Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2815/_ley7e5obW1PkQ66K5ms5Of8DF4.roa
File: _ley7e5obW1PkQ66K5ms5Of8DF4.roa (raw, json)
Hash identifier: eNteG0u5g1cC2q7QYrGr8WcSp4dt9Qp/UC7ykOS0sRs=
Subject key identifier: FE:57:B2:ED:EE:68:6D:6D:4F:91:0E:BA:2B:99:AC:E4:E7:FC:0C:5E
Certificate issuer: /CN=6E0ECC3BB7C7B01BE09A1189FBD223579E75A39F
Certificate serial: 20
Authority key identifier: 6E:0E:CC:3B:B7:C7:B0:1B:E0:9A:11:89:FB:D2:23:57:9E:75:A3:9F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/bg7MO7fHsBvgmhGJ-9IjV551o58.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/_ley7e5obW1PkQ66K5ms5Of8DF4.roa
Signing time: Fri 28 Jun 2024 08:29:07 +0000
ROA not before: Fri 28 Jun 2024 08:29:07 +0000
ROA not after: Sat 28 Jun 2025 06:53:05 +0000
asID: 132019
IP address blocks: 2405:f580::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32 (0x20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6E0ECC3BB7C7B01BE09A1189FBD223579E75A39F
Validity
Not Before: Jun 28 08:29:07 2024 GMT
Not After : Jun 28 06:53:05 2025 GMT
Subject: CN=FE57B2EDEE686D6D4F910EBA2B99ACE4E7FC0C5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:55:76:7d:4e:ba:6d:8a:38:c5:c7:32:9e:37:
02:d5:32:0b:2e:b5:4f:a4:1a:c6:0d:12:d1:6c:9e:
ef:8e:e5:6e:5e:ce:66:fa:81:e8:ac:66:e7:88:7d:
c2:bc:44:c3:d7:bf:87:e9:6e:d4:29:76:10:83:25:
4b:30:38:27:99:d8:34:ef:ac:cc:2c:bb:97:7d:cd:
f1:62:86:51:be:57:e5:76:f0:2b:f4:df:68:d5:6c:
1c:c7:f3:a7:02:9a:e2:31:b8:6b:97:38:a2:61:9e:
d6:05:49:06:c8:1a:80:6c:c7:96:24:d9:b8:e7:e3:
d5:28:8a:0c:eb:fd:c7:e6:e4:5b:d7:1c:c8:20:17:
f6:bf:87:f0:b5:ec:11:b1:b9:9c:95:0c:8d:26:54:
fa:be:07:23:fd:3f:9c:ef:2b:5b:5a:cc:8f:60:77:
5c:c2:6f:c9:bf:f2:cc:0e:0b:62:17:1a:27:01:71:
5d:c9:54:6c:a7:f9:50:d6:80:97:cd:cb:fa:ec:23:
98:da:c0:01:72:c0:6e:b2:56:b4:af:96:de:56:9e:
54:c0:78:60:1a:2c:af:3c:52:d5:70:2d:16:94:7a:
9c:41:4b:12:68:52:d5:e7:ff:74:3a:07:1d:be:a3:
dd:75:aa:13:dd:22:e7:d8:76:83:ce:79:4d:07:4f:
40:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:57:B2:ED:EE:68:6D:6D:4F:91:0E:BA:2B:99:AC:E4:E7:FC:0C:5E
X509v3 Authority Key Identifier:
keyid:6E:0E:CC:3B:B7:C7:B0:1B:E0:9A:11:89:FB:D2:23:57:9E:75:A3:9F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/bg7MO7fHsBvgmhGJ-9IjV551o58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/bg7MO7fHsBvgmhGJ-9IjV551o58.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/_ley7e5obW1PkQ66K5ms5Of8DF4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:f580::/32
