Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/jM7QqlcKq7o504SIOReGDmI8lUo.roa
File: jM7QqlcKq7o504SIOReGDmI8lUo.roa (raw, json)
Hash identifier: ebctSotsbTBQWNztbUbrPyV1u8S17bQKrq6qV55j2Og=
Subject key identifier: 8C:CE:D0:AA:57:0A:AB:BA:39:D3:84:88:39:17:86:0E:62:3C:95:4A
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 093A
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/jM7QqlcKq7o504SIOReGDmI8lUo.roa
Signing time: Fri 17 Jan 2025 01:23:42 +0000
ROA not before: Fri 17 Jan 2025 01:23:42 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 2914
IP address blocks: 58.66.112.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2362 (0x93a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Jan 17 01:23:42 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=8CCED0AA570AABBA39D384883917860E623C954A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f5:f0:17:0a:a9:1f:54:30:2b:ca:ce:ee:89:
f0:08:4b:e0:0d:87:44:f5:20:39:78:97:7a:d6:c1:
72:87:5c:a1:c5:50:68:fc:6b:9b:dd:dd:93:39:d1:
9f:a4:30:89:15:e2:c0:da:22:2a:6d:79:b6:7c:93:
09:88:8a:cc:d7:da:70:1d:30:b4:d9:3d:f8:6d:e7:
e8:13:9f:44:69:70:6a:72:85:60:34:dd:52:94:be:
15:7e:a9:d5:c3:35:6a:1d:1a:69:7b:8d:99:04:90:
f5:a6:65:60:61:5e:77:41:fd:81:38:31:c2:ac:92:
c6:ea:2a:e2:a4:b6:38:b2:b5:8d:57:e4:f6:61:c4:
bc:ea:02:8b:b9:09:cd:57:95:91:cc:5a:55:42:e9:
61:2b:63:94:b9:d1:b4:95:10:cd:84:18:4b:b4:f5:
62:46:1d:0e:8e:fa:d2:35:77:9a:ed:aa:aa:b6:82:
8a:be:db:7b:cf:9f:5f:79:c2:48:83:01:8b:70:56:
64:c1:8b:99:7f:53:9c:a6:56:d4:cf:33:be:f9:32:
65:72:11:11:14:9b:9f:b1:31:87:cf:f7:84:05:b5:
32:98:31:60:21:ce:54:cd:d9:c9:29:e9:e1:ab:9f:
7e:00:8d:f9:c6:61:6b:37:09:08:a1:c6:c1:c8:1b:
f6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:CE:D0:AA:57:0A:AB:BA:39:D3:84:88:39:17:86:0E:62:3C:95:4A
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/jM7QqlcKq7o504SIOReGDmI8lUo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.112.0/21
Signature Algorithm: sha256WithRSAEncryption
00:07:6d:27:dd:14:82:62:d1:9e:15:90:1d:f8:6e:ef:f5:f4:
d6:d2:ae:ec:83:7d:0d:21:49:fb:03:e4:cb:7a:47:38:8e:5e:
59:a9:8f:01:d8:91:6b:92:83:ce:d5:8a:71:7b:e0:59:c8:5f:
ba:61:88:e6:57:b8:f1:5d:04:08:32:d0:a0:da:7d:dd:9d:d8:
68:ef:fc:2a:4f:5d:df:58:a3:5f:9f:6f:6e:ad:60:bd:0b:61:
94:fc:fe:ad:4d:b3:f5:8e:d4:e7:a5:ff:72:07:a0:ee:d2:c1:
58:a6:a9:a3:9c:2f:03:07:e2:48:b6:4c:de:b5:fd:4a:5c:05:
d7:8e:3d:32:81:45:94:ed:e2:af:ac:c9:fa:44:ec:71:3f:b1:
31:af:f3:11:67:f0:90:c8:88:79:e2:15:8f:58:98:9b:be:11:
d1:c4:27:b5:e3:0e:33:5e:82:68:42:f0:c2:4f:15:fc:20:3c:
f0:72:5c:1d:06:14:3d:cc:34:23:15:a0:73:18:96:e9:03:d7:
64:29:e1:a4:4a:d0:d8:0b:8f:bb:05:9d:c3:50:73:a0:04:60:
18:fa:04:25:d9:be:04:15:aa:6a:99:63:8a:7c:fa:ed:4c:39:
67:72:94:ea:ac:bf:36:11:60:16:5a:0c:3b:14:55:6a:5a:61:
03:a1:b6:bc
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCTowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTAxMTcw
MTIzNDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhDQ0VEMEFBNTcwQUFC
QkEzOUQzODQ4ODM5MTc4NjBFNjIzQzk1NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCV9fAXCqkfVDArys7uifAIS+ANh0T1IDl4l3rWwXKHXKHFUGj8
a5vd3ZM50Z+kMIkV4sDaIiptebZ8kwmIiszX2nAdMLTZPfht5+gTn0RpcGpyhWA0
3VKUvhV+qdXDNWodGml7jZkEkPWmZWBhXndB/YE4McKsksbqKuKktjiytY1X5PZh
xLzqAou5Cc1XlZHMWlVC6WErY5S50bSVEM2EGEu09WJGHQ6O+tI1d5rtqqq2goq+
23vPn195wkiDAYtwVmTBi5l/U5ymVtTPM775MmVyEREUm5+xMYfP94QFtTKYMWAh
zlTN2ckp6eGrn34AjfnGYWs3CQihxsHIG/anAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUjM7QqlcKq7o504SIOReGDmI8lUowHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvak03UXFsY0txN281MDRTSU9S
ZUdEbUk4bFVvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzpC
cDANBgkqhkiG9w0BAQsFAAOCAQEAAAdtJ90UgmLRnhWQHfhu7/X01tKu7IN9DSFJ
+wPky3pHOI5eWamPAdiRa5KDztWKcXvgWchfumGI5le48V0ECDLQoNp93Z3YaO/8
Kk9d31ijX59vbq1gvQthlPz+rU2z9Y7U56X/cgeg7tLBWKapo5wvAwfiSLZM3rX9
SlwF1449MoFFlO3ir6zJ+kTscT+xMa/zEWfwkMiIeeIVj1iYm74R0cQnteMOM16C
aELwwk8V/CA88HJcHQYUPcw0IxWgcxiW6QPXZCnhpErQ2AuPuwWdw1BzoARgGPoE
Jdm+BBWqapljinz67Uw5Z3KU6qy/NhFgFloMOxRValphA6G2vA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:27:21 2025 by rpki-client