Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/Kkf0wEszuwKdTv9qpkzRy7ilXdU.roa
File: Kkf0wEszuwKdTv9qpkzRy7ilXdU.roa (raw, json)
Hash identifier: HdPDHoTL8Dq58Fm287LsLnmM8ifFJlmc7xBmnFLGVN4=
Subject key identifier: 2A:47:F4:C0:4B:33:BB:02:9D:4E:FF:6A:A6:4C:D1:CB:B8:A5:5D:D5
Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Certificate serial: 1BFF
Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/Kkf0wEszuwKdTv9qpkzRy7ilXdU.roa
Signing time: Fri 17 Jan 2025 01:26:24 +0000
ROA not before: Fri 17 Jan 2025 01:26:24 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59033
IP address blocks: 2402:1440::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7167 (0x1bff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Validity
Not Before: Jan 17 01:26:24 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=2A47F4C04B33BB029D4EFF6AA64CD1CBB8A55DD5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:73:ca:f6:48:f6:7b:20:6a:4f:06:2f:0e:bc:
d1:65:0d:85:6c:54:c7:1d:f4:17:be:ff:91:b3:a5:
ff:22:97:fe:99:29:3b:2e:78:26:52:2b:d3:99:fb:
74:24:96:15:5b:72:be:0e:d6:2f:74:ff:91:3c:4c:
ba:33:c1:53:ae:d3:fa:10:c6:d4:45:92:93:30:80:
00:42:e9:bb:a1:de:39:19:fe:1e:fa:a0:00:ad:b7:
cc:b1:c6:b1:e9:f0:67:06:8f:b3:c1:11:66:05:3e:
3f:f3:96:07:12:8e:30:af:b2:7a:56:cc:02:a8:2c:
cd:6c:0a:c8:d2:2d:1d:92:71:a7:23:0c:9e:38:69:
6f:07:4e:85:a7:4e:3e:6b:a3:79:dc:7d:c5:b3:23:
16:d6:12:41:b1:5c:60:1c:87:10:fe:56:99:23:67:
2a:ac:25:8a:6a:f3:58:0b:c8:40:1d:44:0b:3a:28:
33:eb:b6:57:9e:ca:60:be:a1:ae:cb:d3:0d:c6:63:
34:82:6a:4f:b4:52:20:9a:a5:c6:a9:75:7c:e2:55:
b8:83:9d:d7:d7:34:6b:3d:9d:b4:0e:f8:80:97:f5:
5d:80:f8:7e:ec:d3:56:be:25:6d:b0:f8:40:90:b0:
a1:c2:12:96:14:23:d7:f0:6c:b4:a8:11:ca:a4:7c:
6a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:47:F4:C0:4B:33:BB:02:9D:4E:FF:6A:A6:4C:D1:CB:B8:A5:5D:D5
X509v3 Authority Key Identifier:
keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/Kkf0wEszuwKdTv9qpkzRy7ilXdU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:1440::/32
Signature Algorithm: sha256WithRSAEncryption
ab:de:f5:14:d1:31:3b:b7:ce:be:29:36:3f:17:94:ad:9a:74:
0d:3b:ac:7c:25:61:3b:7d:77:ac:64:ab:be:87:b5:ae:14:66:
79:2d:6f:07:16:88:61:97:9a:77:b1:ee:fe:ad:0e:63:08:83:
2c:e5:a2:c7:3d:df:2f:47:0a:0a:71:0d:0a:af:77:81:83:d5:
7f:c0:bd:db:8b:73:18:8c:f7:8f:d1:e6:06:7f:48:3c:e2:06:
72:e3:90:2d:aa:aa:06:ef:32:45:0d:ab:e2:c5:7d:0f:63:76:
bf:42:b6:8b:cb:9f:f4:ec:6b:21:0c:48:1c:86:ec:04:9c:aa:
af:d7:68:ad:4b:77:98:c5:fb:6a:9a:df:23:c4:2b:c4:19:40:
08:4e:7e:0f:b5:a1:df:ba:36:f7:2f:e2:93:c0:6a:5b:58:09:
4a:4a:8d:17:8f:1f:db:85:c4:5f:46:49:d8:54:e6:fe:5a:55:
8e:71:87:cf:4d:fc:1b:33:e5:ca:5b:33:1b:a0:b7:f6:1f:50:
7e:da:55:93:f5:47:48:81:38:89:fc:23:4a:d7:d4:41:f1:5c:
03:67:d7:b6:24:cd:8b:75:83:92:10:20:9c:ea:39:49:b5:0c:
ea:7b:19:fd:ae:f8:e0:69:c2:d7:99:35:4a:1c:e7:70:2e:62:
eb:bc:5a:21
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICG/8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF
MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNTAxMTcw
MTI2MjRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDJBNDdGNEMwNEIzM0JC
MDI5RDRFRkY2QUE2NENEMUNCQjhBNTVERDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2c8r2SPZ7IGpPBi8OvNFlDYVsVMcd9Be+/5Gzpf8il/6ZKTsu
eCZSK9OZ+3QklhVbcr4O1i90/5E8TLozwVOu0/oQxtRFkpMwgABC6buh3jkZ/h76
oACtt8yxxrHp8GcGj7PBEWYFPj/zlgcSjjCvsnpWzAKoLM1sCsjSLR2ScacjDJ44
aW8HToWnTj5ro3ncfcWzIxbWEkGxXGAchxD+VpkjZyqsJYpq81gLyEAdRAs6KDPr
tleeymC+oa7L0w3GYzSCak+0UiCapcapdXziVbiDndfXNGs9nbQO+ICX9V2A+H7s
01a+JW2w+ECQsKHCEpYUI9fwbLSoEcqkfGqvAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUKkf0wEszuwKdTv9qpkzRy7ilXdUwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q
MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4
Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvS2tmMHdFc3p1d0tk
VHY5cXBrelJ5N2lsWGRVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQCFEAwDQYJKoZIhvcNAQELBQADggEBAKve9RTRMTu3zr4pNj8XlK2adA07
rHwlYTt9d6xkq76Hta4UZnktbwcWiGGXmnex7v6tDmMIgyzlosc93y9HCgpxDQqv
d4GD1X/AvduLcxiM94/R5gZ/SDziBnLjkC2qqgbvMkUNq+LFfQ9jdr9CtovLn/Ts
ayEMSByG7AScqq/XaK1Ld5jF+2qa3yPEK8QZQAhOfg+1od+6Nvcv4pPAaltYCUpK
jRePH9uFxF9GSdhU5v5aVY5xh89N/Bsz5cpbMxugt/YfUH7aVZP1R0iBOIn8I0rX
1EHxXANn17YkzYt1g5IQIJzqOUm1DOp7Gf2u+OBpwteZNUoc53AuYuu8WiE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:21 2025 by rpki-client