Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/s_JL2VR3Drh9Clr3AliYFsxQrkE.roa
File: s_JL2VR3Drh9Clr3AliYFsxQrkE.roa (raw, json)
Hash identifier: +odKYoUrzpHybq4oLiF9Yw1CoCCwN/PPTfvJfut9j4c=
Subject key identifier: B3:F2:4B:D9:54:77:0E:B8:7D:0A:5A:F7:02:58:98:16:CC:50:AE:41
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 094D
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/s_JL2VR3Drh9Clr3AliYFsxQrkE.roa
Signing time: Fri 17 Jan 2025 01:23:46 +0000
ROA not before: Fri 17 Jan 2025 01:23:46 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 2914
IP address blocks: 58.66.120.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2381 (0x94d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Jan 17 01:23:46 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=B3F24BD954770EB87D0A5AF702589816CC50AE41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:98:bf:aa:35:ab:f9:0f:18:5d:87:19:f7:5b:
83:82:a2:06:a6:86:34:b1:f1:bd:22:1b:b7:36:a8:
a6:c4:94:b7:c2:81:cf:92:60:d0:a5:03:03:df:dd:
cb:83:8d:94:77:b6:b1:ed:cf:2b:10:69:6d:3d:e4:
13:2d:0a:99:c4:4b:dd:1b:34:82:ea:8e:82:ee:cb:
15:09:bd:ef:0d:8b:66:90:75:51:e8:91:ec:d8:a5:
b3:4a:13:a2:23:94:30:59:56:2a:ac:f3:85:cb:f5:
ea:27:2f:57:63:d1:a7:32:83:59:b2:d0:27:86:36:
e6:a1:19:b1:c1:d3:9a:57:9d:6a:4b:81:4d:7c:1e:
ee:4a:ab:fd:01:85:60:1e:30:c0:ae:07:38:e6:4e:
5a:09:8d:07:5b:c5:36:47:12:15:46:2d:5b:fb:72:
21:27:50:ce:05:96:91:86:a1:79:72:82:e8:65:87:
6f:b0:01:80:a4:02:22:9b:f6:68:64:23:0d:bb:6f:
74:59:c8:7b:83:3c:19:ee:67:a4:0a:49:b0:12:07:
f7:0e:cb:47:f9:c2:76:7f:12:d7:d3:b9:7b:07:b6:
99:0e:74:69:05:7d:7f:f6:da:48:68:04:f2:2b:3a:
9f:67:4c:05:45:06:9d:01:6c:7f:c6:ba:38:87:06:
8a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F2:4B:D9:54:77:0E:B8:7D:0A:5A:F7:02:58:98:16:CC:50:AE:41
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/s_JL2VR3Drh9Clr3AliYFsxQrkE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.120.0/21
Signature Algorithm: sha256WithRSAEncryption
d5:4d:34:0d:39:9d:05:a9:13:55:ee:21:45:41:77:6d:dc:9c:
4d:b4:a9:4c:49:e9:f5:3e:d3:76:fb:d2:40:f8:3a:1e:24:00:
9e:55:ad:31:0b:02:32:fb:a2:d5:a4:46:33:6c:6d:5b:c5:0a:
59:67:27:dd:ee:75:5e:01:c1:bb:e3:20:09:f1:2e:d9:58:91:
17:b9:e2:ec:22:e9:54:da:da:75:18:aa:cf:3c:8b:fc:20:fe:
4a:43:c4:cc:5c:47:e2:9e:9a:2e:eb:d9:ec:5c:34:74:71:14:
0c:f9:9e:78:96:95:f1:4a:58:42:c8:cc:4b:30:1d:8b:4a:63:
2c:d4:3c:1c:c7:c3:c2:e2:6f:e3:0c:4b:9b:48:7b:8d:54:d1:
5f:dd:88:96:fe:b4:44:5e:ef:dc:01:dc:58:46:d2:ed:bf:e8:
85:08:32:5d:8d:9f:b9:d0:20:91:73:40:f3:77:66:3c:1e:fe:
2a:7a:94:3a:e4:7e:1f:1b:0f:84:ae:10:69:84:f0:fa:b7:4c:
f8:81:0f:ae:da:4a:ba:1b:e2:c6:8d:c8:e4:b1:20:1c:33:ea:
dd:a0:13:7a:a4:c0:98:9d:3b:3b:e1:7e:cc:c0:04:78:96:25:
42:06:39:41:3e:4d:4b:9e:ab:80:13:dd:a2:08:76:e6:64:f2:
71:a2:9f:f6
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCU0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTAxMTcw
MTIzNDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEIzRjI0QkQ5NTQ3NzBF
Qjg3RDBBNUFGNzAyNTg5ODE2Q0M1MEFFNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwmL+qNav5Dxhdhxn3W4OCogamhjSx8b0iG7c2qKbElLfCgc+S
YNClAwPf3cuDjZR3trHtzysQaW095BMtCpnES90bNILqjoLuyxUJve8Ni2aQdVHo
kezYpbNKE6IjlDBZViqs84XL9eonL1dj0acyg1my0CeGNuahGbHB05pXnWpLgU18
Hu5Kq/0BhWAeMMCuBzjmTloJjQdbxTZHEhVGLVv7ciEnUM4FlpGGoXlyguhlh2+w
AYCkAiKb9mhkIw27b3RZyHuDPBnuZ6QKSbASB/cOy0f5wnZ/EtfTuXsHtpkOdGkF
fX/22khoBPIrOp9nTAVFBp0BbH/GujiHBorHAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUs/JL2VR3Drh9Clr3AliYFsxQrkEwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvc19KTDJWUjNEcmg5Q2xyM0Fs
aVlGc3hRcmtFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzpC
eDANBgkqhkiG9w0BAQsFAAOCAQEA1U00DTmdBakTVe4hRUF3bdycTbSpTEnp9T7T
dvvSQPg6HiQAnlWtMQsCMvui1aRGM2xtW8UKWWcn3e51XgHBu+MgCfEu2ViRF7ni
7CLpVNradRiqzzyL/CD+SkPEzFxH4p6aLuvZ7Fw0dHEUDPmeeJaV8UpYQsjMSzAd
i0pjLNQ8HMfDwuJv4wxLm0h7jVTRX92Ilv60RF7v3AHcWEbS7b/ohQgyXY2fudAg
kXNA83dmPB7+KnqUOuR+HxsPhK4QaYTw+rdM+IEPrtpKuhvixo3I5LEgHDPq3aAT
eqTAmJ07O+F+zMAEeJYlQgY5QT5NS56rgBPdogh25mTycaKf9g==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:38 2025 by rpki-client