Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/kGHFfqdiBK4HoRls2-q0DbbzdVQ.roa
File: kGHFfqdiBK4HoRls2-q0DbbzdVQ.roa (raw, json)
Hash identifier: ZjTxb7gaI3O0GCktcPoRXER8ED06yfFT/TKIZ+ZbKyM=
Subject key identifier: 90:61:C5:7E:A7:62:04:AE:07:A1:19:6C:DB:EA:B4:0D:B6:F3:75:54
Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Certificate serial: 1601
Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/kGHFfqdiBK4HoRls2-q0DbbzdVQ.roa
Signing time: Wed 13 Mar 2024 01:22:02 +0000
ROA not before: Wed 13 Mar 2024 01:22:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 59033
IP address blocks: 2402:1440::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5633 (0x1601)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Validity
Not Before: Mar 13 01:22:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9061C57EA76204AE07A1196CDBEAB40DB6F37554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e6:9e:b7:fb:d2:95:ba:67:ee:fa:b0:fd:c4:
7c:01:f9:8e:4f:cd:e7:c6:7d:ae:ca:ff:c2:44:fd:
ee:5f:37:15:c8:da:ca:58:b0:91:6d:93:bc:10:98:
ef:f6:c1:cd:7d:89:f7:14:b0:51:ec:a7:4c:8c:f0:
33:4b:ef:f5:5b:4e:79:c9:89:dc:1b:1c:81:c6:3d:
17:b5:e5:e9:41:0c:36:d5:2a:18:18:17:26:87:ba:
b7:d2:48:fa:cf:60:fc:4f:f9:e0:d6:01:75:a3:8c:
7a:2f:3d:eb:3a:7f:d5:6e:c6:c9:e6:d0:43:4f:b1:
98:4b:f2:d7:f5:62:8e:d4:bc:66:4a:8a:0d:56:86:
2e:0f:fd:7a:fb:e6:6a:18:e3:60:22:e4:33:b2:08:
7a:bf:b4:99:2b:2e:ec:2c:56:4c:d1:00:c0:bb:82:
a6:13:7e:7b:4e:74:10:d9:50:59:9d:e6:b4:54:ec:
a9:a6:91:83:38:d4:11:d8:1e:c3:ab:0f:07:a6:0e:
c0:ce:d1:0c:53:fe:e4:d3:72:e4:0c:23:cf:9f:a8:
58:c8:af:1a:6b:89:fc:3b:23:10:5d:1f:b6:10:99:
78:03:b8:ce:ce:cb:da:25:04:f3:1a:06:90:33:c3:
b5:63:a9:31:6b:b0:60:50:7d:1f:3c:3a:e0:5d:fb:
ab:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:61:C5:7E:A7:62:04:AE:07:A1:19:6C:DB:EA:B4:0D:B6:F3:75:54
X509v3 Authority Key Identifier:
keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/kGHFfqdiBK4HoRls2-q0DbbzdVQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:1440::/32
Signature Algorithm: sha256WithRSAEncryption
66:c2:d7:82:67:5f:9a:67:a8:0c:a5:f7:de:fa:4a:77:8c:f7:
d2:5b:c0:a2:4d:14:b8:4a:cc:af:b4:60:8a:c8:c4:3c:dc:71:
42:e6:4f:ae:76:f0:2a:1e:b7:f7:d9:15:da:7c:e5:f2:1d:8b:
00:70:31:1a:76:b0:e7:12:14:ae:b0:f9:6e:d6:23:e9:8b:ae:
ff:91:35:4f:03:b2:5e:fb:0d:44:18:8d:b3:8d:54:28:e0:7b:
b2:70:56:67:b5:4b:ca:ac:7a:ef:0f:85:2c:be:be:1f:0e:72:
a5:f3:e0:27:0a:8c:4f:dc:5c:23:8b:88:dd:1e:b1:94:17:18:
a9:95:1e:2f:fc:12:01:eb:8c:a6:bc:21:56:16:83:eb:24:63:
98:f7:f6:e9:4a:28:2f:ba:f2:8d:5f:5e:12:6d:e3:00:49:77:
de:97:bb:d5:25:e1:c9:ea:99:00:3a:80:5e:a6:6d:b7:76:2b:
99:2b:ad:85:cc:49:9c:77:bc:f9:05:13:df:84:f5:78:25:b0:
23:67:5d:a5:35:eb:2a:0e:f4:cd:b3:65:1d:a4:1b:db:89:d1:
b2:01:8b:6f:4a:0e:e8:2b:b5:d8:0f:c0:cc:56:b2:d7:91:82:
3c:26:d3:a8:90:13:66:74:95:b6:a1:26:67:65:12:cf:dc:46:
3e:9d:41:27
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICFgEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF
MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNDAzMTMw
MTIyMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwNjFDNTdFQTc2MjA0
QUUwN0ExMTk2Q0RCRUFCNDBEQjZGMzc1NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK5p63+9KVumfu+rD9xHwB+Y5PzefGfa7K/8JE/e5fNxXI2spY
sJFtk7wQmO/2wc19ifcUsFHsp0yM8DNL7/VbTnnJidwbHIHGPRe15elBDDbVKhgY
FyaHurfSSPrPYPxP+eDWAXWjjHovPes6f9Vuxsnm0ENPsZhL8tf1Yo7UvGZKig1W
hi4P/Xr75moY42Ai5DOyCHq/tJkrLuwsVkzRAMC7gqYTfntOdBDZUFmd5rRU7Kmm
kYM41BHYHsOrDwemDsDO0QxT/uTTcuQMI8+fqFjIrxprifw7IxBdH7YQmXgDuM7O
y9olBPMaBpAzw7VjqTFrsGBQfR88OuBd+6s5AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUkGHFfqdiBK4HoRls2+q0DbbzdVQwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q
MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4
Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcva0dIRmZxZGlCSzRI
b1JsczItcTBEYmJ6ZFZRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQCFEAwDQYJKoZIhvcNAQELBQADggEBAGbC14JnX5pnqAyl9976SneM99Jb
wKJNFLhKzK+0YIrIxDzccULmT6528Coet/fZFdp85fIdiwBwMRp2sOcSFK6w+W7W
I+mLrv+RNU8Dsl77DUQYjbONVCjge7JwVme1S8qseu8PhSy+vh8OcqXz4CcKjE/c
XCOLiN0esZQXGKmVHi/8EgHrjKa8IVYWg+skY5j39ulKKC+68o1fXhJt4wBJd96X
u9Ul4cnqmQA6gF6mbbd2K5krrYXMSZx3vPkFE9+E9XglsCNnXaU16yoO9M2zZR2k
G9uJ0bIBi29KDugrtdgPwMxWsteRgjwm06iQE2Z0lbahJmdlEs/cRj6dQSc=
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:59:35 2025 by rpki-client