Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/NUkHOx0MM_UhSf4mXaEd7TlPWEE.roa
File: NUkHOx0MM_UhSf4mXaEd7TlPWEE.roa (raw, json)
Hash identifier: mX8XLeO+zszvnK60l0trG+zbEKC3ubHM+ob7incrUTg=
Subject key identifier: 35:49:07:3B:1D:0C:33:F5:21:49:FE:26:5D:A1:1D:ED:39:4F:58:41
Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32
Certificate serial: 1BF1
Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/NUkHOx0MM_UhSf4mXaEd7TlPWEE.roa
Signing time: Fri 17 Jan 2025 01:27:16 +0000
ROA not before: Fri 17 Jan 2025 01:27:16 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 140293
IP address blocks: 2404:6380::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7153 (0x1bf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32
Validity
Not Before: Jan 17 01:27:16 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=3549073B1D0C33F52149FE265DA11DED394F5841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c8:42:aa:84:71:6a:9c:47:4b:96:8d:c1:b4:
4d:be:14:06:b1:71:04:36:43:e6:83:da:8b:24:ea:
8b:e4:db:25:a1:03:7e:eb:54:a7:1e:f5:45:36:a3:
b8:cc:fa:8b:08:e3:75:b7:40:23:1e:89:62:4a:eb:
02:ce:4e:4a:92:76:96:11:db:94:d7:93:cb:04:43:
76:98:7c:ff:24:66:91:ed:8b:c6:68:ba:ed:04:40:
a3:06:c1:51:4e:fa:09:ed:d7:40:b8:f7:da:0a:74:
8c:2d:84:af:cd:2c:15:bd:09:cf:0e:8e:a5:4c:87:
b5:41:fb:d1:61:3a:2f:47:66:f1:71:ae:76:84:2e:
52:68:55:01:e1:d6:ef:cf:d8:26:cc:d2:65:89:95:
ac:d5:87:92:dd:f8:2d:07:69:e0:21:6b:6c:22:9d:
84:c1:63:17:2f:08:65:54:f3:64:a7:50:4b:3b:4c:
41:b6:bb:83:7f:4d:59:f2:35:95:80:16:00:cd:27:
38:02:d5:46:54:72:6a:3f:1e:24:ca:a0:07:ed:94:
11:99:aa:55:d0:69:01:e0:e4:0e:5b:0d:74:3f:af:
90:5f:8e:8c:38:8b:87:6c:a6:73:1a:26:4e:13:cf:
c8:73:5e:48:a0:6b:63:22:8a:f5:30:90:25:d8:18:
5a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:49:07:3B:1D:0C:33:F5:21:49:FE:26:5D:A1:1D:ED:39:4F:58:41
X509v3 Authority Key Identifier:
keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/NUkHOx0MM_UhSf4mXaEd7TlPWEE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:6380::/32
Signature Algorithm: sha256WithRSAEncryption
bd:57:11:ac:cf:3b:6d:fd:b7:5c:63:75:c2:79:2d:10:40:25:
84:82:28:6c:d2:c7:6d:79:c9:ed:71:c4:d1:b9:b3:9f:3e:a6:
51:83:65:73:58:ca:68:71:2f:0f:7c:43:35:45:fe:f1:73:03:
d3:3a:72:cb:f4:5d:ec:6e:5f:ee:9d:b4:4a:b6:62:f8:22:c1:
a1:5d:0e:cd:95:10:d8:80:34:21:3b:49:90:fc:87:02:c5:2a:
37:0d:49:fb:44:cc:45:2f:d2:dd:75:8d:43:7f:72:d6:93:35:
1f:70:04:27:dc:47:1f:d0:f1:66:ac:83:75:16:fd:27:b2:b2:
7f:ff:6a:77:db:73:fd:38:5d:42:bd:04:32:9a:cb:03:f3:b8:
fa:a2:27:5e:a9:ba:d1:68:b4:2a:66:4a:cb:38:d4:89:b8:fc:
88:d9:7b:ea:85:71:9c:88:7a:fb:78:84:98:a6:43:91:bb:15:
9a:29:ff:0c:6d:71:53:ea:b5:70:b2:d5:6f:ab:97:82:6f:c9:
ef:d3:31:26:27:d5:32:22:c3:13:59:e1:40:87:30:8c:3e:be:
da:65:56:95:e5:a5:aa:a8:13:17:07:18:b4:85:e2:d5:8e:63:
9c:2e:85:69:86:ea:59:35:93:53:f9:f2:a1:cd:86:35:33:27:
fd:56:78:81
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICG/EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx
MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNTAxMTcw
MTI3MTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM1NDkwNzNCMUQwQzMz
RjUyMTQ5RkUyNjVEQTExREVEMzk0RjU4NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtyEKqhHFqnEdLlo3BtE2+FAaxcQQ2Q+aD2osk6ovk2yWhA37r
VKce9UU2o7jM+osI43W3QCMeiWJK6wLOTkqSdpYR25TXk8sEQ3aYfP8kZpHti8Zo
uu0EQKMGwVFO+gnt10C499oKdIwthK/NLBW9Cc8OjqVMh7VB+9FhOi9HZvFxrnaE
LlJoVQHh1u/P2CbM0mWJlazVh5Ld+C0HaeAha2winYTBYxcvCGVU82SnUEs7TEG2
u4N/TVnyNZWAFgDNJzgC1UZUcmo/HiTKoAftlBGZqlXQaQHg5A5bDXQ/r5Bfjow4
i4dspnMaJk4Tz8hzXkiga2MiivUwkCXYGFr1AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUNUkHOx0MM/UhSf4mXaEd7TlPWEEwHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ
+wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy
OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvTlVrSE94ME1NX1Vo
U2Y0bVhhRWQ3VGxQV0VFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQEY4AwDQYJKoZIhvcNAQELBQADggEBAL1XEazPO239t1xjdcJ5LRBAJYSC
KGzSx215ye1xxNG5s58+plGDZXNYymhxLw98QzVF/vFzA9M6csv0XexuX+6dtEq2
YvgiwaFdDs2VENiANCE7SZD8hwLFKjcNSftEzEUv0t11jUN/ctaTNR9wBCfcRx/Q
8Wasg3UW/Seysn//anfbc/04XUK9BDKaywPzuPqiJ16putFotCpmSss41Im4/IjZ
e+qFcZyIevt4hJimQ5G7FZop/wxtcVPqtXCy1W+rl4Jvye/TMSYn1TIiwxNZ4UCH
MIw+vtplVpXlpaqoExcHGLSF4tWOY5wuhWmG6lk1k1P58qHNhjUzJ/1WeIE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:26 2025 by rpki-client