Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/z8ROOvpLClOvSR6IhvcLephY-tM.roa
File: z8ROOvpLClOvSR6IhvcLephY-tM.roa (raw, json)
Hash identifier: bddYJe68JYyYkZKZ/uix57o8m/EJDTIZ2ch0s9sYnAA=
Subject key identifier: CF:C4:4E:3A:FA:4B:0A:53:AF:49:1E:88:86:F7:0B:7A:98:58:FA:D3
Certificate issuer: /CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A
Certificate serial: 0449
Authority key identifier: B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/z8ROOvpLClOvSR6IhvcLephY-tM.roa
Signing time: Tue 05 Nov 2024 07:32:51 +0000
ROA not before: Tue 05 Nov 2024 07:32:51 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 146806
IP address blocks: 157.66.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1097 (0x449)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A
Validity
Not Before: Nov 5 07:32:51 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=CFC44E3AFA4B0A53AF491E8886F70B7A9858FAD3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:80:64:df:ee:6e:fc:cc:37:ab:6e:41:aa:cf:
98:ec:20:6d:44:e1:7b:4a:e4:3a:70:e9:9f:a0:84:
be:a0:f4:0a:d9:d3:4e:05:0e:aa:bb:98:f0:16:e2:
33:1e:0a:c1:20:e9:51:bd:75:13:17:e5:16:86:db:
a7:dc:f8:6a:40:f7:6a:69:a5:f8:c1:80:45:7e:64:
1e:b9:b3:66:7f:1a:b5:55:5a:65:b8:a3:2b:fa:01:
58:85:de:88:55:14:f6:73:b6:81:af:80:f5:f2:57:
77:16:75:42:07:49:46:13:bc:c1:4b:8a:51:2c:40:
c0:ee:7b:bc:6c:2c:0c:cd:c8:73:80:91:ec:85:0a:
2d:cf:45:3d:65:28:a6:bc:d4:bb:36:d0:71:28:94:
80:9e:ad:23:76:5d:0f:f8:94:38:7d:ed:ec:24:ba:
90:49:09:81:27:40:32:7b:ec:27:1f:bf:db:e7:c5:
b2:31:92:37:f5:ab:84:de:85:03:19:96:75:f5:0c:
46:5c:95:99:31:9e:75:29:d1:8b:41:9b:f6:55:33:
dd:12:a4:71:d6:b8:2e:21:c7:a8:98:6b:78:b1:b0:
ee:16:ba:9c:18:2e:90:2a:ce:f5:e8:06:40:f4:f8:
60:48:36:e4:cb:44:73:43:52:c6:38:5f:76:68:e5:
cf:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:C4:4E:3A:FA:4B:0A:53:AF:49:1E:88:86:F7:0B:7A:98:58:FA:D3
X509v3 Authority Key Identifier:
keyid:B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/z8ROOvpLClOvSR6IhvcLephY-tM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.43.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:70:39:e0:82:08:a9:11:40:d8:2a:8d:1c:72:dc:86:6a:8d:
86:9f:6b:d4:61:72:84:a9:d8:c0:a2:28:39:ce:25:28:a0:2c:
3f:b9:2c:a6:6a:5b:f4:0f:03:79:45:62:bb:3a:aa:21:25:27:
82:55:d1:c3:7a:ac:19:15:02:5f:b4:de:74:f7:15:c3:0d:c1:
9a:c7:79:c7:ff:ae:ce:1a:10:44:44:2f:cb:5a:87:e3:46:2d:
70:09:68:85:58:74:42:6f:a6:3a:a2:43:4d:cf:14:f1:29:fd:
af:50:fc:8c:6e:4e:71:ad:c5:e3:44:90:d8:c7:d6:09:6c:a8:
ee:26:14:87:95:37:83:76:22:5d:31:b7:5d:57:72:42:56:73:
32:50:51:ae:e4:58:9f:f2:b2:55:48:97:ce:b3:0a:89:73:4d:
4d:9c:06:6b:dd:92:83:21:f3:da:21:d5:ac:14:ca:54:82:6f:
23:17:36:a1:ef:eb:ee:68:1c:bc:36:ef:db:ac:98:98:77:23:
21:8a:1a:5d:13:1f:dd:22:92:07:d8:52:d6:4d:cb:d1:48:28:
10:dc:d4:ff:8c:14:ce:4d:fe:1e:d5:e0:77:1a:27:d4:b8:b0:
4c:a2:c0:fc:87:ab:d9:9b:47:9d:b8:7b:77:a6:6f:a6:da:b5:
b2:fb:c1:f1
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICBEkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjUy
RjBGM0ZGNzM3MUZGMUNFOUQ4MjNFOTU0OUZDMTE1OEIxNkEyQTAeFw0yNDExMDUw
NzMyNTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKENGQzQ0RTNBRkE0QjBB
NTNBRjQ5MUU4ODg2RjcwQjdBOTg1OEZBRDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9gGTf7m78zDerbkGqz5jsIG1E4XtK5Dpw6Z+ghL6g9ArZ004F
Dqq7mPAW4jMeCsEg6VG9dRMX5RaG26fc+GpA92pppfjBgEV+ZB65s2Z/GrVVWmW4
oyv6AViF3ohVFPZztoGvgPXyV3cWdUIHSUYTvMFLilEsQMDue7xsLAzNyHOAkeyF
Ci3PRT1lKKa81Ls20HEolICerSN2XQ/4lDh97ewkupBJCYEnQDJ77Ccfv9vnxbIx
kjf1q4TehQMZlnX1DEZclZkxnnUp0YtBm/ZVM90SpHHWuC4hx6iYa3ixsO4WupwY
LpAqzvXoBkD0+GBINuTLRHNDUsY4X3Zo5c8rAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUz8ROOvpLClOvSR6IhvcLephY+tMwHwYDVR0jBBgwFoAUtS8PP/c3H/HOnYI+
lUn8EVixaiowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3
Mi90UzhQUF9jM0hfSE9uWUktbFVuOEVWaXhhaW8uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3RTOFBQX2MzSF9IT25ZSS1sVW44RVZpeGFpby5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzIvejhST092cExDbE92
U1I2SWh2Y0xlcGhZLXRNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJ1CKzANBgkqhkiG9w0BAQsFAAOCAQEAjnA54IIIqRFA2CqNHHLchmqNhp9r
1GFyhKnYwKIoOc4lKKAsP7kspmpb9A8DeUViuzqqISUnglXRw3qsGRUCX7TedPcV
ww3Bmsd5x/+uzhoQREQvy1qH40YtcAlohVh0Qm+mOqJDTc8U8Sn9r1D8jG5Oca3F
40SQ2MfWCWyo7iYUh5U3g3YiXTG3XVdyQlZzMlBRruRYn/KyVUiXzrMKiXNNTZwG
a92SgyHz2iHVrBTKVIJvIxc2oe/r7mgcvDbv26yYmHcjIYoaXRMf3SKSB9hS1k3L
0UgoENzU/4wUzk3+HtXgdxon1LiwTKLA/Ier2ZtHnbh7d6Zvptq1svvB8Q==
-----END CERTIFICATE-----
Generated at Mon Apr 14 18:41:59 2025 by rpki-client