Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/geINmcbQHNXojb2b32vkJuVKfu0.roa
File: geINmcbQHNXojb2b32vkJuVKfu0.roa (raw, json)
Hash identifier: LLHG7zMqT+P80TJ7CshMA6eiyiFxSy7tajCKyeBqv70=
Subject key identifier: 81:E2:0D:99:C6:D0:1C:D5:E8:8D:BD:9B:DF:6B:E4:26:E5:4A:7E:ED
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 0938
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/geINmcbQHNXojb2b32vkJuVKfu0.roa
Signing time: Fri 17 Jan 2025 01:23:41 +0000
ROA not before: Fri 17 Jan 2025 01:23:41 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 2914
IP address blocks: 58.66.152.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2360 (0x938)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Jan 17 01:23:41 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=81E20D99C6D01CD5E88DBD9BDF6BE426E54A7EED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e1:c5:0f:f2:ec:af:57:a7:fe:57:23:59:fd:
79:6f:45:e4:69:fb:15:61:15:50:e5:65:fd:b0:e0:
26:d5:d8:ef:05:2c:c5:99:78:92:04:53:06:ba:69:
5d:39:3d:ea:af:5e:22:36:96:2c:cd:90:61:38:3f:
2c:16:70:cf:14:16:b5:c2:09:f6:39:cf:38:32:ac:
d5:c3:ab:b2:2f:4e:8f:73:81:0e:51:4e:f9:00:e9:
5d:0f:64:d4:33:96:a8:93:01:ea:8d:52:78:93:d5:
eb:04:7b:8b:6e:6a:4e:1f:ff:48:05:ce:12:a3:3c:
22:83:38:d9:64:a1:6b:af:37:7a:d2:0b:9a:51:87:
32:42:a7:85:fc:99:65:3a:bd:b1:2a:db:8a:e2:ec:
c8:75:52:8b:43:ab:56:d6:c8:0e:dd:fd:33:ec:3f:
31:d0:f1:be:92:61:72:ce:c4:fa:3d:a1:e3:9f:5c:
f4:d9:c2:bb:ae:f0:5e:25:85:44:51:c2:76:ba:00:
1d:a2:f9:b9:51:e7:73:40:bc:21:04:22:97:bb:63:
67:e4:cf:b1:1a:96:f2:8a:c6:11:48:a0:1a:84:f3:
fe:fe:2b:6f:2a:05:b2:f7:f4:ef:54:e0:16:34:2e:
c7:e1:2c:bf:c3:a0:17:62:c3:15:3e:96:17:b1:74:
1e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E2:0D:99:C6:D0:1C:D5:E8:8D:BD:9B:DF:6B:E4:26:E5:4A:7E:ED
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/geINmcbQHNXojb2b32vkJuVKfu0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.152.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:2f:33:c4:e4:86:ba:01:93:98:9e:a4:92:f2:b6:a2:a7:1e:
e7:5f:39:26:aa:dc:9d:f7:6a:28:01:a6:78:0d:68:f1:2f:9b:
ed:57:4b:5d:0d:d4:b3:7c:b7:52:7b:5a:e6:c7:da:b4:5b:88:
79:77:ec:04:4b:2c:55:7f:83:e7:08:4d:1e:3d:f2:09:51:91:
de:bb:80:11:1b:15:5b:8a:b9:1f:07:f7:d9:7a:13:9d:da:1f:
ef:ac:11:88:54:ad:7d:a7:88:2f:25:cc:6c:ab:12:c4:7d:b0:
8b:16:ea:0d:8b:25:9b:c1:93:a9:15:be:db:ce:4e:80:77:c4:
07:39:0d:94:c1:3e:32:c5:15:57:f8:72:60:0d:5e:8e:39:0c:
5b:9f:22:de:4f:a3:ab:b0:f1:95:00:6f:68:70:6f:5d:b8:34:
85:e6:f7:bf:fe:59:cb:42:e1:39:5c:7c:e2:2a:19:36:93:3a:
62:ba:bc:02:1b:c1:f9:cf:b4:0f:4b:f9:e5:0c:bd:7b:d4:00:
43:45:a9:b9:bd:d5:44:64:b9:d6:20:57:b6:9d:35:33:96:10:
cd:b1:c8:68:e8:75:98:29:e4:b6:17:74:68:38:85:15:af:15:
ed:ba:3f:a8:65:c2:56:f6:bc:2d:18:1a:0e:c5:1a:64:68:5f:
98:ba:26:9d
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCTgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTAxMTcw
MTIzNDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDgxRTIwRDk5QzZEMDFD
RDVFODhEQkQ5QkRGNkJFNDI2RTU0QTdFRUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA4cUP8uyvV6f+VyNZ/XlvReRp+xVhFVDlZf2w4CbV2O8FLMWZ
eJIEUwa6aV05PeqvXiI2lizNkGE4PywWcM8UFrXCCfY5zzgyrNXDq7IvTo9zgQ5R
TvkA6V0PZNQzlqiTAeqNUniT1esEe4tuak4f/0gFzhKjPCKDONlkoWuvN3rSC5pR
hzJCp4X8mWU6vbEq24ri7Mh1UotDq1bWyA7d/TPsPzHQ8b6SYXLOxPo9oeOfXPTZ
wruu8F4lhURRwna6AB2i+blR53NAvCEEIpe7Y2fkz7EalvKKxhFIoBqE8/7+K28q
BbL39O9U4BY0LsfhLL/DoBdiwxU+lhexdB6ZAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUgeINmcbQHNXojb2b32vkJuVKfu0wHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvZ2VJTm1jYlFITlhvamIyYjMy
dmtKdVZLZnUwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzpC
mDANBgkqhkiG9w0BAQsFAAOCAQEALC8zxOSGugGTmJ6kkvK2oqce5185Jqrcnfdq
KAGmeA1o8S+b7VdLXQ3Us3y3Unta5sfatFuIeXfsBEssVX+D5whNHj3yCVGR3ruA
ERsVW4q5Hwf32XoTndof76wRiFStfaeILyXMbKsSxH2wixbqDYslm8GTqRW+285O
gHfEBzkNlME+MsUVV/hyYA1ejjkMW58i3k+jq7DxlQBvaHBvXbg0heb3v/5Zy0Lh
OVx84ioZNpM6Yrq8AhvB+c+0D0v55Qy9e9QAQ0Wpub3VRGS51iBXtp01M5YQzbHI
aOh1mCnkthd0aDiFFa8V7bo/qGXCVva8LRgaDsUaZGhfmLomnQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:27 2025 by rpki-client