Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/VMsnBul42w8R1zHTVSlcdo7L2mM.roa
File: VMsnBul42w8R1zHTVSlcdo7L2mM.roa (raw, json)
Hash identifier: J85e7UYMe9YGe7M7a2O8ZLjsV9HNoeLsRCixKh/wyeA=
Subject key identifier: 54:CB:27:06:E9:78:DB:0F:11:D7:31:D3:55:29:5C:76:8E:CB:DA:63
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 0A69
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/VMsnBul42w8R1zHTVSlcdo7L2mM.roa
Signing time: Thu 06 Mar 2025 12:40:15 +0000
ROA not before: Thu 06 Mar 2025 12:40:15 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4134
IP address blocks: 58.66.64.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2665 (0xa69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Mar 6 12:40:15 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=54CB2706E978DB0F11D731D355295C768ECBDA63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:db:52:5e:a2:ff:6b:12:74:22:f5:e0:6a:30:
30:e3:8c:50:b6:eb:6b:a3:4a:8d:5f:01:ff:9c:c8:
57:a0:49:c4:9a:3e:d7:f1:0a:c2:e9:5e:ac:c6:fb:
69:16:6d:9b:78:2a:c2:16:b9:f5:f7:71:ab:31:c3:
84:8a:3a:b3:2e:00:f8:4b:b0:bb:99:d2:c4:7e:36:
50:1c:3e:b2:b6:7e:c7:df:30:4b:e9:e8:3b:7c:9c:
ce:4b:0e:3c:78:04:74:58:9e:6c:ca:fe:66:45:b7:
ca:5f:ee:4d:33:23:07:75:b3:13:e8:83:c1:38:ec:
1a:c6:9c:ab:55:2d:64:8c:b3:bf:e6:d9:25:9b:db:
20:2f:0a:15:9a:87:d5:5d:d6:19:aa:dc:0d:3d:bb:
63:c3:65:8d:ad:40:42:ec:2f:22:15:28:78:6d:a5:
9b:a9:d7:16:e0:84:6e:52:97:b3:bc:72:c6:dc:42:
b9:d2:46:7c:d8:9f:bf:52:3e:2b:f6:61:29:40:ad:
5d:1d:7f:f0:9e:84:63:27:31:ac:70:71:6d:3a:76:
4a:30:f9:c8:94:37:c3:49:06:c2:bd:5a:b9:5d:35:
c5:81:ac:7a:d5:e1:5d:43:78:8c:36:36:f7:fb:e9:
2f:21:00:89:1b:b6:78:35:99:f3:d6:f6:74:dd:b3:
29:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:CB:27:06:E9:78:DB:0F:11:D7:31:D3:55:29:5C:76:8E:CB:DA:63
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/VMsnBul42w8R1zHTVSlcdo7L2mM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.64.0/19
Signature Algorithm: sha256WithRSAEncryption
4a:16:fe:21:62:10:89:0a:da:c7:68:45:22:95:f0:be:ca:24:
25:0e:72:b6:95:5b:89:8e:12:db:94:bc:5e:43:2a:12:36:90:
0b:06:9a:03:0c:18:cb:79:c3:bf:12:56:bc:95:3a:ce:25:a5:
b3:c8:4e:96:af:dd:a7:bf:73:58:a1:17:87:c1:1e:ef:37:1c:
dd:88:b8:e8:e9:b7:3c:84:8e:e9:1c:05:c6:df:e1:ff:1d:b1:
02:88:cf:f5:a1:43:5f:f7:ff:82:48:36:f0:c3:f9:36:d2:71:
5a:86:05:22:7b:aa:cc:4f:76:c5:db:1d:4c:23:dc:65:fb:f0:
e7:5b:6c:ce:cc:00:d6:9e:08:8e:2e:3e:f0:38:0f:32:0f:14:
0d:c1:ab:75:3e:0f:ca:b4:f2:6e:5b:18:68:16:be:17:28:48:
bb:db:8d:79:9b:3e:4a:53:a2:a2:14:f7:37:2a:c9:f5:70:ab:
1a:8b:16:aa:3a:a1:68:4c:48:8b:e6:c4:9e:02:0c:ce:5f:f6:
48:0f:12:3b:31:e9:3d:ac:f9:3f:92:b9:7f:87:4c:f2:f4:22:
fb:57:f7:c0:2b:04:0d:0d:94:6c:58:db:23:79:20:22:54:89:
c4:b8:58:fa:0c:cd:06:fa:ce:1c:5c:92:23:ff:16:76:d5:44:
9c:21:68:ce
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCmkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTAzMDYx
MjQwMTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDU0Q0IyNzA2RTk3OERC
MEYxMUQ3MzFEMzU1Mjk1Qzc2OEVDQkRBNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF21Jeov9rEnQi9eBqMDDjjFC262ujSo1fAf+cyFegScSaPtfx
CsLpXqzG+2kWbZt4KsIWufX3casxw4SKOrMuAPhLsLuZ0sR+NlAcPrK2fsffMEvp
6Dt8nM5LDjx4BHRYnmzK/mZFt8pf7k0zIwd1sxPog8E47BrGnKtVLWSMs7/m2SWb
2yAvChWah9Vd1hmq3A09u2PDZY2tQELsLyIVKHhtpZup1xbghG5Sl7O8csbcQrnS
RnzYn79SPiv2YSlArV0df/CehGMnMaxwcW06dkow+ciUN8NJBsK9WrldNcWBrHrV
4V1DeIw2Nvf76S8hAIkbtng1mfPW9nTdsyl1AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUVMsnBul42w8R1zHTVSlcdo7L2mMwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvVk1zbkJ1bDQydzhSMXpIVFZT
bGNkbzdMMm1NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTpC
QDANBgkqhkiG9w0BAQsFAAOCAQEAShb+IWIQiQrax2hFIpXwvsokJQ5ytpVbiY4S
25S8XkMqEjaQCwaaAwwYy3nDvxJWvJU6ziWls8hOlq/dp79zWKEXh8Ee7zcc3Yi4
6Om3PISO6RwFxt/h/x2xAojP9aFDX/f/gkg28MP5NtJxWoYFInuqzE92xdsdTCPc
Zfvw51tszswA1p4Iji4+8DgPMg8UDcGrdT4PyrTyblsYaBa+FyhIu9uNeZs+SlOi
ohT3NyrJ9XCrGosWqjqhaExIi+bEngIMzl/2SA8SOzHpPaz5P5K5f4dM8vQi+1f3
wCsEDQ2UbFjbI3kgIlSJxLhY+gzNBvrOHFySI/8WdtVEnCFozg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 14:49:43 2025 by rpki-client