Signature Algorithm: sha256WithRSAEncryption
99:b5:91:62:9c:4e:6f:6f:e9:08:f7:ae:a0:78:c6:48:31:74:
8e:56:4c:c8:9e:40:13:63:23:62:6c:85:80:28:c8:e8:df:78:
2c:f4:7a:63:99:01:f8:b9:fc:bf:19:29:43:36:0f:33:05:72:
d0:8f:02:ff:86:58:c1:72:17:4f:ea:d1:fb:0b:25:ab:fb:3c:
31:ea:aa:b9:5e:3c:39:ee:ac:73:07:d1:b3:86:94:15:64:51:
38:14:e9:cd:8d:5c:59:50:c2:ee:9f:29:2b:f2:44:05:3a:2c:
e1:9e:a5:a3:7e:c8:95:14:bb:08:2f:4b:d9:7f:d2:77:e4:8d:
c9:9c:21:7f:40:fc:b9:d6:6d:cd:8b:8d:a5:80:91:e9:88:1f:
21:b2:dd:47:67:ba:19:1c:93:55:ff:e1:aa:1a:5a:97:69:eb:
94:4a:56:6a:2c:90:13:0a:28:27:e1:93:be:02:48:0e:be:3f:
40:6e:2b:54:4f:61:7f:4e:13:01:da:22:b5:e6:13:1d:c9:77:
45:cc:93:01:de:5a:15:26:b2:c0:18:c1:b5:56:91:2f:d7:a9:
3d:c7:60:14:4e:51:f5:95:92:46:08:7d:4d:e4:2a:00:bf:0d:
ff:5e:25:39:a1:ba:7b:f1:70:03:45:19:7e:e7:19:d1:f7:02:
e6:95:ff:e0
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIBIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2RTBF
Q0MzQkI3QzdCMDFCRTA5QTExODlGQkQyMjM1NzlFNzVBMzlGMB4XDTI0MDYyODA4
MjkwN1oXDTI1MDYyODA2NTMwNVowMzExMC8GA1UEAxMoRkU1N0IyRURFRTY4NkQ2
RDRGOTEwRUJBMkI5OUFDRTRFN0ZDMEM1RTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANZVdn1Oum2KOMXHMp43AtUyCy61T6Qaxg0S0Wye747lbl7OZvqB
6Kxm54h9wrxEw9e/h+lu1Cl2EIMlSzA4J5nYNO+szCy7l33N8WKGUb5X5XbwK/Tf
aNVsHMfzpwKa4jG4a5c4omGe1gVJBsgagGzHliTZuOfj1SiKDOv9x+bkW9ccyCAX
9r+H8LXsEbG5nJUMjSZU+r4HI/0/nO8rW1rMj2B3XMJvyb/yzA4LYhcaJwFxXclU
bKf5UNaAl83L+uwjmNrAAXLAbrJWtK+W3laeVMB4YBosrzxS1XAtFpR6nEFLEmhS
1ef/dDoHHb6j3XWqE90i59h2g855TQdPQOMCAwEAAaOCAfQwggHwMB0GA1UdDgQW
BBT+V7Lt7mhtbU+RDrormazk5/wMXjAfBgNVHSMEGDAWgBRuDsw7t8ewG+CaEYn7
0iNXnnWjnzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yODE1
L2JnN01PN2ZIc0J2Z21oR0otOUlqVjU1MW81OC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvYmc3TU83ZkhzQnZnbWhHSi05SWpWNTUxbzU4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgxNS9fbGV5N2U1b2JXMVBr
UTY2SzVtczVPZjhERjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJAX1gDANBgkqhkiG9w0BAQsFAAOCAQEAmbWRYpxOb2/pCPeuoHjGSDF0jlZM
yJ5AE2MjYmyFgCjI6N94LPR6Y5kB+Ln8vxkpQzYPMwVy0I8C/4ZYwXIXT+rR+wsl
q/s8MeqquV48Oe6scwfRs4aUFWRROBTpzY1cWVDC7p8pK/JEBTos4Z6lo37IlRS7
CC9L2X/Sd+SNyZwhf0D8udZtzYuNpYCR6YgfIbLdR2e6GRyTVf/hqhpal2nrlEpW
aiyQEwooJ+GTvgJIDr4/QG4rVE9hf04TAdoiteYTHcl3RcyTAd5aFSaywBjBtVaR
L9epPcdgFE5R9ZWSRgh9TeQqAL8N/14lOaG6e/FwA0UZfucZ0fcC5pX/4A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:06 2025 by rpki-client