Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/gjOyscTAwPENBh0n5Aa3QndEX60.roa
File: gjOyscTAwPENBh0n5Aa3QndEX60.roa (raw, json)
Hash identifier: HfhectSQmQlUhPpiM7eLV3JM7FPBo3tgWE1WoKdnnqs=
Subject key identifier: 82:33:B2:B1:C4:C0:C0:F1:0D:06:1D:27:E4:06:B7:42:77:44:5F:AD
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 2024
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/gjOyscTAwPENBh0n5Aa3QndEX60.roa
Signing time: Fri 17 Jan 2025 01:24:09 +0000
ROA not before: Fri 17 Jan 2025 01:24:09 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 212237
IP address blocks: 2403:6380:70::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8228 (0x2024)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Jan 17 01:24:09 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=8233B2B1C4C0C0F10D061D27E406B74277445FAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:52:f0:09:2a:f4:9c:51:31:7c:cd:e7:72:c1:
e4:7a:e5:bd:e8:53:25:fb:21:52:c9:67:d9:82:b0:
40:29:b5:87:08:8a:33:cd:93:f3:98:b3:86:f0:e5:
c3:b3:84:aa:7b:8d:16:f2:60:e1:1b:c4:a9:30:41:
4c:a7:5e:13:33:e6:cb:e3:6d:16:18:bb:e3:ba:d5:
ae:c9:7d:b3:62:f7:5d:7e:30:c3:cf:4f:7f:fa:53:
a1:da:20:d5:f2:9d:69:de:55:9b:a9:e4:ed:59:45:
6c:44:11:49:1e:d8:2c:b5:b4:99:04:57:c9:30:0b:
5e:52:f6:47:77:bd:6e:aa:2e:90:20:78:f4:d8:f9:
a8:49:43:8d:58:5f:ab:ac:b4:6d:55:28:50:06:9c:
9a:f6:3f:16:fe:3e:d7:a4:84:c2:12:37:28:30:32:
99:c8:77:a7:1a:db:ea:39:f1:fd:c7:86:4f:fb:e9:
1d:40:ad:78:8f:dd:a6:5c:5d:c8:81:0d:3b:29:e5:
8d:a2:32:13:74:bb:7c:3f:bc:da:28:df:10:10:10:
06:4f:dc:af:5d:20:d2:a7:25:aa:6c:0d:c0:70:19:
f5:4c:60:00:97:c2:d9:91:b0:d9:62:88:2e:2a:51:
bb:cd:3f:82:e1:c9:0b:bc:29:1e:e9:d9:bc:ca:c8:
23:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:33:B2:B1:C4:C0:C0:F1:0D:06:1D:27:E4:06:B7:42:77:44:5F:AD
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/gjOyscTAwPENBh0n5Aa3QndEX60.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:6380:70::/44
Signature Algorithm: sha256WithRSAEncryption
4e:9c:82:41:65:fc:21:df:51:d2:7c:24:56:f7:6d:e8:91:40:
78:63:45:11:1b:20:bf:f0:f5:8a:69:81:a1:df:d3:21:38:18:
a4:8c:d8:83:53:25:81:95:ea:f8:3b:dd:32:3e:22:75:c9:5c:
9d:cb:8b:2e:7f:57:3a:24:5a:b8:85:32:a7:b1:30:e3:b9:7e:
3f:2f:5e:26:a9:7e:34:9c:e9:90:b4:69:63:65:05:54:a5:d6:
71:fd:db:14:9d:7a:2e:ea:19:24:40:fb:16:bc:11:f2:2d:42:
ba:2a:15:dd:c9:c9:94:e0:c3:89:b2:6e:5e:ed:17:26:91:b8:
43:af:a5:82:06:2c:85:e6:19:b3:45:85:be:19:33:67:b7:8b:
08:dc:40:fb:d6:db:d2:d9:1f:8f:5b:6a:b7:34:2a:75:f4:15:
76:88:3e:a4:96:4b:81:e9:36:59:7d:c1:c6:cb:3c:c4:71:dc:
89:d0:58:e6:03:71:85:f6:c3:36:d6:53:15:00:93:2d:c7:7c:
fe:65:11:83:06:57:52:ab:70:4a:be:d4:e3:48:b9:0b:c3:43:
79:11:81:b6:81:a2:e5:ca:90:00:42:ba:78:6a:0f:45:0a:fb:
93:55:1d:2a:df:46:62:c8:9c:87:04:74:02:88:c5:ba:ab:36:
f8:c3:c0:22
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICICQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAxMTcw
MTI0MDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDgyMzNCMkIxQzRDMEMw
RjEwRDA2MUQyN0U0MDZCNzQyNzc0NDVGQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1UvAJKvScUTF8zedyweR65b3oUyX7IVLJZ9mCsEAptYcIijPN
k/OYs4bw5cOzhKp7jRbyYOEbxKkwQUynXhMz5svjbRYYu+O61a7JfbNi911+MMPP
T3/6U6HaINXynWneVZup5O1ZRWxEEUke2Cy1tJkEV8kwC15S9kd3vW6qLpAgePTY
+ahJQ41YX6ustG1VKFAGnJr2Pxb+PtekhMISNygwMpnId6ca2+o58f3Hhk/76R1A
rXiP3aZcXciBDTsp5Y2iMhN0u3w/vNoo3xAQEAZP3K9dINKnJapsDcBwGfVMYACX
wtmRsNliiC4qUbvNP4LhyQu8KR7p2bzKyCMhAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUgjOyscTAwPENBh0n5Aa3QndEX60wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvZ2pPeXNjVEF3UEVO
QmgwbjVBYTNRbmRFWDYwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHBCQDY4AAcDANBgkqhkiG9w0BAQsFAAOCAQEATpyCQWX8Id9R0nwkVvdt6JFA
eGNFERsgv/D1immBod/TITgYpIzYg1MlgZXq+DvdMj4idclcncuLLn9XOiRauIUy
p7Ew47l+Py9eJql+NJzpkLRpY2UFVKXWcf3bFJ16LuoZJED7FrwR8i1CuioV3cnJ
lODDibJuXu0XJpG4Q6+lggYsheYZs0WFvhkzZ7eLCNxA+9bb0tkfj1tqtzQqdfQV
dog+pJZLgek2WX3Bxss8xHHcidBY5gNxhfbDNtZTFQCTLcd8/mURgwZXUqtwSr7U
40i5C8NDeRGBtoGi5cqQAEK6eGoPRQr7k1UdKt9GYsichwR0AojFuqs2+MPAIg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:14:35 2025 by rpki-client