Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/HKDwIDf66kZXwr7Hy_Wozz5DkaQ.roa
File: HKDwIDf66kZXwr7Hy_Wozz5DkaQ.roa (raw, json)
Hash identifier: BxkGFBfhsfuKtO3KsG396l1v4jaB+QwE6DSsCxpvYAw=
Subject key identifier: 1C:A0:F0:20:37:FA:EA:46:57:C2:BE:C7:CB:F5:A8:CF:3E:43:91:A4
Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32
Certificate serial: 15EB
Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/HKDwIDf66kZXwr7Hy_Wozz5DkaQ.roa
Signing time: Wed 13 Mar 2024 01:22:27 +0000
ROA not before: Wed 13 Mar 2024 01:22:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 138950
IP address blocks: 2404:6380::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5611 (0x15eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32
Validity
Not Before: Mar 13 01:22:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1CA0F02037FAEA4657C2BEC7CBF5A8CF3E4391A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e6:ac:3b:3f:d2:c7:3e:31:f6:c0:68:63:e1:
df:09:da:9a:b7:4a:1d:55:39:cd:f0:2e:bb:c4:18:
c2:60:61:6d:93:c7:25:8c:2b:f2:c1:28:bf:08:57:
4a:aa:e7:c8:93:51:04:86:01:73:6d:0d:be:4a:b4:
0b:f7:56:d1:14:ba:5a:21:15:76:be:51:e5:a3:9f:
c0:54:fe:50:d2:74:f3:57:c4:c1:85:2d:4c:90:aa:
49:39:78:da:ad:7f:49:f8:4c:ee:d0:e9:e0:af:c6:
a1:13:b2:60:27:09:5c:cd:e0:65:16:f6:65:e8:df:
96:6f:6f:38:59:64:0e:08:d0:f5:3e:80:a8:5b:d5:
d2:e1:a6:50:f7:fc:cb:f2:4d:6d:c3:4c:6e:07:fb:
7d:bf:64:98:38:66:13:53:0d:1c:29:cb:00:01:f1:
ca:8e:2a:08:55:fa:4c:b8:f8:79:f9:bf:0c:06:c2:
d8:63:c4:1b:c1:6c:41:1d:e2:2e:8d:4e:fd:af:3d:
aa:80:24:20:72:21:9c:70:c2:75:34:6f:dd:5a:f2:
52:fe:d6:f8:e4:1e:8a:71:9a:b7:f7:1a:4b:c0:63:
4d:de:17:36:29:39:e3:26:89:f4:d8:85:71:6e:89:
6f:9a:9a:fe:e7:40:0a:d3:d7:fa:b7:b9:39:8d:d5:
4b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A0:F0:20:37:FA:EA:46:57:C2:BE:C7:CB:F5:A8:CF:3E:43:91:A4
X509v3 Authority Key Identifier:
keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/HKDwIDf66kZXwr7Hy_Wozz5DkaQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:6380::/32
Signature Algorithm: sha256WithRSAEncryption
75:f5:5b:69:16:26:f3:f8:d8:98:30:37:ab:05:ba:f4:b7:15:
dd:94:72:76:f4:92:4f:e3:4b:04:75:0f:44:b3:7e:d3:a7:0e:
8b:5a:30:77:89:38:15:67:f3:2c:9e:d9:5d:52:4d:a9:49:cb:
2d:84:d1:11:5a:fc:ac:c4:a4:95:f2:54:92:d7:1d:98:19:40:
95:64:f7:22:9a:44:57:ce:66:20:14:52:76:25:a9:f0:4b:5d:
57:0e:7f:24:58:3f:9b:32:5d:78:05:9f:f7:6a:fd:e9:10:b2:
6a:8c:a1:ee:52:73:dd:76:6e:9b:e4:61:44:74:ae:80:6a:69:
75:38:a7:f5:c1:38:1d:18:90:9d:07:a4:9b:8b:e6:7b:17:3f:
c2:fc:81:2a:02:ee:7f:95:48:f3:47:b2:e2:b4:b4:e6:77:24:
b5:c5:79:ef:7a:e3:51:03:60:ec:6b:38:7b:7f:f9:f8:b1:c2:
68:d3:7a:82:2b:22:ba:cb:cb:1b:bd:8a:e8:4d:9b:c2:ac:73:
c0:1f:a9:e3:2d:44:44:86:a7:18:fd:06:09:50:ce:a5:74:77:
e0:56:d0:d2:5b:2e:21:cb:61:27:25:fb:8d:73:62:6b:d4:09:
25:30:1b:25:1f:18:90:af:6d:3d:db:ad:84:f0:22:bc:03:df:
d7:28:18:6d
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICFeswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx
MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNDAzMTMw
MTIyMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFDQTBGMDIwMzdGQUVB
NDY1N0MyQkVDN0NCRjVBOENGM0U0MzkxQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDa5qw7P9LHPjH2wGhj4d8J2pq3Sh1VOc3wLrvEGMJgYW2TxyWM
K/LBKL8IV0qq58iTUQSGAXNtDb5KtAv3VtEUulohFXa+UeWjn8BU/lDSdPNXxMGF
LUyQqkk5eNqtf0n4TO7Q6eCvxqETsmAnCVzN4GUW9mXo35ZvbzhZZA4I0PU+gKhb
1dLhplD3/MvyTW3DTG4H+32/ZJg4ZhNTDRwpywAB8cqOKghV+ky4+Hn5vwwGwthj
xBvBbEEd4i6NTv2vPaqAJCByIZxwwnU0b91a8lL+1vjkHopxmrf3GkvAY03eFzYp
OeMmifTYhXFuiW+amv7nQArT1/q3uTmN1UsHAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUHKDwIDf66kZXwr7Hy/Wozz5DkaQwHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ
+wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy
OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvSEtEd0lEZjY2a1pY
d3I3SHlfV296ejVEa2FRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQEY4AwDQYJKoZIhvcNAQELBQADggEBAHX1W2kWJvP42JgwN6sFuvS3Fd2U
cnb0kk/jSwR1D0SzftOnDotaMHeJOBVn8yye2V1STalJyy2E0RFa/KzEpJXyVJLX
HZgZQJVk9yKaRFfOZiAUUnYlqfBLXVcOfyRYP5syXXgFn/dq/ekQsmqMoe5Sc912
bpvkYUR0roBqaXU4p/XBOB0YkJ0HpJuL5nsXP8L8gSoC7n+VSPNHsuK0tOZ3JLXF
ee9641EDYOxrOHt/+fixwmjTeoIrIrrLyxu9iuhNm8Ksc8AfqeMtRESGpxj9BglQ
zqV0d+BW0NJbLiHLYScl+41zYmvUCSUwGyUfGJCvbT3brYTwIrwD39coGG0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:15 2025 by rpki-client