Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1200/dLFLCfPOJDiqV6nl1WUYq9RRY9k.roa
File: dLFLCfPOJDiqV6nl1WUYq9RRY9k.roa (raw, json)
Hash identifier: w2+eyboMg2raNvzyBBq1UkUe5snucvpd2HG/9se/Uu4=
Subject key identifier: 74:B1:4B:09:F3:CE:24:38:AA:57:A9:E5:D5:65:18:AB:D4:51:63:D9
Certificate issuer: /CN=6191AACDCE560A74D83C05DA8EA9327AF944DBBD
Certificate serial: 0CB6
Authority key identifier: 61:91:AA:CD:CE:56:0A:74:D8:3C:05:DA:8E:A9:32:7A:F9:44:DB:BD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YZGqzc5WCnTYPAXajqkyevlE270.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/dLFLCfPOJDiqV6nl1WUYq9RRY9k.roa
Signing time: Wed 13 Mar 2024 01:21:03 +0000
ROA not before: Wed 13 Mar 2024 01:21:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 59022
IP address blocks: 2400:ebc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3254 (0xcb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6191AACDCE560A74D83C05DA8EA9327AF944DBBD
Validity
Not Before: Mar 13 01:21:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=74B14B09F3CE2438AA57A9E5D56518ABD45163D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e3:4f:d3:c2:86:76:66:e8:79:3b:a3:b6:36:
5a:d7:77:6a:e1:a0:46:f3:d7:d6:41:b0:a9:e3:ec:
8a:1a:68:e4:06:57:db:aa:a4:00:82:a0:c3:bb:de:
57:b4:d1:50:8b:f0:ce:bc:90:3e:d5:9e:c9:38:3a:
c5:87:13:d2:81:8b:97:e3:67:d2:3d:30:ba:72:ec:
cd:8b:25:51:31:87:a2:f5:49:cb:fb:98:26:3b:e4:
66:99:29:74:a2:84:c6:24:71:01:c4:b5:3b:fa:93:
7b:ba:f3:cc:54:3d:62:f4:0c:1e:55:71:4b:76:99:
4d:92:fd:49:64:8f:3a:83:80:21:0d:71:01:12:38:
f1:2d:64:df:23:bf:53:df:cc:c0:61:c0:cf:fc:d0:
a1:4c:fe:4a:d8:27:ab:3e:7c:95:69:d6:75:37:76:
98:cd:a1:6a:58:79:77:2e:db:1b:61:2a:e3:1c:d0:
b2:13:4b:13:2e:9a:eb:6d:6b:e3:52:2b:3f:47:c3:
a7:8e:fd:ea:47:b3:91:5f:62:17:19:cc:cd:cb:19:
95:7b:2e:05:46:6e:83:9d:03:45:13:71:de:a1:38:
fd:9a:04:49:9e:9f:ee:46:73:67:57:99:76:cb:fa:
0d:4a:bf:61:06:9a:d7:30:b1:2d:61:15:4c:1c:eb:
3f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B1:4B:09:F3:CE:24:38:AA:57:A9:E5:D5:65:18:AB:D4:51:63:D9
X509v3 Authority Key Identifier:
keyid:61:91:AA:CD:CE:56:0A:74:D8:3C:05:DA:8E:A9:32:7A:F9:44:DB:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/YZGqzc5WCnTYPAXajqkyevlE270.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YZGqzc5WCnTYPAXajqkyevlE270.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/dLFLCfPOJDiqV6nl1WUYq9RRY9k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:ebc0::/32
