Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3262/DTJOEl42rlpiAANO4FGlm-jwgW4.roa
File: DTJOEl42rlpiAANO4FGlm-jwgW4.roa (raw, json)
Hash identifier: tZhR6vDrnzGj28cQqezVKGdCmEoL4wYz8p4dkA3OU5Q=
Subject key identifier: 0D:32:4E:12:5E:36:AE:5A:62:00:03:4E:E0:51:A5:9B:E8:F0:81:6E
Certificate issuer: /CN=170B7CA06F5735B7A40F97FF1F53BAE13348A93E
Certificate serial: 0875
Authority key identifier: 17:0B:7C:A0:6F:57:35:B7:A4:0F:97:FF:1F:53:BA:E1:33:48:A9:3E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Fwt8oG9XNbekD5f_H1O64TNIqT4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/DTJOEl42rlpiAANO4FGlm-jwgW4.roa
Signing time: Wed 09 Apr 2025 06:30:49 +0000
ROA not before: Wed 09 Apr 2025 06:30:49 +0000
ROA not after: Thu 09 Apr 2026 06:27:19 +0000
asID: 398704
IP address blocks: 157.15.94.0/23 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2165 (0x875)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=170B7CA06F5735B7A40F97FF1F53BAE13348A93E
Validity
Not Before: Apr 9 06:30:49 2025 GMT
Not After : Apr 9 06:27:19 2026 GMT
Subject: CN=0D324E125E36AE5A6200034EE051A59BE8F0816E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:96:ce:f2:f4:1f:f3:0d:42:b3:e8:ec:ee:b2:
69:f3:12:5b:39:d3:ae:59:d4:45:ab:18:aa:47:83:
07:d4:d6:83:33:5b:52:58:98:dc:e2:55:bc:11:c9:
20:62:20:2a:5a:22:f1:80:5f:d9:bf:ec:db:4e:a3:
9f:38:03:ff:d4:7a:66:47:3b:5f:12:e8:c3:32:c9:
3c:50:6d:e0:59:d6:34:f0:3a:f6:15:9b:78:04:65:
f5:2e:ae:15:44:17:19:36:58:93:88:83:22:d8:4b:
88:b0:1c:62:e9:e5:9b:e7:34:9d:1a:87:12:8f:41:
22:50:bf:db:49:cd:7a:e6:04:36:b0:79:c7:90:58:
e1:c0:be:5b:58:2c:10:bb:b6:ea:ac:40:8b:f5:ae:
17:bf:b1:c3:98:91:14:a4:08:71:3a:5f:fa:cc:d7:
17:7b:0a:50:10:4e:87:61:b1:cf:d6:33:96:33:cd:
9d:01:11:71:0c:b2:fc:73:51:c0:b4:29:07:58:e8:
de:de:e2:19:95:9f:f7:3c:be:0f:78:c0:e9:55:b6:
aa:fd:44:7d:5a:d3:5e:55:f6:04:6e:71:a0:cb:a4:
c6:8d:45:5f:30:35:b1:c3:b4:7f:c9:e4:56:bd:31:
d0:b0:72:7e:c7:24:9c:49:b1:a5:b7:53:3c:a8:8e:
98:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:32:4E:12:5E:36:AE:5A:62:00:03:4E:E0:51:A5:9B:E8:F0:81:6E
X509v3 Authority Key Identifier:
keyid:17:0B:7C:A0:6F:57:35:B7:A4:0F:97:FF:1F:53:BA:E1:33:48:A9:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/Fwt8oG9XNbekD5f_H1O64TNIqT4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Fwt8oG9XNbekD5f_H1O64TNIqT4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/DTJOEl42rlpiAANO4FGlm-jwgW4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.94.0/23
