Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/e5Ar4UYqCc-UNRMwUWe9UUuOs84.roa
File: e5Ar4UYqCc-UNRMwUWe9UUuOs84.roa (raw, json)
Hash identifier: Q+24esUmTLNuzgqLur1LBHr34bd4vDpXr+jwHGO0xsc=
Subject key identifier: 7B:90:2B:E1:46:2A:09:CF:94:35:13:30:51:67:BD:51:4B:8E:B3:CE
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 07E8
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/e5Ar4UYqCc-UNRMwUWe9UUuOs84.roa
Signing time: Tue 12 Nov 2024 01:32:41 +0000
ROA not before: Tue 12 Nov 2024 01:32:41 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 398704
IP address blocks: 58.66.168.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2024 (0x7e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Nov 12 01:32:41 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=7B902BE1462A09CF943513305167BD514B8EB3CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:de:1b:86:a4:44:60:2d:15:80:15:39:bb:cc:
ea:d9:0f:ec:48:5f:c5:58:2c:e6:4c:5a:36:77:84:
0d:42:99:6c:5f:be:59:6d:f0:72:c7:d9:e9:e2:a9:
78:54:d5:1c:26:96:8c:e0:f6:95:9a:e2:c5:14:a3:
2f:95:f4:16:0b:1f:66:be:42:65:de:d2:40:5a:a0:
d6:d2:34:0f:08:4c:6f:77:c9:93:9b:c5:c6:ac:06:
d7:7b:12:54:e4:6c:7e:44:7f:7b:a1:24:60:6d:ca:
c3:c9:c8:c1:73:5f:9e:c9:d5:2b:a8:50:7e:ca:c3:
f7:fd:53:52:08:b5:ee:f9:8d:75:93:10:ba:b6:df:
ba:78:be:2d:d4:55:3a:62:9e:3f:e8:53:ef:e2:cb:
99:cd:f3:f5:f7:d8:1c:58:12:47:ef:28:d4:7a:eb:
93:13:59:fc:f3:18:08:19:3b:62:80:5e:41:2c:5b:
cb:db:ca:27:82:10:a4:fd:fe:8a:c4:ff:83:cd:c4:
56:9f:db:5d:61:09:05:b3:30:30:7f:18:e4:e7:9e:
15:b4:6f:3a:40:cf:25:1e:39:81:d9:e8:e1:31:13:
ce:5a:eb:da:45:0a:31:21:14:d7:97:50:7f:77:7a:
e2:3d:e3:dc:e9:12:07:ad:86:3d:2b:6b:ff:7f:fe:
78:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:90:2B:E1:46:2A:09:CF:94:35:13:30:51:67:BD:51:4B:8E:B3:CE
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/e5Ar4UYqCc-UNRMwUWe9UUuOs84.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.168.0/21
Signature Algorithm: sha256WithRSAEncryption
90:f3:5f:67:aa:6f:71:48:38:fb:97:95:7d:bd:d0:d0:5d:c3:
a6:72:17:03:65:f9:64:9d:b8:f4:f7:04:c5:cd:1a:9b:27:82:
37:b9:9c:9d:12:a0:ad:63:8b:d1:cf:ed:2f:55:1f:a4:03:3d:
8f:90:56:16:e7:6b:d6:f0:39:ee:e1:a4:d4:86:78:99:79:fc:
69:18:8f:5d:2e:a7:71:7d:87:f1:df:c3:49:78:64:32:9f:41:
d3:d1:ce:c0:26:47:25:48:0e:4c:f4:2a:fe:2e:5b:e5:cc:ce:
df:36:bc:ec:82:40:93:0b:11:7b:f7:65:5b:19:2d:92:1b:7f:
35:35:b3:85:74:62:07:2f:5c:a0:23:1c:3f:01:04:43:e2:0e:
2f:0b:ce:38:44:98:87:5c:08:bc:b3:ee:13:85:bd:bf:97:57:
f3:c5:39:9e:66:ca:3e:d7:a0:88:62:0a:0c:13:e8:2d:85:73:
30:68:73:6c:40:c7:4d:39:a4:59:66:ba:fd:39:58:21:54:d2:
27:f8:7f:47:0a:0f:74:85:92:c9:5d:23:e3:5f:b4:24:df:95:
9b:06:d4:a9:33:5b:d1:36:73:38:b4:f6:9b:1b:af:84:8d:aa:
03:39:d7:a0:1f:4f:ba:29:91:e5:29:bc:5d:69:11:ac:3f:0a:
0c:c8:6a:40
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICB+gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNDExMTIw
MTMyNDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDdCOTAyQkUxNDYyQTA5
Q0Y5NDM1MTMzMDUxNjdCRDUxNEI4RUIzQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDe3huGpERgLRWAFTm7zOrZD+xIX8VYLOZMWjZ3hA1CmWxfvllt
8HLH2eniqXhU1Rwmlozg9pWa4sUUoy+V9BYLH2a+QmXe0kBaoNbSNA8ITG93yZOb
xcasBtd7ElTkbH5Ef3uhJGBtysPJyMFzX57J1SuoUH7Kw/f9U1IIte75jXWTELq2
37p4vi3UVTpinj/oU+/iy5nN8/X32BxYEkfvKNR665MTWfzzGAgZO2KAXkEsW8vb
yieCEKT9/orE/4PNxFaf211hCQWzMDB/GOTnnhW0bzpAzyUeOYHZ6OExE85a69pF
CjEhFNeXUH93euI949zpEgethj0ra/9//nivAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUe5Ar4UYqCc+UNRMwUWe9UUuOs84wHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvZTVBcjRVWXFDYy1VTlJNd1VX
ZTlVVXVPczg0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzpC
qDANBgkqhkiG9w0BAQsFAAOCAQEAkPNfZ6pvcUg4+5eVfb3Q0F3DpnIXA2X5ZJ24
9PcExc0amyeCN7mcnRKgrWOL0c/tL1UfpAM9j5BWFudr1vA57uGk1IZ4mXn8aRiP
XS6ncX2H8d/DSXhkMp9B09HOwCZHJUgOTPQq/i5b5czO3za87IJAkwsRe/dlWxkt
kht/NTWzhXRiBy9coCMcPwEEQ+IOLwvOOESYh1wIvLPuE4W9v5dX88U5nmbKPteg
iGIKDBPoLYVzMGhzbEDHTTmkWWa6/TlYIVTSJ/h/RwoPdIWSyV0j41+0JN+VmwbU
qTNb0TZzOLT2mxuvhI2qAznXoB9PuimR5Sm8XWkRrD8KDMhqQA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:31 2025 by rpki-client