Signature Algorithm: sha256WithRSAEncryption
59:b7:89:6e:d2:a9:ec:88:9d:e2:c6:f6:94:9b:42:8d:11:a3:
da:53:f7:7d:12:64:3b:e8:38:54:b4:8d:3c:72:7b:8f:95:eb:
ea:2e:4e:f2:37:e0:76:b5:df:0e:88:4f:92:e7:0d:88:ac:e7:
1b:03:2f:32:8f:d0:2f:76:bb:10:52:85:78:b6:96:20:97:35:
dd:07:a2:53:13:12:3b:09:ba:9f:8c:b3:40:81:15:10:07:34:
82:9b:b1:f0:e8:de:6f:8b:9c:8b:9d:a5:23:db:f8:2d:a1:12:
a6:1b:c9:76:ab:a4:91:44:8d:a3:3f:da:ed:74:18:50:4f:28:
5c:43:e4:17:f7:63:26:94:1e:1f:8d:19:b1:27:dd:5d:f9:2a:
50:59:31:02:8a:3b:b2:5d:7f:84:7b:bc:8d:2e:b8:99:f7:f8:
22:dd:33:67:5d:c2:da:5e:38:02:52:62:c5:47:23:d2:94:c7:
a6:0c:2d:3c:59:01:c6:11:ca:da:56:74:26:1f:f9:bc:81:c6:
2e:52:d9:0e:c7:d0:a9:15:14:b0:90:fb:70:9f:c9:6d:8e:2a:
45:c3:39:7c:86:04:a4:13:8d:81:71:6a:59:72:e7:07:19:73:
7c:be:ae:12:12:eb:d1:21:90:4c:74:66:5e:c4:33:a6:d7:cd:
83:fe:17:4c
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICDLYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjE5
MUFBQ0RDRTU2MEE3NEQ4M0MwNURBOEVBOTMyN0FGOTQ0REJCRDAeFw0yNDAzMTMw
MTIxMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc0QjE0QjA5RjNDRTI0
MzhBQTU3QTlFNUQ1NjUxOEFCRDQ1MTYzRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCe40/TwoZ2Zuh5O6O2NlrXd2rhoEbz19ZBsKnj7IoaaOQGV9uq
pACCoMO73le00VCL8M68kD7Vnsk4OsWHE9KBi5fjZ9I9MLpy7M2LJVExh6L1Scv7
mCY75GaZKXSihMYkcQHEtTv6k3u688xUPWL0DB5VcUt2mU2S/UlkjzqDgCENcQES
OPEtZN8jv1PfzMBhwM/80KFM/krYJ6s+fJVp1nU3dpjNoWpYeXcu2xthKuMc0LIT
SxMumutta+NSKz9Hw6eO/epHs5FfYhcZzM3LGZV7LgVGboOdA0UTcd6hOP2aBEme
n+5Gc2dXmXbL+g1Kv2EGmtcwsS1hFUwc6z89AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUdLFLCfPOJDiqV6nl1WUYq9RRY9kwHwYDVR0jBBgwFoAUYZGqzc5WCnTYPAXa
jqkyevlE270wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIw
MC9ZWkdxemM1V0NuVFlQQVhhanFreWV2bEUyNzAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1laR3F6YzVXQ25UWVBBWGFqcWt5ZXZsRTI3MC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMDAvZExGTENmUE9KRGlx
VjZubDFXVVlxOVJSWTlrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQA68AwDQYJKoZIhvcNAQELBQADggEBAFm3iW7SqeyIneLG9pSbQo0Ro9pT
930SZDvoOFS0jTxye4+V6+ouTvI34Ha13w6IT5LnDYis5xsDLzKP0C92uxBShXi2
liCXNd0HolMTEjsJup+Ms0CBFRAHNIKbsfDo3m+LnIudpSPb+C2hEqYbyXarpJFE
jaM/2u10GFBPKFxD5Bf3YyaUHh+NGbEn3V35KlBZMQKKO7Jdf4R7vI0uuJn3+CLd
M2ddwtpeOAJSYsVHI9KUx6YMLTxZAcYRytpWdCYf+byBxi5S2Q7H0KkVFLCQ+3Cf
yW2OKkXDOXyGBKQTjYFxally5wcZc3y+rhIS69EhkEx0Zl7EM6bXzYP+F0w=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:36 2025 by rpki-client