Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/f4IZ5pWudvmG5BUJUfyNPxIZ4pg.roa
File: f4IZ5pWudvmG5BUJUfyNPxIZ4pg.roa (raw, json)
Hash identifier: sXCixfgxPkDBbsvVExU/JV60qL2+9zGbrD0ZtVxFWWc=
Subject key identifier: 7F:82:19:E6:95:AE:76:F9:86:E4:15:09:51:FC:8D:3F:12:19:E2:98
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 0940
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/f4IZ5pWudvmG5BUJUfyNPxIZ4pg.roa
Signing time: Fri 17 Jan 2025 01:23:43 +0000
ROA not before: Fri 17 Jan 2025 01:23:43 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 2914
IP address blocks: 58.66.88.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2368 (0x940)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Jan 17 01:23:43 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=7F8219E695AE76F986E4150951FC8D3F1219E298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:45:14:b6:2d:28:19:ec:35:cc:98:40:27:5a:
8c:7c:c1:44:27:15:d8:7b:95:2f:86:2f:73:85:39:
66:38:68:9f:7d:48:39:63:51:0d:5b:29:25:3c:50:
9d:f7:04:c2:81:0a:43:b9:87:82:2a:3f:b3:69:44:
51:2c:50:16:38:14:86:5f:ae:4d:25:e9:0b:20:55:
ea:54:da:fb:3e:22:35:f0:61:4a:69:08:01:20:9d:
44:31:4c:b8:49:6b:98:1c:3f:dd:e4:ff:d7:b8:db:
e1:85:ef:36:aa:65:d0:ff:60:84:71:a0:fa:f1:1b:
fb:97:12:43:87:69:19:ad:7d:de:93:b4:a0:9c:d3:
4a:33:59:99:97:59:f8:e0:42:cb:7b:f0:68:cb:72:
eb:81:d3:ae:7c:4b:8f:14:38:b4:2e:ff:5f:d1:7f:
17:3f:79:35:cf:db:9b:05:38:77:39:f3:b4:65:14:
b5:4a:49:31:b1:4f:31:5b:6c:27:52:be:b8:5c:8e:
6f:fa:04:cd:f7:ee:f8:8f:3e:3c:9a:84:23:3e:94:
51:37:3a:42:23:c7:4a:79:86:56:de:b1:b5:8e:63:
70:00:3b:06:06:fc:2e:aa:4b:14:c5:af:57:4c:82:
49:07:19:42:06:7b:0a:c2:33:c4:85:ab:30:45:57:
b9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:82:19:E6:95:AE:76:F9:86:E4:15:09:51:FC:8D:3F:12:19:E2:98
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/f4IZ5pWudvmG5BUJUfyNPxIZ4pg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.88.0/21
Signature Algorithm: sha256WithRSAEncryption
e2:73:1a:1c:82:d9:7e:c2:b2:33:27:79:a1:0f:f2:42:fa:c1:
44:ff:eb:63:ff:2d:0e:36:0a:f8:e0:18:01:29:ef:58:26:48:
7b:97:a3:ca:c0:63:82:45:56:50:d9:7e:63:25:7e:0d:8e:72:
86:46:9a:aa:28:64:34:13:08:13:d6:12:c5:c6:fc:51:ca:5a:
55:86:10:a7:b5:94:45:a3:44:3e:f1:ff:35:34:45:68:f8:d8:
e9:2c:52:f3:56:61:37:8c:16:39:54:63:20:54:b0:b2:c6:53:
c3:50:3f:3a:93:85:c7:a9:e8:3c:f7:d4:22:a3:7e:92:f2:7b:
49:a2:94:2e:a5:59:32:02:d9:3a:be:99:cb:69:57:71:ac:50:
e5:93:23:d5:1d:5e:83:7b:dd:2a:0b:49:8c:f2:84:c8:8e:18:
92:ed:3c:49:6b:cd:1b:55:b4:5d:bc:2d:7c:aa:f6:60:f2:dc:
e4:e5:97:27:f1:90:9e:31:fb:6b:6e:49:0f:e0:a3:12:69:37:
51:f4:8c:3c:cc:ef:c6:7f:46:50:94:91:e3:87:b2:db:b5:13:
78:75:a4:43:d1:8f:31:bc:ad:0f:53:71:94:5f:a1:fc:6a:7e:
17:ea:86:3c:4a:b1:3c:4a:50:a0:9d:7c:fc:15:7b:f6:8a:b1:
92:7a:93:5a
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCUAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTAxMTcw
MTIzNDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDdGODIxOUU2OTVBRTc2
Rjk4NkU0MTUwOTUxRkM4RDNGMTIxOUUyOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxRRS2LSgZ7DXMmEAnWox8wUQnFdh7lS+GL3OFOWY4aJ99SDlj
UQ1bKSU8UJ33BMKBCkO5h4IqP7NpRFEsUBY4FIZfrk0l6QsgVepU2vs+IjXwYUpp
CAEgnUQxTLhJa5gcP93k/9e42+GF7zaqZdD/YIRxoPrxG/uXEkOHaRmtfd6TtKCc
00ozWZmXWfjgQst78GjLcuuB0658S48UOLQu/1/Rfxc/eTXP25sFOHc587RlFLVK
STGxTzFbbCdSvrhcjm/6BM337viPPjyahCM+lFE3OkIjx0p5hlbesbWOY3AAOwYG
/C6qSxTFr1dMgkkHGUIGewrCM8SFqzBFV7nFAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUf4IZ5pWudvmG5BUJUfyNPxIZ4pgwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvZjRJWjVwV3Vkdm1HNUJVSlVm
eU5QeElaNHBnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzpC
WDANBgkqhkiG9w0BAQsFAAOCAQEA4nMaHILZfsKyMyd5oQ/yQvrBRP/rY/8tDjYK
+OAYASnvWCZIe5ejysBjgkVWUNl+YyV+DY5yhkaaqihkNBMIE9YSxcb8UcpaVYYQ
p7WURaNEPvH/NTRFaPjY6SxS81ZhN4wWOVRjIFSwssZTw1A/OpOFx6noPPfUIqN+
kvJ7SaKULqVZMgLZOr6Zy2lXcaxQ5ZMj1R1eg3vdKgtJjPKEyI4Yku08SWvNG1W0
XbwtfKr2YPLc5OWXJ/GQnjH7a25JD+CjEmk3UfSMPMzvxn9GUJSR44ey27UTeHWk
Q9GPMbytD1NxlF+h/Gp+F+qGPEqxPEpQoJ18/BV79oqxknqTWg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:25 2025 by rpki-client