Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/233/w6v7yydptDXSZ48j16_eXtT0ihA.roa
File: w6v7yydptDXSZ48j16_eXtT0ihA.roa (raw, json)
Hash identifier: CWsOZMP55Xzr2Prr/bR0hScMOPX06WSPiTnRdohDoiE=
Subject key identifier: C3:AB:FB:CB:27:69:B4:35:D2:67:8F:23:D7:AF:DE:5E:D4:F4:8A:10
Certificate issuer: /CN=AF3AF4D01F0CD056F0E3F698800B223AEE773D20
Certificate serial: 21E9
Authority key identifier: AF:3A:F4:D0:1F:0C:D0:56:F0:E3:F6:98:80:0B:22:3A:EE:77:3D:20
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rzr00B8M0Fbw4_aYgAsiOu53PSA.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/w6v7yydptDXSZ48j16_eXtT0ihA.roa
Signing time: Tue 07 Jan 2025 06:55:38 +0000
ROA not before: Tue 07 Jan 2025 06:55:38 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 7468
IP address blocks: 2401:2a00::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8681 (0x21e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=AF3AF4D01F0CD056F0E3F698800B223AEE773D20
Validity
Not Before: Jan 7 06:55:38 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=C3ABFBCB2769B435D2678F23D7AFDE5ED4F48A10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5b:20:87:be:96:f2:07:c0:f2:fd:dd:c3:4b:
a8:bf:b9:4e:73:aa:bc:41:17:3e:67:a6:d3:b0:dd:
4e:9f:9d:27:dd:f8:9e:61:66:94:f7:98:8c:fc:1f:
ed:a0:25:3f:71:da:ee:8d:46:20:dc:6d:02:e0:11:
4a:a5:64:38:d5:16:3e:1e:7d:31:bf:4b:22:13:ba:
44:79:a2:b7:0d:1e:f7:44:09:c1:8a:7c:d7:35:1a:
7f:dd:f8:57:09:c0:ec:32:00:69:05:92:82:36:37:
6b:2b:44:0c:f0:72:80:79:52:fa:e1:9a:24:90:86:
3f:01:5f:59:d5:2e:fb:be:2a:af:74:ae:e5:9e:56:
4a:0e:26:fb:c8:90:56:57:d7:c7:92:41:67:83:f2:
07:a6:db:6f:9c:b3:48:22:e7:74:29:0b:0e:e7:c0:
bb:c1:db:a4:d8:cc:35:da:53:e5:0b:15:cd:1c:72:
dc:a5:71:c4:02:48:6a:b9:31:86:1a:dc:ca:62:b3:
2d:bb:87:e9:94:20:bc:aa:ea:c8:e0:35:17:67:e6:
ef:8c:51:27:87:78:4e:53:06:5d:12:a3:48:74:ab:
be:af:ce:12:52:50:59:cf:99:09:bf:d8:5b:fd:d7:
2f:99:2a:7d:0b:62:26:cb:b8:27:4e:6b:15:2b:51:
8d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:AB:FB:CB:27:69:B4:35:D2:67:8F:23:D7:AF:DE:5E:D4:F4:8A:10
X509v3 Authority Key Identifier:
keyid:AF:3A:F4:D0:1F:0C:D0:56:F0:E3:F6:98:80:0B:22:3A:EE:77:3D:20
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/rzr00B8M0Fbw4_aYgAsiOu53PSA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rzr00B8M0Fbw4_aYgAsiOu53PSA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/233/w6v7yydptDXSZ48j16_eXtT0ihA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:2a00::/32