Signature Algorithm: sha256WithRSAEncryption
68:67:1a:47:0d:b6:d0:ca:89:6b:27:a5:18:f1:23:06:79:5e:
54:90:71:b4:52:a3:fb:fd:94:6c:8a:2e:df:8e:be:bd:2f:b9:
69:a7:f8:cb:35:d4:b7:8b:09:12:8b:23:98:a9:2c:52:9c:50:
4b:d4:21:da:60:50:3d:4d:b4:86:bf:12:7f:f6:68:44:c5:f0:
a5:dd:52:9f:90:aa:61:c9:24:aa:57:14:ef:a9:8a:13:10:8a:
2b:a1:76:37:48:2c:37:28:e3:58:39:47:e2:06:14:0e:da:86:
d6:b2:e6:dd:40:13:0a:19:b8:3e:31:5f:56:39:87:dd:d5:13:
cd:c0:9e:7d:08:31:f2:6f:de:3e:3e:db:a1:b6:5e:dc:25:93:
1c:9f:00:97:6c:df:30:42:8f:af:a9:4e:46:c0:67:f1:41:81:
e0:31:7e:51:2a:bb:58:a5:52:57:f8:ce:2b:0b:4f:25:d9:d7:
f3:27:49:dd:6f:b4:a9:88:41:4c:ec:4a:77:45:b0:64:47:4b:
aa:60:ee:31:97:be:2b:87:24:5b:32:d9:ee:47:6e:01:5a:97:
91:5e:92:f6:b9:60:97:c5:f5:94:1f:08:2e:fe:d3:6f:11:57:
b1:d4:4b:80:1a:fd:95:9f:ff:dc:9e:88:3a:1a:ac:7e:91:50:
e6:52:4c:57
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCHUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTcw
QjdDQTA2RjU3MzVCN0E0MEY5N0ZGMUY1M0JBRTEzMzQ4QTkzRTAeFw0yNTA0MDkw
NjMwNDlaFw0yNjA0MDkwNjI3MTlaMDMxMTAvBgNVBAMTKDBEMzI0RTEyNUUzNkFF
NUE2MjAwMDM0RUUwNTFBNTlCRThGMDgxNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFls7y9B/zDUKz6OzusmnzEls5065Z1EWrGKpHgwfU1oMzW1JY
mNziVbwRySBiICpaIvGAX9m/7NtOo584A//UemZHO18S6MMyyTxQbeBZ1jTwOvYV
m3gEZfUurhVEFxk2WJOIgyLYS4iwHGLp5ZvnNJ0ahxKPQSJQv9tJzXrmBDaweceQ
WOHAvltYLBC7tuqsQIv1rhe/scOYkRSkCHE6X/rM1xd7ClAQTodhsc/WM5YzzZ0B
EXEMsvxzUcC0KQdY6N7e4hmVn/c8vg94wOlVtqr9RH1a015V9gRucaDLpMaNRV8w
NbHDtH/J5Fa9MdCwcn7HJJxJsaW3UzyojphnAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUDTJOEl42rlpiAANO4FGlm+jwgW4wHwYDVR0jBBgwFoAUFwt8oG9XNbekD5f/
H1O64TNIqT4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2
Mi9Gd3Q4b0c5WE5iZWtENWZfSDFPNjRUTklxVDQuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Z3dDhvRzlYTmJla0Q1Zl9IMU82NFROSXFUNC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjIvRFRKT0VsNDJybHBp
QUFOTzRGR2xtLWp3Z1c0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAZ0PXjANBgkqhkiG9w0BAQsFAAOCAQEAaGcaRw220MqJayelGPEjBnleVJBx
tFKj+/2UbIou346+vS+5aaf4yzXUt4sJEosjmKksUpxQS9Qh2mBQPU20hr8Sf/Zo
RMXwpd1Sn5CqYckkqlcU76mKExCKK6F2N0gsNyjjWDlH4gYUDtqG1rLm3UATChm4
PjFfVjmH3dUTzcCefQgx8m/ePj7bobZe3CWTHJ8Al2zfMEKPr6lORsBn8UGB4DF+
USq7WKVSV/jOKwtPJdnX8ydJ3W+0qYhBTOxKd0WwZEdLqmDuMZe+K4ckWzLZ7kdu
AVqXkV6S9rlgl8X1lB8ILv7TbxFXsdRLgBr9lZ//3J6IOhqsfpFQ5lJMVw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:11:29 2025 by rpki-client