkTa7AVMVBHyaCRxXXTLx8lUTsNVFt27EJ1VnTDfacA6ruPsLRLpAJS
w2bziKtEyfdGTpCa1BJJdhedG+UUwNB+TYMLL99IfS0B8mAd/olEWTUFtEN9f02V
GB9Tj3+QwGtjf2rXCn+6REbX3eYgu8f0p9IhWN9IYM46MILwHJvS2s1/dhG/yRWT
6lM+mOS0ZiLxiOwjOPj6Mo17SpvPO87xFLSrAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUutBxSla5Y9Lm4eJRpxCBsS2c1JQwHwYDVR0jBBgwFoAUtS8PP/c3H/HOnYI+
lUn8EVixaiowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3
Mi90UzhQUF9jM0hfSE9uWUktbFVuOEVWaXhhaW8uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3RTOFBQX2MzSF9IT25ZSS1sVW44RVZpeGFpby5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzIvdXRCeFNsYTVZOUxt
NGVKUnB4Q0JzUzJjMUpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJ1CKzANBgkqhkiG9w0BAQsFAAOCAQEAgQWV9Q2S7Po0uJ19/UvmyIxa3my5
/2oJGvJ4om9EJ4ma5kx365tgtjYFLgTABkRazJNXJJ6mymmQemwRiwhZOMZJLP0B
fce1G3y3NcJN0op2K5KLgHgl2LpriZVGd5Zyv4vCbH7PpbOneP0ENNKB0abNQH0c
1rIjMYUeOc8QVIRLOnnUbOmEU+nfQ32fiqnQ5QbA5HwkwOQX4SQDKpAXY0w58nDy
5fW2jQ9Rw1j8krItKV35xn2VCW7uvqEf8/kKdADhDfAXzo+Rt6SCozz5FDKsS8WV
6zGPHtaBuC1V+thqnTPzXm0PZ0/lQqFL7/EBjs+qmywQJ004XcGm+btCKA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:44 2025 by rpki-client