Signature Algorithm: sha256WithRSAEncryption
25:e5:af:7d:29:35:7e:35:91:27:30:8f:19:bf:b9:a5:2b:a7:
eb:0f:b2:44:87:5c:ee:37:16:dd:ed:f5:2b:37:3e:ab:34:7c:
64:e3:6e:5c:fd:5b:56:e6:4a:ae:15:dd:c2:d2:c5:ad:48:c7:
f1:e3:96:51:e7:2b:eb:5c:b6:99:76:cd:7d:27:06:d6:35:61:
97:22:73:2b:1f:ee:10:87:c5:5f:cf:48:4c:3d:af:42:4a:0e:
8d:9e:28:82:7a:96:2f:20:93:92:06:e7:c6:a0:2a:cd:00:8d:
02:92:44:a6:b7:af:74:54:a0:19:e3:1b:89:59:33:32:89:db:
75:4a:4a:17:da:de:b2:b3:2f:fb:9c:52:f2:c1:be:47:b8:27:
1c:53:23:50:9a:f4:b6:a2:17:83:b7:f2:14:68:17:a9:5f:68:
13:37:29:7c:83:1e:6b:e5:2d:0d:08:4e:1b:49:29:13:a6:c3:
2c:01:bf:cb:ee:43:8b:44:aa:cb:13:1e:5e:a3:f5:84:6a:03:
e8:8c:5c:b0:6d:0c:e4:e9:6c:7c:13:ce:ba:be:6e:e9:50:7f:
04:69:d3:97:1e:37:1d:03:c1:6c:c7:9a:14:4d:b4:0e:d7:c6:
97:c9:4b:59:8f:e5:a4:29:00:0d:68:94:7f:4b:42:eb:be:1c:
79:02:da:17
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICIekwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUYz
QUY0RDAxRjBDRDA1NkYwRTNGNjk4ODAwQjIyM0FFRTc3M0QyMDAeFw0yNTAxMDcw
NjU1MzhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEMzQUJGQkNCMjc2OUI0
MzVEMjY3OEYyM0Q3QUZERTVFRDRGNDhBMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNWyCHvpbyB8Dy/d3DS6i/uU5zqrxBFz5nptOw3U6fnSfd+J5h
ZpT3mIz8H+2gJT9x2u6NRiDcbQLgEUqlZDjVFj4efTG/SyITukR5orcNHvdECcGK
fNc1Gn/d+FcJwOwyAGkFkoI2N2srRAzwcoB5UvrhmiSQhj8BX1nVLvu+Kq90ruWe
VkoOJvvIkFZX18eSQWeD8gem22+cs0gi53QpCw7nwLvB26TYzDXaU+ULFc0cctyl
ccQCSGq5MYYa3Mpisy27h+mUILyq6sjgNRdn5u+MUSeHeE5TBl0So0h0q76vzhJS
UFnPmQm/2Fv91y+ZKn0LYibLuCdOaxUrUY1bAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUw6v7yydptDXSZ48j16/eXtT0ihAwHwYDVR0jBBgwFoAUrzr00B8M0Fbw4/aY
gAsiOu53PSAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMz
L3J6cjAwQjhNMEZidzRfYVlnQXNpT3U1M1BTQS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvcnpyMDBCOE0wRmJ3NF9hWWdBc2lPdTUzUFNBLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMzL3c2djd5eWRwdERYU1o0
OGoxNl9lWHRUMGloQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD
BQAkASoAMA0GCSqGSIb3DQEBCwUAA4IBAQAl5a99KTV+NZEnMI8Zv7mlK6frD7JE
h1zuNxbd7fUrNz6rNHxk425c/VtW5kquFd3C0sWtSMfx45ZR5yvrXLaZds19JwbW
NWGXInMrH+4Qh8Vfz0hMPa9CSg6NniiCepYvIJOSBufGoCrNAI0CkkSmt690VKAZ
4xuJWTMyidt1SkoX2t6ysy/7nFLywb5HuCccUyNQmvS2oheDt/IUaBepX2gTNyl8
gx5r5S0NCE4bSSkTpsMsAb/L7kOLRKrLEx5eo/WEagPojFywbQzk6Wx8E866vm7p
UH8EadOXHjcdA8Fsx5oUTbQO18aXyUtZj+WkKQANaJR/S0Lrvhx5AtoX
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:08 2025 by rpki-client