Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/HhDwzNoYcmkBZcMgeFEGhl5UBXU.roa
File: HhDwzNoYcmkBZcMgeFEGhl5UBXU.roa (raw, json)
Hash identifier: 2E5RSWubIJ4gxm/oWyVOH6Xorz/DdKUwaGEN0R5cikI=
Subject key identifier: 1E:10:F0:CC:DA:18:72:69:01:65:C3:20:78:51:06:86:5E:54:05:75
Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Certificate serial: 1600
Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/HhDwzNoYcmkBZcMgeFEGhl5UBXU.roa
Signing time: Wed 13 Mar 2024 01:22:02 +0000
ROA not before: Wed 13 Mar 2024 01:22:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 132168
IP address blocks: 2402:1440::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5632 (0x1600)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Validity
Not Before: Mar 13 01:22:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1E10F0CCDA1872690165C320785106865E540575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2d:d2:1b:0d:1d:9c:2f:97:8c:05:63:c7:12:
ed:f4:bb:79:a6:e0:5c:76:4c:4a:cf:51:70:ce:49:
f3:a4:ad:9c:fd:96:ef:1e:7b:e7:6f:b7:22:94:15:
d6:51:be:95:26:e5:1d:a8:c7:c4:ae:7f:f9:b3:bf:
2e:52:d6:52:91:c0:0e:75:aa:5f:93:92:f6:ea:42:
26:44:2c:f0:1c:b6:41:af:4a:4f:d5:bb:8b:d5:ac:
bc:fe:5e:77:ec:be:52:6f:00:e5:3c:d1:0b:ae:5d:
43:6a:3b:a0:28:7e:e9:df:72:9b:1a:ff:22:c1:f9:
49:69:a1:62:03:cc:5e:c3:57:bf:72:25:04:44:99:
bd:58:47:db:71:96:e2:55:b6:c1:57:0b:7b:72:9c:
1a:57:4a:a2:9a:46:42:9e:11:d7:a7:76:45:e6:b8:
04:1e:58:96:36:8f:75:8b:0c:68:f6:1a:f1:17:b8:
89:22:53:65:9b:14:0c:bb:b9:e1:99:ec:b4:ee:82:
f4:01:48:f9:ca:23:46:59:61:f1:72:1b:db:30:ea:
16:78:92:10:3d:ba:32:b3:05:bd:a0:8f:61:b2:e1:
a4:ce:1f:81:88:3c:5e:60:5e:1a:39:7a:7f:75:e3:
1f:4b:5e:af:8d:b4:51:20:18:b7:e0:18:cf:4b:69:
ab:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:10:F0:CC:DA:18:72:69:01:65:C3:20:78:51:06:86:5E:54:05:75
X509v3 Authority Key Identifier:
keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/HhDwzNoYcmkBZcMgeFEGhl5UBXU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:1440::/32
Signature Algorithm: sha256WithRSAEncryption
9d:42:3f:8f:76:a3:d3:ad:56:06:8a:16:e2:69:ca:d9:63:27:
af:79:a5:3a:4f:50:3b:b3:ae:2e:af:6d:12:77:1d:31:4a:9e:
a9:d1:a8:e9:7b:25:5b:64:89:d9:46:80:d6:da:21:03:1b:9e:
23:f7:58:23:79:66:4f:ad:5b:df:35:4f:7c:98:d9:f0:16:5f:
23:44:b0:1f:65:c6:93:7c:d9:c0:b8:1e:d3:4e:cf:4d:db:16:
bc:b8:09:1f:56:66:60:b4:76:0f:3d:61:95:a2:e3:e4:e6:07:
7e:6a:1a:82:b5:b5:88:59:99:93:d9:12:9a:51:43:fc:90:dc:
a4:14:fb:b1:65:3a:11:8e:cd:a2:91:4b:75:d8:f1:0a:7b:17:
a3:2f:2a:3b:f3:d3:30:e2:17:05:fe:2e:28:37:e4:d0:d2:2e:
df:16:ca:b9:22:bd:b3:5e:5e:e7:80:0b:48:aa:01:1a:fa:3c:
c4:a9:78:35:ad:7c:98:32:97:98:21:40:d0:b1:81:24:78:91:
e9:22:f9:17:9b:f3:ea:f1:ff:53:9c:94:2f:08:c3:83:bd:40:
80:02:74:08:17:20:31:7e:a6:1e:64:46:fb:c2:56:92:46:aa:
c1:d6:bb:a7:1b:14:78:f2:49:11:72:1a:72:ea:d9:89:43:b6:
e3:5d:16:e2
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICFgAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF
MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNDAzMTMw
MTIyMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFFMTBGMENDREExODcy
NjkwMTY1QzMyMDc4NTEwNjg2NUU1NDA1NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgLdIbDR2cL5eMBWPHEu30u3mm4Fx2TErPUXDOSfOkrZz9lu8e
e+dvtyKUFdZRvpUm5R2ox8Suf/mzvy5S1lKRwA51ql+TkvbqQiZELPActkGvSk/V
u4vVrLz+XnfsvlJvAOU80QuuXUNqO6Aofunfcpsa/yLB+UlpoWIDzF7DV79yJQRE
mb1YR9txluJVtsFXC3tynBpXSqKaRkKeEdendkXmuAQeWJY2j3WLDGj2GvEXuIki
U2WbFAy7ueGZ7LTugvQBSPnKI0ZZYfFyG9sw6hZ4khA9ujKzBb2gj2Gy4aTOH4GI
PF5gXho5en914x9LXq+NtFEgGLfgGM9LaauXAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUHhDwzNoYcmkBZcMgeFEGhl5UBXUwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q
MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4
Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvSGhEd3pOb1ljbWtC
WmNNZ2VGRUdobDVVQlhVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQCFEAwDQYJKoZIhvcNAQELBQADggEBAJ1CP492o9OtVgaKFuJpytljJ695
pTpPUDuzri6vbRJ3HTFKnqnRqOl7JVtkidlGgNbaIQMbniP3WCN5Zk+tW981T3yY
2fAWXyNEsB9lxpN82cC4HtNOz03bFry4CR9WZmC0dg89YZWi4+TmB35qGoK1tYhZ
mZPZEppRQ/yQ3KQU+7FlOhGOzaKRS3XY8Qp7F6MvKjvz0zDiFwX+Lig35NDSLt8W
yrkivbNeXueAC0iqARr6PMSpeDWtfJgyl5ghQNCxgSR4keki+Reb8+rx/1OclC8I
w4O9QIACdAgXIDF+ph5kRvvCVpJGqsHWu6cbFHjySRFyGnLq2YlDtuNdFuI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:45:03 2025 by rpki-client