Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/xFQanZAzjfIogzpovrnQ9OPPlFg.roa
File: xFQanZAzjfIogzpovrnQ9OPPlFg.roa (raw, json)
Hash identifier: 8xouqKLGQd7UWeCPKqPAxs185rHtF7GhnH9VuU5nG8Q=
Subject key identifier: C4:54:1A:9D:90:33:8D:F2:28:83:3A:68:BE:B9:D0:F4:E3:CF:94:58
Certificate issuer: /CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF
Certificate serial: 06F4
Authority key identifier: FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/xFQanZAzjfIogzpovrnQ9OPPlFg.roa
Signing time: Fri 21 Mar 2025 03:28:21 +0000
ROA not before: Fri 21 Mar 2025 03:28:21 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 211392
IP address blocks: 157.66.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1780 (0x6f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FD341E841C183777F8F91DF4FCDA0BB9EFA061BF
Validity
Not Before: Mar 21 03:28:21 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=C4541A9D90338DF228833A68BEB9D0F4E3CF9458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e0:18:d1:d7:cc:c3:50:0e:a5:e6:15:73:9e:
02:fa:05:e1:0a:e3:2c:5f:42:67:44:0c:7b:12:71:
ea:76:f1:a4:81:de:0d:c4:e8:c0:38:21:91:85:0b:
9a:5b:e2:0d:75:77:bf:78:0b:a8:ff:62:06:a8:19:
43:87:a4:5b:73:60:11:cc:80:ce:8a:0d:1b:c1:17:
00:ed:7d:cc:58:37:5c:2f:8e:74:4a:9a:ee:f6:d8:
37:fb:76:19:22:e0:6d:25:50:3b:d7:bc:dc:dc:d0:
86:09:5c:7c:cd:40:4f:8f:a0:27:0e:13:c3:38:c2:
b2:c9:6f:45:37:77:b7:8d:fb:b0:5b:bd:eb:60:00:
6f:c1:b7:ed:bb:dd:60:56:b3:87:b4:99:76:2a:b4:
e0:30:bb:7d:37:b3:63:1e:73:14:50:1d:b6:dc:2f:
be:bf:57:1f:86:15:29:be:10:9e:d1:38:6b:13:0a:
55:d8:59:04:d8:ab:f6:1b:df:5a:b8:d4:c0:c3:b3:
63:44:e0:09:a1:f3:62:5f:92:8f:4c:49:3c:43:1d:
85:13:4c:83:3d:8c:e9:d1:91:f7:93:a0:9b:40:e4:
c1:45:f8:54:0c:f2:6d:d6:80:8b:98:2c:4e:a1:c1:
dc:bd:57:e4:02:37:17:ca:fa:b4:c2:5e:d9:90:29:
80:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:54:1A:9D:90:33:8D:F2:28:83:3A:68:BE:B9:D0:F4:E3:CF:94:58
X509v3 Authority Key Identifier:
keyid:FD:34:1E:84:1C:18:37:77:F8:F9:1D:F4:FC:DA:0B:B9:EF:A0:61:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/_TQehBwYN3f4-R30_NoLue-gYb8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_TQehBwYN3f4-R30_NoLue-gYb8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/xFQanZAzjfIogzpovrnQ9OPPlFg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.43.0/24
Signature Algorithm: sha256WithRSAEncryption
81:23:30:dd:ad:93:87:3a:52:ba:da:e2:ff:95:f3:a7:8c:f5:
11:59:27:29:16:36:ca:26:d3:5e:04:29:f5:9f:c4:62:c4:8d:
d0:63:ab:ea:78:65:fd:e0:be:7a:24:68:c4:74:77:16:df:d5:
1d:95:0f:d6:d6:88:01:96:14:f2:04:fe:6b:9a:2b:88:eb:cb:
db:e7:53:db:d9:16:81:97:c9:21:cb:24:f3:2f:89:18:78:88:
4b:f4:23:37:a0:48:89:35:ed:08:6d:2b:73:3d:fd:70:b7:4f:
b6:d8:3d:88:84:73:88:ca:10:62:ef:b4:37:ee:15:2c:ad:b2:
e3:57:f5:5d:f2:a3:47:c2:30:05:7f:f5:37:be:66:e9:e9:94:
e2:b7:9d:a9:73:fc:af:07:78:f9:40:75:ac:c9:4f:85:ac:f2:
ef:95:fd:35:1e:2b:58:c4:25:98:5d:4a:57:50:8b:49:53:03:
7a:3e:5d:86:7d:2b:3d:a1:be:58:22:54:1f:a6:2c:eb:b7:f8:
66:f7:b1:35:8b:35:b8:90:6a:a1:bb:c7:f5:29:56:0d:62:a4:
54:45:29:2e:10:4c:39:06:bb:91:cc:31:fd:f7:45:36:93:ef:
9e:da:a3:1d:cd:28:6c:09:b1:df:b6:fe:8f:80:60:7b:ad:95:
02:45:1f:a3
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICBvQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkQz
NDFFODQxQzE4Mzc3N0Y4RjkxREY0RkNEQTBCQjlFRkEwNjFCRjAeFw0yNTAzMjEw
MzI4MjFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM0NTQxQTlEOTAzMzhE
RjIyODgzM0E2OEJFQjlEMEY0RTNDRjk0NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC24BjR18zDUA6l5hVzngL6BeEK4yxfQmdEDHsScep28aSB3g3E
6MA4IZGFC5pb4g11d794C6j/YgaoGUOHpFtzYBHMgM6KDRvBFwDtfcxYN1wvjnRK
mu722Df7dhki4G0lUDvXvNzc0IYJXHzNQE+PoCcOE8M4wrLJb0U3d7eN+7Bbvetg
AG/Bt+273WBWs4e0mXYqtOAwu303s2MecxRQHbbcL76/Vx+GFSm+EJ7ROGsTClXY
WQTYq/Yb31q41MDDs2NE4Amh82Jfko9MSTxDHYUTTIM9jOnRkfeToJtA5MFF+FQM
8m3WgIuYLE6hwdy9V+QCNxfK+rTCXtmQKYAJAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUxFQanZAzjfIogzpovrnQ9OPPlFgwHwYDVR0jBBgwFoAU/TQehBwYN3f4+R30
/NoLue+gYb8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3
Mi9fVFFlaEJ3WU4zZjQtUjMwX05vTHVlLWdZYjguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL19UUWVoQndZTjNmNC1SMzBfTm9MdWUtZ1liOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzIveEZRYW5aQXpqZklv
Z3pwb3ZyblE5T1BQbEZnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJ1CKzANBgkqhkiG9w0BAQsFAAOCAQEAgSMw3a2ThzpSutri/5Xzp4z1EVkn
KRY2yibTXgQp9Z/EYsSN0GOr6nhl/eC+eiRoxHR3Ft/VHZUP1taIAZYU8gT+a5or
iOvL2+dT29kWgZfJIcsk8y+JGHiIS/QjN6BIiTXtCG0rcz39cLdPttg9iIRziMoQ
Yu+0N+4VLK2y41f1XfKjR8IwBX/1N75m6emU4redqXP8rwd4+UB1rMlPhazy75X9
NR4rWMQlmF1KV1CLSVMDej5dhn0rPaG+WCJUH6Ys67f4ZvexNYs1uJBqobvH9SlW
DWKkVEUpLhBMOQa7kcwx/fdFNpPvntqjHc0obAmx37b+j4Bge62VAkUfow==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:35:02 2025 by rpki-client