Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/qxxKg1IOhS-n9NxYxH7qQIrdoQU.roa
File: qxxKg1IOhS-n9NxYxH7qQIrdoQU.roa (raw, json)
Hash identifier: C/pqYrg5VOxK+n7Ap2Truck5QxGmRvjQ0JHKTQP1YAk=
Subject key identifier: AB:1C:4A:83:52:0E:85:2F:A7:F4:DC:58:C4:7E:EA:40:8A:DD:A1:05
Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Certificate serial: 1BFE
Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/qxxKg1IOhS-n9NxYxH7qQIrdoQU.roa
Signing time: Fri 17 Jan 2025 01:26:24 +0000
ROA not before: Fri 17 Jan 2025 01:26:24 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 132168
IP address blocks: 2402:1440::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7166 (0x1bfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Validity
Not Before: Jan 17 01:26:24 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=AB1C4A83520E852FA7F4DC58C47EEA408ADDA105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ae:08:24:1e:b0:df:10:d1:24:16:d4:c0:28:
71:c6:35:43:97:1f:4d:d7:50:f2:36:24:e6:f7:44:
b5:96:9a:a1:15:af:5c:7e:d8:e5:ff:03:df:6f:fd:
b8:73:be:35:80:4f:0f:a9:56:71:db:57:d0:a9:14:
d3:64:21:7e:18:b1:e3:7c:d8:1e:92:19:da:fc:bc:
3c:09:f4:d1:07:ee:19:37:6e:92:3f:da:95:36:d6:
a0:b6:63:bd:82:99:15:c3:71:15:ae:62:a7:5d:15:
a8:f8:d2:16:8b:29:e4:b1:25:a1:47:db:5c:82:d3:
a4:5c:fc:69:b1:1d:ce:7f:8d:63:71:26:8f:98:26:
90:7f:f5:f9:cf:2a:1f:8e:52:a2:22:07:2b:40:0f:
c5:aa:b1:15:12:5e:15:c8:c4:06:c7:71:d6:5e:8e:
fe:c5:0d:b1:91:2b:6c:14:35:ff:58:74:b5:37:8d:
8f:4b:d0:53:c1:af:5f:b2:27:3c:d0:e6:60:71:a1:
5b:42:26:eb:df:c7:a3:4d:8f:b1:3e:ea:f4:0e:a6:
09:a7:6f:7c:78:7f:6f:c9:61:b1:1e:07:fd:04:f7:
e0:29:5d:1a:95:d5:dd:40:8b:a4:17:ad:7f:5e:39:
5f:21:d5:22:dd:45:31:12:5c:3c:f6:34:0b:9c:1d:
39:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:1C:4A:83:52:0E:85:2F:A7:F4:DC:58:C4:7E:EA:40:8A:DD:A1:05
X509v3 Authority Key Identifier:
keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/qxxKg1IOhS-n9NxYxH7qQIrdoQU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:1440::/32
Signature Algorithm: sha256WithRSAEncryption
49:30:db:48:68:07:ac:70:7e:d9:4f:82:0f:2f:4c:9e:23:7d:
f3:af:cd:47:47:cb:a9:a9:7d:8f:2f:44:a6:d8:55:0b:2f:0f:
ec:c2:1e:80:b7:5e:5c:63:54:ad:ce:49:aa:b2:eb:e4:19:00:
39:9c:16:ff:8f:11:76:88:c8:cf:a1:7c:d8:31:3b:21:ef:d8:
6a:fe:8b:e5:d9:63:98:2e:31:82:02:60:cd:b2:b9:72:9c:1d:
e3:59:de:60:5f:60:27:ec:b2:ed:e5:6e:b4:4d:9f:1d:06:77:
fa:cf:4e:5f:1f:f9:de:57:92:3f:c1:1e:d1:5a:b3:1d:8c:32:
31:23:34:6a:1b:a1:2f:5c:07:db:2f:3a:1b:3a:bb:ee:7b:68:
ef:e5:f4:7c:47:54:d4:e3:c5:27:1e:ef:e4:ae:1d:52:68:db:
77:cc:61:b1:85:ab:23:3f:e0:c8:8f:22:c4:00:23:c5:b6:58:
d9:f1:b5:bb:51:39:19:53:82:c9:b4:71:29:3f:9c:7a:80:19:
49:48:c3:6f:b5:e5:04:be:48:8a:fa:e7:81:6d:33:be:1d:ee:
fb:7b:f5:d0:8e:b3:1e:9a:10:b8:dc:4e:f0:4c:a6:5c:8a:9c:
55:29:20:f3:30:e8:71:8b:c8:df:22:60:2b:a6:42:48:5c:74:
ea:f3:d1:70
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICG/4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF
MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNTAxMTcw
MTI2MjRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEFCMUM0QTgzNTIwRTg1
MkZBN0Y0REM1OEM0N0VFQTQwOEFEREExMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLrggkHrDfENEkFtTAKHHGNUOXH03XUPI2JOb3RLWWmqEVr1x+
2OX/A99v/bhzvjWATw+pVnHbV9CpFNNkIX4YseN82B6SGdr8vDwJ9NEH7hk3bpI/
2pU21qC2Y72CmRXDcRWuYqddFaj40haLKeSxJaFH21yC06Rc/GmxHc5/jWNxJo+Y
JpB/9fnPKh+OUqIiBytAD8WqsRUSXhXIxAbHcdZejv7FDbGRK2wUNf9YdLU3jY9L
0FPBr1+yJzzQ5mBxoVtCJuvfx6NNj7E+6vQOpgmnb3x4f2/JYbEeB/0E9+ApXRqV
1d1Ai6QXrX9eOV8h1SLdRTESXDz2NAucHTkZAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUqxxKg1IOhS+n9NxYxH7qQIrdoQUwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q
MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4
Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvcXh4S2cxSU9oUy1u
OU54WXhIN3FRSXJkb1FVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQCFEAwDQYJKoZIhvcNAQELBQADggEBAEkw20hoB6xwftlPgg8vTJ4jffOv
zUdHy6mpfY8vRKbYVQsvD+zCHoC3XlxjVK3OSaqy6+QZADmcFv+PEXaIyM+hfNgx
OyHv2Gr+i+XZY5guMYICYM2yuXKcHeNZ3mBfYCfssu3lbrRNnx0Gd/rPTl8f+d5X
kj/BHtFasx2MMjEjNGoboS9cB9svOhs6u+57aO/l9HxHVNTjxSce7+SuHVJo23fM
YbGFqyM/4MiPIsQAI8W2WNnxtbtRORlTgsm0cSk/nHqAGUlIw2+15QS+SIr654Ft
M74d7vt79dCOsx6aELjcTvBMplyKnFUpIPMw6HGLyN8iYCumQkhcdOrz0XA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:34 2025 by rpki-client