Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/NvQZ_Z5ZZS4AvkupuCsOMhHMDBE.roa
File: NvQZ_Z5ZZS4AvkupuCsOMhHMDBE.roa (raw, json)
Hash identifier: 07FCjd6McooGX5bdILTn7KvqHMA1Jk5ZbARAjTDhqCY=
Subject key identifier: 36:F4:19:FD:9E:59:65:2E:00:BE:4B:A9:B8:2B:0E:32:11:CC:0C:11
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 0944
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/NvQZ_Z5ZZS4AvkupuCsOMhHMDBE.roa
Signing time: Fri 17 Jan 2025 01:23:44 +0000
ROA not before: Fri 17 Jan 2025 01:23:44 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4766
IP address blocks: 58.66.64.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2372 (0x944)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Jan 17 01:23:44 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=36F419FD9E59652E00BE4BA9B82B0E3211CC0C11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:60:02:f4:ef:37:32:fc:09:ab:3b:14:df:e0:
2b:e2:d0:04:ca:51:89:e4:af:b8:db:5c:04:a7:08:
a8:97:c6:3e:26:ca:e9:c3:1d:74:0e:e9:13:3a:1b:
b5:97:1e:a1:1b:f2:04:23:89:a8:84:bb:b6:2d:89:
d0:66:0a:47:12:5e:e6:20:64:fd:fb:ce:a1:e0:04:
32:fe:cf:52:f8:f8:dd:58:fb:2e:c2:54:ee:3c:88:
3b:7e:c1:a5:50:2a:9f:c3:16:39:87:83:0e:b7:a2:
3b:07:65:4c:db:be:3c:92:b6:d7:df:fd:15:b0:a8:
9b:23:10:d4:11:59:88:6e:ea:3c:c6:54:e9:88:6a:
4d:f9:89:82:71:1a:9f:2c:f2:96:a4:9c:6a:13:2d:
1c:39:a8:62:50:fc:d9:d8:60:08:1c:2e:48:c0:71:
2a:2c:5a:5d:ad:14:ca:da:69:88:23:2a:f0:05:a1:
73:4c:64:f2:6a:94:9a:e8:52:8e:e6:0a:51:6c:13:
1b:73:8d:c9:20:36:4d:3c:48:09:f0:06:86:3c:61:
b0:bf:8a:99:aa:7a:17:07:ce:01:e8:fd:04:3a:1f:
ed:4b:57:3a:b0:cb:9d:8b:f9:2d:e7:84:44:43:af:
67:a9:6a:e8:f2:3d:49:11:70:dc:be:40:e8:b3:84:
81:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F4:19:FD:9E:59:65:2E:00:BE:4B:A9:B8:2B:0E:32:11:CC:0C:11
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/NvQZ_Z5ZZS4AvkupuCsOMhHMDBE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.64.0/18
Signature Algorithm: sha256WithRSAEncryption
c2:e3:9c:10:b0:67:20:39:41:59:38:f0:94:2c:9a:f8:09:8e:
40:3c:5c:8d:ec:cb:aa:e9:c4:a3:b3:74:38:a1:00:b7:3a:70:
41:1f:34:c5:e2:c7:8b:39:52:ec:19:3b:03:07:10:15:17:b5:
d8:03:51:2d:5e:c6:7b:88:c6:ca:22:31:89:31:c6:30:7e:d8:
d7:54:73:87:79:d5:94:98:7f:8f:a5:d3:36:97:29:c5:6b:6c:
d7:85:36:52:6f:75:9b:bd:a3:d6:6e:2a:02:f5:a9:c5:24:88:
e8:8a:bf:7d:3c:f3:bd:8d:32:d9:f3:c4:53:05:29:31:53:e6:
43:ab:08:92:ec:04:a0:45:f6:77:fc:9b:10:0c:9b:83:9c:5e:
20:0c:01:99:50:4d:b1:5c:a1:14:39:73:cd:df:d7:08:fc:de:
b3:7e:6e:d7:be:7e:af:9a:69:76:d7:dc:bc:2c:2c:b4:f5:9d:
85:ed:a0:ba:59:58:de:56:ed:7c:66:ff:de:84:0d:9e:a7:72:
c9:ef:f1:ab:56:ec:71:04:aa:13:2d:37:a5:ac:d5:f1:c9:0d:
29:2f:f7:35:35:aa:b5:b0:38:8a:5d:ff:fe:66:71:09:ee:d2:
be:10:78:2a:f5:ca:e0:52:ef:2c:51:78:fc:44:03:55:e3:bd:
f0:03:c8:94
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCUQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTAxMTcw
MTIzNDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM2RjQxOUZEOUU1OTY1
MkUwMEJFNEJBOUI4MkIwRTMyMTFDQzBDMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCUYAL07zcy/AmrOxTf4Cvi0ATKUYnkr7jbXASnCKiXxj4myunD
HXQO6RM6G7WXHqEb8gQjiaiEu7YtidBmCkcSXuYgZP37zqHgBDL+z1L4+N1Y+y7C
VO48iDt+waVQKp/DFjmHgw63ojsHZUzbvjySttff/RWwqJsjENQRWYhu6jzGVOmI
ak35iYJxGp8s8paknGoTLRw5qGJQ/NnYYAgcLkjAcSosWl2tFMraaYgjKvAFoXNM
ZPJqlJroUo7mClFsExtzjckgNk08SAnwBoY8YbC/ipmqehcHzgHo/QQ6H+1LVzqw
y52L+S3nhERDr2epaujyPUkRcNy+QOizhIHtAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUNvQZ/Z5ZZS4AvkupuCsOMhHMDBEwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvTnZRWl9aNVpaUzRBdmt1cHVD
c09NaEhNREJFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjpC
QDANBgkqhkiG9w0BAQsFAAOCAQEAwuOcELBnIDlBWTjwlCya+AmOQDxcjezLqunE
o7N0OKEAtzpwQR80xeLHizlS7Bk7AwcQFRe12ANRLV7Ge4jGyiIxiTHGMH7Y11Rz
h3nVlJh/j6XTNpcpxWts14U2Um91m72j1m4qAvWpxSSI6Iq/fTzzvY0y2fPEUwUp
MVPmQ6sIkuwEoEX2d/ybEAybg5xeIAwBmVBNsVyhFDlzzd/XCPzes35u175+r5pp
dtfcvCwstPWdhe2gullY3lbtfGb/3oQNnqdyye/xq1bscQSqEy03pazV8ckNKS/3
NTWqtbA4il3//mZxCe7SvhB4KvXK4FLvLFF4/EQDVeO98APIlA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:14 2025 by rpki-client