Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/1TWKMa2wLywl2gcltY_XmhpTRwg.roa
File: 1TWKMa2wLywl2gcltY_XmhpTRwg.roa (raw, json)
Hash identifier: 2Q7EJtOSffCAfzXv2J7iTWUXHTAKkB3QFfx45u34Iac=
Subject key identifier: D5:35:8A:31:AD:B0:2F:2C:25:DA:07:25:B5:8F:D7:9A:1A:53:47:08
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 093C
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/1TWKMa2wLywl2gcltY_XmhpTRwg.roa
Signing time: Fri 17 Jan 2025 01:23:42 +0000
ROA not before: Fri 17 Jan 2025 01:23:42 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 2914
IP address blocks: 58.66.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2364 (0x93c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Jan 17 01:23:42 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D5358A31ADB02F2C25DA0725B58FD79A1A534708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0b:97:98:ac:c7:6c:f0:96:f2:85:5f:25:36:
ef:6a:63:15:25:72:ee:77:11:85:f1:a0:61:52:43:
0d:5c:63:c4:45:5b:4c:9e:c4:53:34:28:3d:4c:0b:
89:3e:7b:04:f2:45:47:59:ff:dc:f3:94:31:ff:e1:
77:df:e4:e2:a7:21:29:77:bc:08:4e:2a:97:21:8c:
41:52:01:ed:2a:53:b1:33:64:f3:77:80:4d:23:5a:
5a:29:8b:1f:b0:0a:f0:cd:12:d2:c9:f8:5d:9e:c0:
39:9b:b2:bb:06:d2:82:75:be:6d:94:76:07:ff:1e:
59:83:a4:7d:e3:0e:be:e7:f3:9e:6a:0b:cc:c2:c8:
6e:1b:55:60:81:5c:74:af:45:47:e0:29:65:82:ee:
6d:ef:18:3e:e1:9a:02:1a:6e:91:a6:af:a5:59:e2:
b8:bc:8d:47:1a:c6:ae:fb:11:aa:21:58:af:53:6f:
c7:df:de:d4:de:03:5c:7f:44:ec:b0:85:4e:91:5d:
17:f2:b4:55:93:1d:b7:e4:e9:85:a3:3f:a3:82:e5:
b9:95:b7:45:cd:ba:72:c9:8a:6c:18:5f:3d:83:da:
e8:72:e3:4a:13:36:29:7f:19:16:2a:68:c1:e6:63:
ed:f4:18:81:07:70:d1:42:99:ce:3f:8e:24:67:92:
b7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:35:8A:31:AD:B0:2F:2C:25:DA:07:25:B5:8F:D7:9A:1A:53:47:08
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/1TWKMa2wLywl2gcltY_XmhpTRwg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.128.0/18
Signature Algorithm: sha256WithRSAEncryption
2d:7c:32:4d:5c:67:ae:12:51:75:10:55:41:08:31:c4:1a:82:
b3:f5:db:ba:41:9e:b3:04:f4:c2:08:aa:95:1a:aa:4f:92:4a:
2e:d7:9e:4a:af:e8:42:49:59:7e:71:73:71:0a:a0:80:a2:3e:
8b:92:b5:74:4b:53:66:14:40:08:0d:a6:70:48:cb:ac:08:de:
70:9b:7e:84:b0:24:a2:8f:98:f4:2f:7a:0e:0e:cd:13:ad:c9:
51:98:cd:04:8e:50:ab:b3:1c:e2:34:45:b1:fa:a8:0d:cb:69:
d0:49:a8:82:fb:14:c5:be:fd:2b:c2:d8:99:41:de:dd:2c:cc:
72:4d:50:48:b3:fa:d9:00:f6:e5:de:86:6a:05:64:76:f0:36:
2d:78:00:b4:82:2e:09:e9:a9:cc:e6:ab:f7:91:f6:da:3a:43:
c0:9e:42:ec:90:5e:7b:fe:1a:10:80:45:af:37:67:08:ba:ce:
40:d6:1e:49:00:39:78:da:5e:d5:7f:cc:72:af:5d:8e:cf:71:
21:e9:19:fe:96:85:6c:82:c6:88:fe:2e:a1:79:09:d8:55:84:
aa:2b:cb:21:ab:76:bf:0a:38:32:71:8e:35:a3:05:70:d3:eb:
4b:c6:fd:c7:20:32:e1:3a:3e:96:78:5d:17:4d:73:fd:e3:5b:
23:2a:33:62
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCTwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTAxMTcw
MTIzNDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ1MzU4QTMxQURCMDJG
MkMyNURBMDcyNUI1OEZENzlBMUE1MzQ3MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqC5eYrMds8JbyhV8lNu9qYxUlcu53EYXxoGFSQw1cY8RFW0ye
xFM0KD1MC4k+ewTyRUdZ/9zzlDH/4Xff5OKnISl3vAhOKpchjEFSAe0qU7EzZPN3
gE0jWlopix+wCvDNEtLJ+F2ewDmbsrsG0oJ1vm2Udgf/HlmDpH3jDr7n855qC8zC
yG4bVWCBXHSvRUfgKWWC7m3vGD7hmgIabpGmr6VZ4ri8jUcaxq77EaohWK9Tb8ff
3tTeA1x/ROywhU6RXRfytFWTHbfk6YWjP6OC5bmVt0XNunLJimwYXz2D2uhy40oT
Nil/GRYqaMHmY+30GIEHcNFCmc4/jiRnkrfrAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQU1TWKMa2wLywl2gcltY/XmhpTRwgwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvMVRXS01hMndMeXdsMmdjbHRZ
X1htaHBUUndnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjpC
gDANBgkqhkiG9w0BAQsFAAOCAQEALXwyTVxnrhJRdRBVQQgxxBqCs/XbukGeswT0
wgiqlRqqT5JKLteeSq/oQklZfnFzcQqggKI+i5K1dEtTZhRACA2mcEjLrAjecJt+
hLAkoo+Y9C96Dg7NE63JUZjNBI5Qq7Mc4jRFsfqoDctp0EmogvsUxb79K8LYmUHe
3SzMck1QSLP62QD25d6GagVkdvA2LXgAtIIuCempzOar95H22jpDwJ5C7JBee/4a
EIBFrzdnCLrOQNYeSQA5eNpe1X/Mcq9djs9xIekZ/paFbILGiP4uoXkJ2FWEqivL
Iat2vwo4MnGONaMFcNPrS8b9xyAy4To+lnhdF01z/eNbIyozYg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:02 2025 by rpki-client